sudaneseonline.com Open in urlscan Pro
2606:4700:20::ac43:4b3e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.sudaneseonline.com/
Effective URL:
https://sudaneseonline.com/
Submission: On February 12 via manual (February 12th 2021, 3:09:17 am UTC) from JP

Summary HTTP 261 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 31 domains to perform 261 HTTP transactions. The main IP is 2606:4700:20::ac43:4b3e, located in United States and belongs to CLOUDFLARENET, US. The main domain is sudaneseonline.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 17th 2020. Valid for: a year.

This is the only time sudaneseonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23 89	2606:4700:20:... 2606:4700:20::ac43:4b3e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
55	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	13.35.253.7 13.35.253.7	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1 3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
5 6	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
59	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	195.154.113.34 195.154.113.34	12876 (Online SAS) (Online SAS)
1	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
8 33	2606:4700::68... 2606:4700::6812:fb0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	163.172.80.128 163.172.80.128	12876 (Online SAS) (Online SAS)
1	163.172.91.236 163.172.91.236	12876 (Online SAS) (Online SAS)
2	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
1	145.239.131.51 145.239.131.51	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3030::6815:1146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::6815:1d27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.91.224.95 51.91.224.95	16276 (OVH) (OVH)
7	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1 3	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:612... 2600:1f18:612b:4216:c290:4128:6be:3247	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
261	37

89 2606:4700:20::ac43:4b3e (United States) 23 redirects

ASN13335 (CLOUDFLARENET, US)

www.sudaneseonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sudaneseonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.7 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-7.fra6.r.cloudfront.net

xslt.alexa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

bp1.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.154.113.34 (France)

ASN12876 (Online SAS, FR)
PTR: 195-154-113-34.rev.poneytelecom.eu

e.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2606:4700::6812:fb0 (United States) 8 redirects

ASN13335 (CLOUDFLARENET, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-media-cache-ak0.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.172.80.128 (France)

ASN12876 (Online SAS, FR)
PTR: rev-163-172-80-128.embersyndicate.com

b.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.172.91.236 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-91-236.rev.poneytelecom.eu

h.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.131.51 (France)

ASN16276 (OVH, FR)
PTR: i.ibb.co

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:1146 (United States)

ASN13335 (CLOUDFLARENET, US)

a7sas.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:1d27 (United States)

ASN13335 (CLOUDFLARENET, US)

www6.0zz0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.91.224.95 (France)

ASN16276 (OVH, FR)
PTR: i.postimg.cc

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:c290:4128:6be:3247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
89	sudaneseonline.com 23 redirects www.sudaneseonline.com sudaneseonline.com	657 KB
82	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	818 KB
33	pinimg.com 8 redirects i.pinimg.com s-media-cache-ak0.pinimg.com	4 MB
30	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	209 KB
8	google-analytics.com 1 redirects www.google-analytics.com google-analytics.com ssl.google-analytics.com	62 KB
7	ampproject.org cdn.ampproject.org	122 KB
7	googletagservices.com www.googletagservices.com	224 KB
7	google.com 5 redirects www.google.com adservice.google.com	2 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	39 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	top4top.io e.top4top.io b.top4top.io h.top4top.io	209 KB
3	google.de www.google.de adservice.google.de	1 KB
2	2mdn.net s0.2mdn.net	211 KB
2	twimg.com pbs.twimg.com	89 KB
2	facebook.net connect.facebook.net	60 KB
1	tremorhub.com partners.tremorhub.com	183 B
1	postimg.cc i.postimg.cc	11 KB
1	0zz0.com www6.0zz0.com	10 KB
1	a7sas.net a7sas.net	48 KB
1	ibb.co i.ibb.co	395 KB
1	wp.com i2.wp.com	14 KB
1	imgur.com i.imgur.com	238 KB
1	blogspot.com 1.bp.blogspot.com	22 KB
1	blogger.com 1 redirects bp1.blogger.com	407 B
1	googleadservices.com partner.googleadservices.com	646 B
1	facebook.com www.facebook.com
1	jquery.com code.jquery.com	77 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	alexa.com xslt.alexa.com	622 B
1	cloudflare.com ajax.cloudflare.com	5 KB
0	Failed function sub() { [native code] }. Failed
261	31

	Domain	Requested by
67	sudaneseonline.com	1 redirects sudaneseonline.com code.jquery.com
59	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net sudaneseonline.com
25	i.pinimg.com
24	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net sudaneseonline.com
23	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com sudaneseonline.com
22	www.sudaneseonline.com	22 redirects
8	s-media-cache-ak0.pinimg.com	8 redirects
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
7	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	www.google.com	5 redirects
4	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.google-analytics.com	sudaneseonline.com www.google-analytics.com www.googletagmanager.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	ssl.google-analytics.com	1 redirects sudaneseonline.com
2	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	s0.2mdn.net	googleads.g.doubleclick.net tpc.googlesyndication.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	pbs.twimg.com
2	www.google.de
2	stats.g.doubleclick.net	1 redirects www.google-analytics.com
2	connect.facebook.net	sudaneseonline.com connect.facebook.net
1	partners.tremorhub.com	googleads.g.doubleclick.net
1	i.postimg.cc
1	www6.0zz0.com
1	a7sas.net
1	i.ibb.co
1	h.top4top.io
1	b.top4top.io
1	i2.wp.com
1	i.imgur.com
1	e.top4top.io
1	1.bp.blogspot.com
1	bp1.blogger.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.facebook.com	connect.facebook.net
1	code.jquery.com	ajax.cloudflare.com
1	www.googletagmanager.com	ajax.cloudflare.com
1	xslt.alexa.com	ajax.cloudflare.com
1	google-analytics.com	ajax.cloudflare.com
1	ajax.cloudflare.com	sudaneseonline.com
0	http Failed
261	44

This site contains links to these domains. Also see Links.

Domain
youtube.com
instagram.com
pinterest.com
www.linkedin.com
twitter.com
facebook.com
plus.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
top4top.io R3	`2021-01-24` - `2021-04-24`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.pinimg.com DigiCert SHA2 High Assurance Server CA	`2020-05-28` - `2021-06-14`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
ibb.co R3	`2021-02-02` - `2021-05-03`	3 months	crt.sh
postimg.cc R3	`2021-01-17` - `2021-04-17`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://sudaneseonline.com/
Frame ID: 93C517990EC96EAE76D61FE53E6D432B
Requests: 137 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html
Frame ID: 7932D88C904E4390691464B0FDE0D96C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&adk=1812271804&adf=3025194257&lmt=1613099326&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsudaneseonline.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1613099326428&bpp=12&bdt=195&idt=118&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8578429790685&frm=20&pv=2&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=136
Frame ID: D171E9C2FB6685AEC6E7BBB550DD2037
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1613099326&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326440&bpp=3&bdt=208&idt=132&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=579&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OnrDWJSVsf&p=https%3A//sudaneseonline.com&dtd=138
Frame ID: 14EB9E44C72AABEB9F443DC6B028D801
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326443&bpp=1&bdt=211&idt=138&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=15CpttunXO&p=https%3A//sudaneseonline.com&dtd=142
Frame ID: 527170294041EA2A9C86D7930E05F4BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
Frame ID: 6D107E21284803A6B0540B2845FA019E
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159
Frame ID: C39773F087355E97F46C923455CAAB3F
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=213&idt=161&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=951&ady=648&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8gBc2GFOE0&p=https%3A//sudaneseonline.com&dtd=165
Frame ID: 35156801866C6B1E07738D79DEFCE22E
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326521&bpp=1&bdt=289&idt=92&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=101&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=NLEZR4164z&p=https%3A//sudaneseonline.com&dtd=95
Frame ID: 1028D348463B726BC4C2B0477780089C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=600&slotname=0328297630&adk=2265731008&adf=2802248822&pi=t.ma~as.0328297630&w=120&lmt=1613099326&psa=0&format=120x600&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&adsid=NT&dt=1613099326522&bpp=1&bdt=289&idt=135&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=801&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&fsb=1&xpc=DQqfYcNoPO&p=https%3A//sudaneseonline.com&dtd=138
Frame ID: 0052315AE1C57E05BFAB61A2618C0FBC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: D4B103FD7FE45B5C23D2DB882CE21B00
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/index.html
Frame ID: 7EC862063286C7166F603E8706636136
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 065A926A761393701AD62EAF243A2644
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-8yQIQ78_RAhiPvemXATAB&v=APEucNUYRp1oTqXGD5puejz-M8oqmy5Iq5WcTasr8hE-sFPNdsyIF7lNgvOn5gbHtZ5h7fUk4m9ieQVqUVrfDQb-giTgeUll-YZ-GDj7hx-WeVCwM_XZgH71xGeFu9_cxBQJ0W0kaGaB
Frame ID: BCD6343997BC84A19B6E1EEB7E82EFA5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16239051499483693056/index.html
Frame ID: 6A6D2B264C1F539DC223F6630DDF3F00
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A27A9CE2AEA409F0FA969120EDC71367
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/index.html
Frame ID: 641C0D1442395429245D6F81F2B412C4
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C3pbWPvElYNzQJciCx_AP27i7yAPwjfOhYfiQ2IviDLHf8Z39GxABIIqBwANglQKgAcyZnfgCyAEJqQIU1nANwlq0PqgDAcgDSKoExAFP0Kt9It7CQHi5BT2u5vmMMK0UzzwPuJ2qkIT3VKwMcnkiV5WtemSFRGq4dzqT6yyH7yIm72fhJmsK5BhxQ0SrB85ugPb7y9-aCZD_VoqhTtyz8KUDnfjZojL7jqU2BC5LVfTQelLqAz1fQakZenS-bDqzfnxTpsbnOXoJWxec77md0vvW7lpNY9KdUiNsde1DiKM8_mpHdRnXWiNA4TDaFAZDKy7OyTLOy5MSA-TPN5OSbTY49N_kniUDoyEyy2uw8dIFwAS_tL_bogOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHs8SamAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ3-0K0ggJCIDhgBAQARgfgAoByAsB2BMNiBQCshcaChgIABIUcHViLTk4NjI2NjUxNjk4MzM1ODY&sigh=mHSAaheZymM&template_id=419&tpd=AGWhJmsyxIY-AwhNuNcx8CT2NpmHhtPuaUTe7T-uSrvuxPCFjw
Frame ID: A996A8BFE907EE47B0EED9F88FFC5D88
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/index.html
Frame ID: 3170534A7CE0410C561A8DAB3B50BE2B
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CjIXvPvElYLa5J5Ozx_AP4tWAiAaL49umYefOvbTKDPSFrqGoERABIIqBwANglQKgAdeX7LoCyAEJqQKLZTd0flm0PqgDAcgDSKoExAFP0E-HHr1JspcvPvf4Odw-ujmofXNbFf4vZOW0lVOI9NUdmfCXoWCSoHE11Ivjxu9dBvY9pOlFYPmFRjra3Jh1rjv2N1xOdPpW7ecJHz5W9vQL856fv3XDLua3xyssbC_7ykgy0bn0CuTXMAIDVaJq1mlKijsKpoh53mH9g0rh27rbT1Va9ZmLIeWbdskCT7gBbh27SvRQyRxXmQxXFD42qpO3PEeWNMWTwQX3dCulo9O5L5LFynO-WkdgYm4rquqmeUrDwAT6rojj3gKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHkeiTxQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ-5gB0ggJCIDhgBAQARgfgAoByAsB2BMNiBQBshcaChgIABIUcHViLTk4NjI2NjUxNjk4MzM1ODY&sigh=s9Pc5ApZqog&template_id=419&tpd=AGWhJmtctTQeR3NbphCHk9ewcQYH17UbfS0_S4dRZMjjhWyxSw
Frame ID: 9DBD2D19689096FBB5C4C7E73550CF5A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 01D5459C75219FA7A60DD3E282596F73
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 39CCE3FFC56CF5CD1820295E0AC79B98
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 88C4780ECD8A53117767AC2AB5603896
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1
Frame ID: 46A8254FB97FBC6B02F6BFA7E7187941
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Frame ID: 65842044481ECB199126F9AD978EFC45
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js
Frame ID: 3CFB34935D8BEB0F12445013F0E1D636
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.sudaneseonline.com/ HTTP 301
https://www.sudaneseonline.com/ HTTP 301
http://sudaneseonline.com/ HTTP 301
https://sudaneseonline.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

261
Requests

99 %
HTTPS

73 %
IPv6

31
Domains

44
Subdomains

37
IPs

6
Countries

7661 kB
Transfer

10445 kB
Size

4
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://youtube.com/sudaneseonline/videos

Search URL Search Domain Scan URL

URL: https://instagram.com/sudaneseonline
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/sudaneseonline/pins/
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/sudaneseonline

Search URL Search Domain Scan URL

URL: https://twitter.com/sudaneseonline1

Search URL Search Domain Scan URL

URL: https://facebook.com/sudaneseonline
Title:

Search URL Search Domain Scan URL

URL: https://plus.google.com/+SudaneseOnline
Title: Google+

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.sudaneseonline.com/ HTTP 301
https://www.sudaneseonline.com/ HTTP 301
http://sudaneseonline.com/ HTTP 301
https://sudaneseonline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=313597730&utmhn=sudaneseonline.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D8%B3%D9%88%D8%AF%D8%A7%D9%86%D9%8A%D8%B2%D8%A7%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86%3ASudanese%20Online&utmhid=605764342&utmr=-&utmp=%2F&utmht=1613099326411&utmac=UA-251719-1&utmcc=__utma%3D24067384.687507642.1613099326.1613099326.1613099326.1%3B%2B__utmz%3D24067384.1613099326.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=312345284&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-251719-1&cid=687507642.1613099326&jid=312345284&_v=5.7.2&z=313597730 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=687507642.1613099326&jid=312345284&_v=5.7.2&z=313597730 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=687507642.1613099326&jid=312345284&_v=5.7.2&z=313597730&slf_rd=1&random=3154423706

Request Chain 68

https://bp1.blogger.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg HTTP 301
https://1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg

Request Chain 71

https://www.sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg HTTP 301
https://sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg

Request Chain 74

https://www.sudaneseonline.com/db/avatars/00000asudaneseonline.jpg HTTP 301
https://sudaneseonline.com/db/avatars/00000asudaneseonline.jpg

Request Chain 75

https://www.sudaneseonline.com/uploadpic10/May/mamanadwa.jpg HTTP 301
https://sudaneseonline.com/uploadpic10/May/mamanadwa.jpg

Request Chain 76

https://www.sudaneseonline.com/db/avatars/drawings_il_340x270.375184795_gkx2_766470924.jpg HTTP 301
https://sudaneseonline.com/db/avatars/drawings_il_340x270.375184795_gkx2_766470924.jpg

Request Chain 78

https://www.sudaneseonline.com/db/avatars/drawings_images_891866785.jpeg HTTP 301
https://sudaneseonline.com/db/avatars/drawings_images_891866785.jpeg

Request Chain 85

https://www.sudaneseonline.com/uploadpic14/nov/1377132_660215000757843_8051103474068476735_n.jpg HTTP 301
https://sudaneseonline.com/uploadpic14/nov/1377132_660215000757843_8051103474068476735_n.jpg

Request Chain 91

https://www.sudaneseonline.com/uploadpic15/sep/11898683_1124830430878761_4931903866995045619_n.jpg HTTP 301
https://sudaneseonline.com/uploadpic15/sep/11898683_1124830430878761_4931903866995045619_n.jpg

Request Chain 107

https://www.sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg HTTP 301
https://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg

Request Chain 111

https://s-media-cache-ak0.pinimg.com/originals/c4/fe/bb/c4febb7d361abfef7763ccb68406db37.jpg HTTP 301
https://i.pinimg.com/originals/c4/fe/bb/c4febb7d361abfef7763ccb68406db37.jpg

Request Chain 112

https://www.sudaneseonline.com/files/daily-writer/Ayyoub_Othman_118876582.jpg HTTP 301
https://sudaneseonline.com/files/daily-writer/Ayyoub_Othman_118876582.jpg

Request Chain 113

https://s-media-cache-ak0.pinimg.com/736x/80/c3/dc/80c3dce5efbc748d66aacdda6fe6996f.jpg HTTP 301
https://i.pinimg.com/736x/80/c3/dc/80c3dce5efbc748d66aacdda6fe6996f.jpg

Request Chain 114

https://www.sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg HTTP 301
https://sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg

Request Chain 115

https://s-media-cache-ak0.pinimg.com/originals/e2/6b/7e/e26b7ebb6bdfa8fd1f2ccff54674a2ae.jpg HTTP 301
https://i.pinimg.com/originals/e2/6b/7e/e26b7ebb6bdfa8fd1f2ccff54674a2ae.jpg

Request Chain 117

https://www.sudaneseonline.com/files/daily-writer/hassan_elgizuli1_473596400.jpg HTTP 301
https://sudaneseonline.com/files/daily-writer/hassan_elgizuli1_473596400.jpg

Request Chain 118

https://www.sudaneseonline.com/files/daily-writer/abdalla_algam1_968465557.jpg HTTP 301
https://sudaneseonline.com/files/daily-writer/abdalla_algam1_968465557.jpg

Request Chain 120

https://www.sudaneseonline.com/files/______________________618378484.jpg HTTP 301
https://sudaneseonline.com/files/______________________618378484.jpg

Request Chain 124

https://s-media-cache-ak0.pinimg.com/736x/45/a4/4b/45a44ba5f3b5e97ed55d9965fa5f813c.jpg HTTP 301
https://i.pinimg.com/736x/45/a4/4b/45a44ba5f3b5e97ed55d9965fa5f813c.jpg

Request Chain 125

https://www.sudaneseonline.com/uploadpic14/mar/binmair.jpg HTTP 301
https://sudaneseonline.com/uploadpic14/mar/binmair.jpg

Request Chain 126

https://s-media-cache-ak0.pinimg.com/originals/4d/b1/b7/4db1b7dfdbb2c09a3cb35c13008c7315.jpg HTTP 301
https://i.pinimg.com/originals/4d/b1/b7/4db1b7dfdbb2c09a3cb35c13008c7315.jpg

Request Chain 128

https://s-media-cache-ak0.pinimg.com/originals/d6/f3/c4/d6f3c45031f7b6a5b1e38579d337792b.jpg HTTP 301
https://i.pinimg.com/originals/d6/f3/c4/d6f3c45031f7b6a5b1e38579d337792b.jpg

Request Chain 129

https://www.sudaneseonline.com/db/avatars/drawings_images__1__710491940.jpeg HTTP 301
https://sudaneseonline.com/db/avatars/drawings_images__1__710491940.jpeg

Request Chain 132

https://s-media-cache-ak0.pinimg.com/originals/24/ed/52/24ed5273d5f5f474866c74596e2aba8a.jpg HTTP 301
https://i.pinimg.com/originals/24/ed/52/24ed5273d5f5f474866c74596e2aba8a.jpg

Request Chain 133

https://www.sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg HTTP 301
https://sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg

Request Chain 135

https://www.sudaneseonline.com/uploadpic14/mar/idris1.jpg HTTP 301
https://sudaneseonline.com/uploadpic14/mar/idris1.jpg

Request Chain 137

https://www.sudaneseonline.com/files/daily-writer/Salim_Dekin_948126226.jpg HTTP 301
https://sudaneseonline.com/files/daily-writer/Salim_Dekin_948126226.jpg

Request Chain 143

https://www.sudaneseonline.com/english/files/cover/1nur_131441372.jpg HTTP 301
https://sudaneseonline.com/english/files/cover/1nur_131441372.jpg

Request Chain 144

https://www.sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg HTTP 301
https://sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg

Request Chain 145

https://s-media-cache-ak0.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg HTTP 301
https://i.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg

Request Chain 218

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_sc&google_dbm HTTP 302
https://partners.tremorhub.com/sync?UIGL=CAESEGJLV-PrsF8HDhAG5XEegVk&google_cver=1

Request Chain 229

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 235

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 245

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 247

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

261 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sudaneseonline.com/
Redirect Chain

http://www.sudaneseonline.com/
https://www.sudaneseonline.com/
http://sudaneseonline.com/
https://sudaneseonline.com/

38 KB
9 KB

15ms
13ms

Document
text/html

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 19ab5dbfffb7d167c584dcd1eeb18fc08cae1f8c7cb0f3e15a3ed927b3c7356b

Request headers

:method: GET
:authority: sudaneseonline.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dd6fa8451bff524cbe2b1676c8280658a1613099326
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-type: text/html
cache-control: max-age=10800
expires: Thu, 11 Feb 2021 13:54:52 GMT
vary: Accept-Encoding
x-powered-by: PleskLin
cf-cache-status: HIT
age: 47635
cf-request-id: 0835cf730800002b893f916000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IAtbzgd8Fa56%2BoBklbOm17h%2BsMbu7IjcK8WbO883LFMyI9Zuw0SjIsm0puT0qZJb9PfkmQ737ZksQht7RNr1HfGC4aWxV%2FHmWQs1TCc7gxV8r%2FVlf2HH4ZPDdBvAYYI%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 62031b64d9002b89-FRA
content-encoding: br

Redirect headers

Date: Fri, 12 Feb 2021 03:08:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 12 Feb 2021 04:08:46 GMT
Location: https://sudaneseonline.com/
cf-request-id: 0835cf72f40000d705e4058000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MNnqEw8kOxNCzpgxtgzp%2BfGvBltXsOQsmEsYRmslPCid1PdCuSWqZNYdzYkGl82M7nACgFdOo5UpA2jxVAaI1vnEg1Q%2FtQURwmOOSynv5Q0rT0Qv67LEUV3mcBVIu2Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 62031b64be91d705-FRA

GET
H2 200 5FC2zOw_W9_dNWqSVD1R6XReqLM.js Show response
sudaneseonline.com/cdn-cgi/apps/head/ 6 KB
2 KB 15ms
15ms Script
application/javascript 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cdn-cgi/apps/head/5FC2zOw_W9_dNWqSVD1R6XReqLM.js
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18a0f425e7929f0e35040c31fa34d0ac3584eea98b70d632a2da71554b827583

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 8384830
content-type: application/javascript; charset=utf-8
x-amz-request-id: 77B7CAFE1FFFB8EB
x-amz-id-2: Svo7EQt1h1hVRsXMQCVcYXqtvguxtgDESXPylaU1eJpM1XIJDdr8MYJDriGd1DWM5ycz8KhSJOo=
last-modified: Mon, 24 Jul 2017 16:32:06 GMT
server: cloudflare
etag: W/"71e55573d60eceb049b3e5b8113546ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W9HcdTe9E5%2Fa5ahK8Q61wq0jkrEhL6z0Xh2dQ7W%2Bq3vj8hHVX6m3k3alRa%2BhzgyAqfLRWSNAitM%2BJO%2BJvl0lPaNWJFVL83LLDtXu4QQfRnRANe3Rylb6p2D6G0XZw8A%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-version-id: sMxU3zQi_vRRZ5x5XHHTu9rDvofI_BJ0
cache-control: public, max-age=31536000
cf-request-id: 0835cf731e00002b8922bf4000000001
cf-ray: 62031b64f9172b89-FRA

GET
H2 200 rss2.css
sudaneseonline.com/ 1 KB
702 B 11ms
11ms Stylesheet
text/css 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/rss2.css?v=1.137
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 553184002d49f3197d581f56de0f8ab37d66f0ae73c3f3faa363ac26c56b02e0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 66278
x-powered-by: PleskLin
cf-request-id: 0835cf731e00002b8919a83000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6DDwpqYLc7Khx4E5LkWGSaToBy3wVE6OJzxMaOIlYoyIVwdwGNbyWo21UHA4KDhDRB1xvootuPNaN2JTNV4Xrf1PgvDwnohA%2BZ2QZ28j5TJvcGPFNqqkTxPhvaAM2ks%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=604800
cf-polished: origSize=1392
cf-ray: 62031b64f9152b89-FRA
expires: Sat, 13 Mar 2021 08:44:08 GMT

GET
H2 200 youtube.png
sudaneseonline.com/files/social/ 1 KB
2 KB 11ms
10ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/youtube.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7717de7e2e218e956580963a667c5899e3ea5653cbc1569152330429f38542b5

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 382517
x-powered-by: PleskLin
content-disposition: inline; filename="youtube.webp"
content-length: 1122
cf-request-id: 0835cf732a00002b8949179000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LQUGr%2FBaZ9%2Bfm7CZXJvBhTE65jwm92233rmC1d1OrL98AZhnYIojjRHNFpJZklWJDpszre%2BZ6mxlZATm6doaSQHBzqXzIVvn3Xn6gkgTMuTWe4FTRkXlfUlQ%2BnX5igY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=7708
accept-ranges: bytes
cf-ray: 62031b6519252b89-FRA
expires: Mon, 07 Feb 2022 16:53:29 GMT

GET
H2 200 icon_in.png
sudaneseonline.com/files/social/ 31 KB
32 KB 12ms
11ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/icon_in.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 72a492fc88306b58b590d47f55feb08b11119d149db001980f20ad10846b21a2

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 124088
x-powered-by: PleskLin
content-disposition: inline; filename="icon_in.webp"
content-length: 31788
cf-request-id: 0835cf732e00002b89193e9000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D9zxZDL0TDCIjWDs9YyteGu%2FfUjQovwusIe9wZn2dSVbiA%2F32nHCZKxiPXhStRhgoYhKZ3Q4%2Bl9yME3NzJ0Y5Tn1zYA6bSa3mYnOsMF4e1bWpndOB7FYU%2FEiGuf9bSo%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=57664
accept-ranges: bytes
cf-ray: 62031b6519282b89-FRA
expires: Thu, 10 Feb 2022 16:40:38 GMT

GET
H2 200 pin.png
sudaneseonline.com/files/social/ 526 B
888 B 14ms
12ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/pin.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 72fea3fe50ffbc7bbf4648547ccf1a38ed660ec9971829aae72147845f44f81a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 95177
x-powered-by: PleskLin
content-disposition: inline; filename="pin.webp"
content-length: 526
cf-request-id: 0835cf733300002b896a16b000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ETWKgoe8I3fYYVSOdHFlGHe98gaFQGd5golN9msNPMBlwJ3Cjx0kbPUvf4ZhnEDWN1hhdkASgjoH1A8OhQugZBHogqJcsQ9oNLmnLMPGSYqs9SeNBYS6iNor1LGRxts%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=7134
accept-ranges: bytes
cf-ray: 62031b6519312b89-FRA
expires: Fri, 11 Feb 2022 00:42:29 GMT

GET
H2 200 sudanese.gif
sudaneseonline.com/images/ 7 KB
7 KB 13ms
11ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/sudanese.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 03652ccf25e11afea2e0d5e0a443cbe2b7a201a567d1f9e83d152921b80ebcbb

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 953349
x-powered-by: PleskLin
content-disposition: inline; filename="sudanese.webp"
content-length: 7086
cf-request-id: 0835cf733300002b8960829000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yzUcC8OfLan%2BaeJCTP8XC8p5WxtBQJhcYCQJ9CfgyxnDdiPwncIWttZQfPsQf%2BSnAKJIavbONSH6bN%2B07dy%2B0aVCy5k%2B09pWLGPHE3cUHU%2FT0mRG4o%2BJAcs%2F%2FBN2qa4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=9641
accept-ranges: bytes
cf-ray: 62031b6519322b89-FRA
expires: Tue, 01 Feb 2022 02:19:37 GMT

GET
H2 200 asudanese.gif
sudaneseonline.com/images/ 6 KB
7 KB 15ms
14ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/asudanese.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 719a9c5b70a7847cc11a4cbec622308f61315c4e849d91e3f156fe5790487f76

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 712012
x-powered-by: PleskLin
content-disposition: inline; filename="asudanese.webp"
content-length: 6540
cf-request-id: 0835cf733300002b89828d6000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ecuguQQiQIn2iYtt8BS5eBkCTuH15bKGSsMTp4xaNECGpc8vtYSoeYtObPHPyxtVEJXuNjhdCDe4OlONZpi9cHuiGB%2FYYe2cWXQ9PqyEk8kpQIpXFseJJAyFbxBUK8o%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=8535
accept-ranges: bytes
cf-ray: 62031b6519332b89-FRA
expires: Thu, 03 Feb 2022 21:21:54 GMT

GET
H2 200 linkedin.png
sudaneseonline.com/files/social/ 488 B
910 B 16ms
15ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/linkedin.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8dfce04e20664e11e151528f4f1ba4bb9e75f62c322c67964c70a1abde8db31b

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1289881
x-powered-by: PleskLin
content-disposition: inline; filename="linkedin.webp"
content-length: 488
cf-request-id: 0835cf733300002b89348f4000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cDKUpu1hNQerPqSaeXn99XPTQ2yuNHwR9vN4bRdubS5NF4pQxCcSipLUjM5YN7voYO3DAGdvEnNw%2FVVoAur0kVTmK8aSrbZkmRdDMAlnC1DTLjP32Z1EFSxiLPPh8Is%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=850
accept-ranges: bytes
cf-ray: 62031b6519342b89-FRA
expires: Fri, 28 Jan 2022 04:50:45 GMT

GET
H2 200 chrome_twitter.png
sudaneseonline.com/files/social/ 392 B
926 B 14ms
14ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/chrome_twitter.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 547ac2b7bf734f40cc994c11bbe5643fb7ae0f86442b53694a73a2b7bc550b53

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 716417
x-powered-by: PleskLin
content-disposition: inline; filename="chrome_twitter.webp"
content-length: 392
cf-request-id: 0835cf733600002b891e119000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=smc9jl0YTngwd23X7PXoVnHx1y5LUWyFiRVsUw6K%2FDpfN3P7iGIPbkpGroL6soJJNgmHRuvoMHhp%2FCNJ2CAJZBoGuVbQ%2B5dWHIslxRfU%2BD7Y3nZ87hmaZF9jW8EZbVE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=6946
accept-ranges: bytes
cf-ray: 62031b6529362b89-FRA
expires: Thu, 03 Feb 2022 20:08:29 GMT

GET
H2 200 facebook.png
sudaneseonline.com/files/social/ 612 B
997 B 11ms
11ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/facebook.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 797c26f036647914a3edb42b47186fef5dea31a6d548fa4bf94917c7e17735a2

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 94301
x-powered-by: PleskLin
content-disposition: inline; filename="facebook.webp"
content-length: 612
cf-request-id: 0835cf733b00002b8949b97000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J7CIhw%2B4BrL2roZW7WOA2rjSaZ4zR7vgjjqQCGD1xbtvj2IivenXwjQsbikhUZRjxxngNGcKl0Ya1soRax%2B5Sx9QVVqVDKVROBfP1a8FN3VssDYxpRy901URR%2BZ2u80%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=7013
accept-ranges: bytes
cf-ray: 62031b65293b2b89-FRA
expires: Fri, 11 Feb 2022 00:57:05 GMT

GET
H2 200 halibsudanese.jpg
sudaneseonline.com/db/avatars/ 2 KB
2 KB 11ms
10ms Image
image/jpeg 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/halibsudanese.jpg
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7be91ce97275c300ce632c8e46d84811da453937eb643aa48f63f723fef0153a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 942948
x-powered-by: PleskLin
content-length: 1761
cf-request-id: 0835cf733f00002b8922bf5000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vx%2BlJ4whuF%2FG6ToNdJK8jH%2B7JcN6s3pBE4zGxsjwuDSryol2B1iF25HAPBVQmT4JUFWp3RruO3D1YO6KdZNL0oRpq6KPOlfdHQRHnUA8Brmuv0Wy3enijUtoOkatQW4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 62031b6539422b89-FRA
expires: Tue, 01 Feb 2022 05:12:58 GMT

GET
H2 404 dot.gif
sudaneseonline.com/ 3 KB
3 KB 12ms
11ms Image
text/html 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/dot.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ed7d72de81ce28a49509b04006c99759ce51715d83f38fac7f58ee59313d028a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 28 Nov 2013 07:11:13 GMT
server: cloudflare
age: 166
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pLkXFcTCFRpKbeSU9xNaHuhUcjbMf4KPFPu0VjHpxDpum1mJtUppPcyyZp6cMQYT9IOmrNO3cqF0PlYbe1ko8nTOzu6EjhnpS83CzfL4foII7D8zNkvcgVSfoggFSz0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html
cache-control: max-age=172800
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 62031b6539442b89-FRA
cf-request-id: 0835cf734000002b895d293000000001

GET
H2 200 page_13.gif
sudaneseonline.com/images/ 200 B
722 B 12ms
11ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_13.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c10af103c2513beba5a7397f609106745382adea54bd90b818fa6f4fe8781026

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 709823
x-powered-by: PleskLin
content-disposition: inline; filename="page_13.webp"
content-length: 200
cf-request-id: 0835cf734200002b891c337000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6Kanq3EbyS8TzPrUo0CqMuZQxpmyXZ0WtDnoYtP7BZ4bTUTNWpjJgBRRbO9iIoiwf8Gglqls%2Fg22G6ve4msMoCcKrDppT0A1hwJElbnkxeREkWUB3FUXgOFWBPOMzt0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=222
accept-ranges: bytes
cf-ray: 62031b6539482b89-FRA
expires: Thu, 03 Feb 2022 21:58:23 GMT

GET
H2 200 page_15.gif
sudaneseonline.com/images/ 126 B
550 B 11ms
10ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_15.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d15f56ad8410162f6486e3dddf17ace90b3b3dd10142d29a97d4f26a9b13f9b7

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 99670
x-powered-by: PleskLin
content-disposition: inline; filename="page_15.webp"
content-length: 126
cf-request-id: 0835cf734200002b89151cf000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tWzqVO4FcQ7xEEjnGxEJq0kbFhNyGQyZCpHOGoD11a4PzQp%2FJDq1%2BZwgGGGZL2cwhztgOQy0KCtFURJYFqrYCt%2BpcrUwCI3x5WuKBfi7KsYxI8QDZ%2FZ1zMjs2s9eoJ8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=169
accept-ranges: bytes
cf-ray: 62031b6539492b89-FRA
expires: Thu, 10 Feb 2022 23:27:36 GMT

GET
H2 200 page_17.gif
sudaneseonline.com/images/ 160 B
544 B 10ms
10ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_17.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b112d143d0b935fa4c67ee13a697324083dee7bb17b2ae39edee1753e7160db7

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 712012
x-powered-by: PleskLin
content-disposition: inline; filename="page_17.webp"
content-length: 160
cf-request-id: 0835cf734400002b8984a18000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UF2Zurf8GwXOevjCqdH0vTQdUF7Ych6yyAXPOHAmZfHOnSRJhCCHJj77C9H0BaL2G6rgKqk1f53s8hXy2mqjxVLXBkoj8SaUKqzzR86zIhVF%2Bizyjj9ax3FDSALnY78%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=189
accept-ranges: bytes
cf-ray: 62031b65394a2b89-FRA
expires: Thu, 03 Feb 2022 21:21:54 GMT

GET
H2 200 page_18.gif
sudaneseonline.com/images/ 894 B
1 KB 21ms
21ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_18.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1137d4c1e3478a9652bd6ca78e55ed48335bd330a209cd4ef45d1c54bf8d6c8d

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 556434
x-powered-by: PleskLin
content-disposition: inline; filename="page_18.webp"
content-length: 894
cf-request-id: 0835cf734700002b896d00c000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lp5Z8lphDfzwhXz%2Fh88cF2LHgwHI9LPpl8km4qrJ4E1qVg%2F4QY%2F9LGrxJQydRJ7vilZGXaUHtrNFYybXDl53P4smL5WOQBcZ2GS2VG8%2B61mWHOD%2F4c989mj594LO95E%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=1388
accept-ranges: bytes
cf-ray: 62031b65394d2b89-FRA
expires: Sat, 05 Feb 2022 16:34:51 GMT

GET
H2 200 page_67.gif
sudaneseonline.com/images/ 133 B
495 B 12ms
10ms Image
image/gif 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_67.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: dbf89db2d125549c513937d10e3af603d5aee8ec51bd14c318322c1dc2b97195

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1289881
x-powered-by: PleskLin
content-length: 133
cf-request-id: 0835cf734c00002b89193ea000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tOxBoA1ss3YN4tr2Tdl7VlQqCuUL1oIesdNnmKo93KH76hwn9sxffQa6F8CTrnyDz0G1E%2BaayDM1hWBtt1oklKeiMUBhsCTwWpVQ4sO8lc46xkZY9cRIlJV6eQNqL6w%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cache-control: public, max-age=2592000
cf-polished: origSize=141, status=webp_bigger
accept-ranges: bytes
cf-ray: 62031b6549572b89-FRA
expires: Fri, 28 Jan 2022 04:50:45 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 25ms
9ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0835cf734200002b165f887000000001
last-modified: Tue, 09 Feb 2021 14:27:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60229bea-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FEad9RhVVWDVlLJqMjvllE5uOmGiruTKAqe9kcbrFy9ZdpnWW4HH97HzBm8aF1HVg9m5BNMWewbJ4FMBBiO%2F8BZR2HEpGABjFXwFJ9mMoAUXAnhntl%2FagOJn6fll%2FOF4"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 62031b653ca62b16-FRA
expires: Sun, 14 Feb 2021 03:08:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/cdn-cgi/apps/head/5FC2zOw_W9_dNWqSVD1R6XReqLM.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6219
date: Fri, 12 Feb 2021 01:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 03:25:07 GMT

GET
H2 200 page_11.gif
sudaneseonline.com/images/ 65 B
415 B 11ms
10ms Image
image/gif 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_11.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2d0ed65db95ee9a4db6cfc439c2cfd35b8562cd082357fd24bd4ee7e903768cc

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1309746
x-powered-by: PleskLin
content-length: 65
cf-request-id: 0835cf734c00002b893f918000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ucUb5hpSXM0OC0%2Fe%2BulQtqsOS6WFsXIdAVv6RfjYjEuRh6BhsPVA3lbiTWFfRluDAMy9trAW%2FWApZ%2FVUOlhpuc0nNlDD1DAH3MPWC%2BHabFvHG7QFIlYZu9rvoymxOUY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cache-control: public, max-age=2592000
cf-polished: origSize=73, status=webp_bigger
accept-ranges: bytes
cf-ray: 62031b65495a2b89-FRA
expires: Thu, 27 Jan 2022 23:19:40 GMT

GET
H2 200 page_14.gif
sudaneseonline.com/images/ 112 B
501 B 19ms
18ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_14.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0ffb5e6a9625ae55529682bcb47bc148799f92f6c4b9aa7b959d0ecba3031b99

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1497409
x-powered-by: PleskLin
content-disposition: inline; filename="page_14.webp"
content-length: 112
cf-request-id: 0835cf734f00002b89650f5000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k%2BzvoT11AyVFe74cHg923xhsEfw3UBu7tXQZI7O9NUTtoTlK9W1Ghyq%2FsXQ1bdJi3dfN8%2FQ%2FZPzBi%2B8Aa3mmv5mQT%2FNP3Y7Ge4YqdeSU4hsn3Lux6twrzScVqZlSGWY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=266
accept-ranges: bytes
cf-ray: 62031b6549602b89-FRA
expires: Tue, 25 Jan 2022 19:11:57 GMT

GET
H2 200 page_16.gif
sudaneseonline.com/images/ 118 B
505 B 14ms
13ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_16.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: be3320dc4e3f9f68c6f001ac32d204b9d881de39e0895d6cfa094f2271b59b6a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 80556
x-powered-by: PleskLin
content-disposition: inline; filename="page_16.webp"
content-length: 118
cf-request-id: 0835cf735000002b8956273000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8vUM1OiCeLqwZj60QIUZncB16Us3EUGCVmVEsYedhONsWjaiRdaZicy%2B%2BaRT13eSlIyBiHnsRf1Q8C1wHK%2FwxzPNbzGDvLMrkb3hS%2FTeytu1OFnjZ8fM2Sii4fHYoSE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=318
accept-ranges: bytes
cf-ray: 62031b6549622b89-FRA
expires: Fri, 11 Feb 2022 04:46:10 GMT

GET
H2 200 page_36.gif
sudaneseonline.com/images/ 43 B
424 B 12ms
12ms Image
image/gif 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_36.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 724e999373acde2068adc1a148b9fce57faed54dae3dd9edf30345c26bdeaaea

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2331399
x-powered-by: PleskLin
content-length: 43
cf-request-id: 0835cf735000002b891e11a000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CTsd2iMNXWmZdH9QS9taiZQ3%2Bd%2BxQaJ6o6BPHjBLS7fqI5o1kH4d3E7Ox4z5yy1w856x%2FUynQpNPeqAuKtOdWMmnE8tOwdF1QUVzTO8KK8gcoZY94vPKAucS66Tf5po%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cache-control: public, max-age=2592000
cf-polished: origSize=51, status=webp_bigger
accept-ranges: bytes
cf-ray: 62031b6549632b89-FRA
expires: Sun, 16 Jan 2022 03:32:07 GMT

GET
H2 200 page_65.gif
sudaneseonline.com/images/ 59 B
424 B 12ms
12ms Image
image/gif 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_65.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8568618df18202314a62419e94e30f4183c4878adb08066b1e76110173c16c1a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 508420
x-powered-by: PleskLin
content-length: 59
cf-request-id: 0835cf735800002b898a1c1000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lzlT45lGKDcIxGH0xhivPro1NYfjDkmeFvQtkIQvRi59WfAO8YdUsSnaM9dNQ%2Fdkci3BWm7qa%2Fkae4R4Drqhh54G6HF3SnqJTBJe7ZLpTZRALjbzlI11p3hglw4qhzg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cache-control: public, max-age=2592000
cf-polished: origSize=67, status=webp_bigger
accept-ranges: bytes
cf-ray: 62031b6559702b89-FRA
expires: Sun, 06 Feb 2022 05:55:06 GMT

GET
H2 200 page_69.gif
sudaneseonline.com/images/ 52 B
457 B 13ms
12ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_69.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d8535f1b381398d4053486b50f3b99b5b283f65adc65ed66c52fb74ad44f47a3

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 707037
x-powered-by: PleskLin
content-disposition: inline; filename="page_69.webp"
content-length: 52
cf-request-id: 0835cf735900002b898a1c2000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r8JywGlsuHu0zOkDj8KNcE3SGwho1gevd9yDkGKa4lJpna1paWCk%2BnLpkbcfO9cDwdz0qpyjFWtvZtBsAgvYqEzDQQejMBGa%2FWvK8l5XI6N%2B2KgLygNJefqO%2BGbXA%2F0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=70
accept-ranges: bytes
cf-ray: 62031b6559742b89-FRA
expires: Thu, 03 Feb 2022 22:44:49 GMT

GET
H2 200 urchin.js Show response
google-analytics.com/ 22 KB
7 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://google-analytics.com/urchin.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 05:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 78673
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6847
expires: Thu, 25 Feb 2021 05:17:33 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 61ms
41ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cef431d062a50c4daaa15655cc4b46e819986052ae6b5d55c3dc12b09598e710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 48418
x-xss-protection: 0
server: cafe
etag: 5055074899333445325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 12 Feb 2021 03:08:46 GMT

GET
H/1.1 200
OK a Show response
xslt.alexa.com/site_stats/js/s/ 151 B
622 B 199ms
32ms Script
binary/octet-stream 13.35.253.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xslt.alexa.com/site_stats/js/s/a?url=sudaneseonline.com
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.7 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-7.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd19302865a315df9a57552a585191f452efcbed7b0ab6b6569f4bebb764366e

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 11 Feb 2021 22:41:44 GMT
Via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
Last-Modified: Fri, 27 Oct 2017 21:53:09 GMT
Server: AmazonS3
Age: 16045
ETag: "394d6f2c6c2041a2fbcdaad0e525aa7b"
X-Cache: Hit from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 151
X-Amz-Cf-Id: jujZRMigXfBgguDiWLgA9xY3YqjFRF5lhjxvBybv8kVyG9J96MIbJQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-115921305-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d697675c94c096a0739d0888b9754ba7887d282f5ce84077c8759fed58ec9b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39103
x-xss-protection: 0
expires: Fri, 12 Feb 2021 03:08:46 GMT

GET
H2 200 jquery-1.8.3.js Show response
code.jquery.com/ 260 KB
77 KB 26ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.8.3.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 756d7dfac4a35bb57543f677283d6c682e8d704e5350884b27325badd2b3c4a7

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-40f49"
vary: Accept-Encoding
x-hw: 1613099326.dop225.fr8.t,1613099326.cds283.fr8.hn,1613099326.cds225.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 78927

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
391 B 47ms
13ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=605764342&t=pageview&_s=1&dl=https%3A%2F%2Fsudaneseonline.com%2F&ul=en-us&de=UTF-8&dt=%D8%B3%D9%88%D8%AF%D8%A7%D9%86%D9%8A%D8%B2%D8%A7%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86%3ASudanese%20Online&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1721108597&gjid=1600150843&cid=687507642.1613099326&tid=UA-251719-1&_gid=1981411016.1613099326&_r=1&_slc=1&z=2095528510

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 03:08:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sudaneseonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3610
date: Fri, 12 Feb 2021 02:08:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 12 Feb 2021 04:08:36 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9280c3e8fd25c51470aeb64ebd6eb253083f78b26bc26291462015ae267b5755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vagQzIekbbWxU8OwlNH7qQ==
cross-origin-resource-policy: cross-origin
expires: Fri, 12 Feb 2021 03:20:55 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: JhGO/3etapzO6kx0h7G+mTCCgcm588Y2rtdtUuQGN/XWkkjrrYq0ygNDJ2M253KSq3lkkk+wgxoLuKd5uGb3mA==
x-fb-trip-id: 686109401
x-fb-content-md5: 97bea5eec72ca58761b6a3ab2229b254
date: Fri, 12 Feb 2021 03:08:46 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "82319ee81f6260451d709f6de50b21aa"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
26 B 12ms
12ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=605764342&t=pageview&_s=1&dl=https%3A%2F%2Fsudaneseonline.com%2F&ul=en-us&de=UTF-8&dt=%D8%B3%D9%88%D8%AF%D8%A7%D9%86%D9%8A%D8%B2%D8%A7%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86%3ASudanese%20Online&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KEDAAUABAAAAAC~&jid=1616424421&gjid=1473564971&cid=687507642.1613099326&tid=UA-115921305-1&_gid=1981411016.1613099326&_r=1&gtm=2ou230&z=1802979822

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 03:08:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sudaneseonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-115921305-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6219
date: Fri, 12 Feb 2021 01:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 03:25:07 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-251719-1&cid=687507642.1613099326&jid=1721108597&gjid=1600150843&_gid=1981411016.1613099326&_u=IEBAAEAAAAAAAC~&z=1889816466

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 12 Feb 2021 03:08:46 GMT
content-type: text/plain
access-control-allow-origin: https://sudaneseonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 191 KB
58 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=08483f3979203f9be9eccc71eb312bca&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

29a368265e2c4f3576011d1143ab0e9f6ca9492f7036c298ea1734d818e5abf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://sudaneseonline.com
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: G6mAimj1eivhplK2wQrWwQ==
cross-origin-resource-policy: cross-origin
expires: Sat, 12 Feb 2022 01:43:29 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 58478
x-fb-rlafr: 0
x-fb-debug: w+E8dMxZKpuqkncJxRgLgFKUXycUp9jCrELgCVpEhoY8kejre2Jpby58Bz3I/bDi3HVkOO47dGU5bRS1AYrIrg==
x-fb-trip-id: 686109401
x-fb-content-md5: 94ada80fbf6d11eb8c6ef857a7a54eca
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 12 Feb 2021 03:08:46 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f5ae88cae91b5fe982d73389f8f9630a"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H3-Q050

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=313597730&utmhn=sudaneseonline.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-251719-1&cid=687507642.1613099326&jid=312345284&_v=5.7.2&z=313597730
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=687507642.1613099326&jid=312345284&_v=5.7.2&z=313597730
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=687507642.1613099326&jid=312345284&_v=5.7.2&z=313597730&slf_rd=1&random=3154423706

42 B
483 B

43ms
29ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=687507642.1613099326&jid=312345284&_v=5.7.2&z=313597730&slf_rd=1&random=3154423706

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 03:08:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 03:08:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=687507642.1613099326&jid=312345284&_v=5.7.2&z=313597730&slf_rd=1&random=3154423706
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-251719-1&cid=687507642.1613099326&jid=1721108597&_u=IEBAAEAAAAAAAC~&z=2107888036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 03:08:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
15ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-251719-1&cid=687507642.1613099326&jid=1721108597&_u=IEBAAEAAAAAAAC~&z=2107888036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 03:08:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/ 225 KB
85 KB 70ms
56ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

496f9e7f84eb8c342c0086e43768b3723292564d2d2d6f1b9bdaee00684d9877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86500
x-xss-protection: 0
server: cafe
etag: 5055074899333445325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Feb 2021 03:08:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/ Frame 7932 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210208/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 11 Feb 2021 04:07:16 GMT
expires: Thu, 25 Feb 2021 04:07:16 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 82890
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 88ms
88ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=653080081416030&input_token&origin=1&redirect_uri=https%3A%2F%2Fsudaneseonline.com%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=08483f3979203f9be9eccc71eb312bca&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: ybc2c3KsKyMXeSIbimuu5FN4olL9iQLXnG4un6gxkF/CKkVB+7AI/Nf62GcFx2ModwP+glHHBuPfWba/74nk2w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Fri, 12 Feb 2021 03:08:46 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sudaneseonline.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
47 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab42ff31d07c36ec69c448d804ee5b0204822d8ae24c49a00b0c5fe117467e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 48410
x-xss-protection: 0
server: cafe
etag: 10670273244432943938
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 12 Feb 2021 03:08:46 GMT

GET
H2 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/sdb/ 16 KB
3 KB 322ms
322ms XHR
application/rss+xml 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=505
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 19a61f80e9cd10968010b2a4472da16459ded203cc751acf50c5bd8d6d9d6551

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fNIsEiDbnDbWzSUmusp3e0KRi%2F4%2FIlCcf5xf5k8ymQj3iHKR5uUGKNKCZpZHQp6G3d0kBO%2BrCixCHj9EtFxy7gioQM1la%2BjNONWcykhyKOcocui0IO3vlDbVaWvcirM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
cf-ray: 62031b66da9b2b89-FRA
cf-request-id: 0835cf744500002b89828e0000000001
expires: Fri, 12 Feb 2021 03:08:47 GMT

GET
H2 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/sdb/ 15 KB
3 KB 318ms
317ms XHR
application/rss+xml 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=510
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 45489ce6a2f29e5c607dfa5187bf7ba3fc73d5a8eb7702e376279e1692370852

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3ZB3wK8c3HVUwIQT1WVymizvk6GUi6DTNSXsHFk7ahlknayyLZ6eX%2FjGmzoUuBXENWc%2FhHSmzj0VcQoFAW2oGVaFH4XPgIRnx171J%2BRp0z%2Fx%2FF56k2Tynz30lm3Nc4o%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
cf-ray: 62031b66da9e2b89-FRA
cf-request-id: 0835cf744600002b89650fd000000001
expires: Fri, 12 Feb 2021 03:08:47 GMT

GET
H2 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/esdb/ 13 KB
3 KB 328ms
327ms XHR
application/rss+xml 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=10
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b35985addd0683dd70c493ae32951c64ee9cf767c177ab729034d99bf416456f

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eG2x2UT2lHSQCAiQxEtKa5i4zdcxYmp6zDgfXdlKunfj4iqZqtW%2BZnPCRwSPV50GgO91M3rF%2FLqfg9ac7P3Jj7vVXZ67j63ceh5mWwHs6E9tQU26abooE0FW%2FvCj8Uo%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
cf-ray: 62031b66da9f2b89-FRA
cf-request-id: 0835cf744600002b895627b000000001
expires: Fri, 12 Feb 2021 03:08:47 GMT

GET
H2 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/sdb/ 16 KB
3 KB 318ms
317ms XHR
application/rss+xml 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=30
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 40841c1ad6fb48b38bc6fd49ebc005498ea417da05937d619d7de65ff2caec66

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AMnDXHH%2BWvmxOpDBII6SR3XUqzsaG4QQQtswIkAA8usAMdNg9lYDiCpw1eVDkBjK0aygI3%2BlPCcGZua4WkFIloKnh%2Bl%2FvJK2QOgEA1KfO0eGFvjZZk8AMj8ac4WdCKM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
cf-ray: 62031b66daa02b89-FRA
cf-request-id: 0835cf744600002b891e122000000001
expires: Fri, 12 Feb 2021 03:08:47 GMT

GET
H2 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/esdb/ 12 KB
3 KB 323ms
323ms XHR
application/rss+xml 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=15
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3d0f27e7b01b00859e3232e590e5a88c18379af6ac09416077a785eacd3d2035

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YZsPKpt8NxMyiiPUPsqZRtQidrlUuseA1Kq0NmIYEvpR40%2BO%2BJ26re1%2FAAzCOn4817FVaRkFsz2TM4g%2Fp6lMbi%2F5Z2XHUM4f2CrVevZBkw%2FD22kxU53EBq9euC9rpAI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
cf-ray: 62031b66daa32b89-FRA
cf-request-id: 0835cf744700002b8920064000000001
expires: Fri, 12 Feb 2021 03:08:47 GMT

GET
H2 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/esdb/ 13 KB
3 KB 303ms
303ms XHR
application/rss+xml 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=12
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4e11456515fb6091e3ef2c30ba4fe851345ae0e33b9244992a0dde4cbd04c5d6

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=POLvU4SdZECYSgj%2FzpeuwnMrsGZ3wQ7Qj%2FWpy9g0aWdZ3uWCXbLcNPDph1CGwurdQFhSX8fhWvWWQlRwy38GcpUrXcAcbslqH5K13HCXPPJhsCQO4e7q%2FZxHL5RiECs%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
cf-ray: 62031b66daa42b89-FRA
cf-request-id: 0835cf744700002b890d2fb000000001
expires: Fri, 12 Feb 2021 03:08:47 GMT

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/ 35 B
143 B 6ms
6ms Image
image/gif 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=1.4&utmn=1595720745&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D8%B3%D9%88%D8%AF%D8%A7%D9%86%D9%8A%D8%B2%D8%A7%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86%3ASudanese%20Online&utmhn=sudaneseonline.com&utmhid=605764342&utmr=-&utmp=/&utmac=UA-251719-1&utmcc=__utma%3D24067384.687507642.1613099326.1613099326.1613099326.1%3B%2B__utmz%3D24067384.1613099326.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 05:44:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77063
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
646 B 140ms
66ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sudaneseonline.com&callback=_gfp_s_&client=ca-pub-9862665169833586

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

3c3e9126fa4cb9be7ca9abcab88f51219a9e9a91c6375fd354a43fab829a19de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 48ms
27ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sudaneseonline.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 48ms
27ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sudaneseonline.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 194 KB
40 KB 443ms
442ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&adk=1812271804&adf=3025194257&lmt=1613099326&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsudaneseonline.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1613099326428&bpp=12&bdt=195&idt=118&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8578429790685&frm=20&pv=2&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=136

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0731d649e8ef3d95236966caadd92ee1e5e4464d30d523c1d1b6b20b4b151144

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&adk=1812271804&adf=3025194257&lmt=1613099326&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsudaneseonline.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1613099326428&bpp=12&bdt=195&idt=118&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8578429790685&frm=20&pv=2&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=136
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Feb 2021 03:08:46 GMT
server: cafe
content-length: 41043
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 12-Feb-2021 03:23:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Feb 2021 03:08:46 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 59ms
46ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210208&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac411c85316736224056916552d837e3cbe139cf7468a98826b34821355aa1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6374
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960672666234"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28344
x-xss-protection: 0
expires: Fri, 12 Feb 2021 03:08:46 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 14EB 84 KB
31 KB 238ms
237ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1613099326&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326440&bpp=3&bdt=208&idt=132&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=579&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OnrDWJSVsf&p=https%3A//sudaneseonline.com&dtd=138

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00e9a376ce61cbedea5beb54c998706783a33491cf140aea66d0b397d992b03b

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNSu5qKv4-4CFa-s3godh70AZA&gqi=PvElYImnJILJtwffnou4Aw&layout=/sadbundle/%24csp%253Der3%24/17641178450847060165/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1613099326&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326440&bpp=3&bdt=208&idt=132&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=579&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OnrDWJSVsf&p=https%3A//sudaneseonline.com&dtd=138
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNSu5qKv4-4CFa-s3godh70AZA&gqi=PvElYImnJILJtwffnou4Aw&layout=/sadbundle/%24csp%253Der3%24/17641178450847060165/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Feb 2021 03:08:46 GMT
server: cafe
content-length: 31258
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 12-Feb-2021 03:23:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Feb 2021 03:08:46 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5271 99 KB
32 KB 272ms
271ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326443&bpp=1&bdt=211&idt=138&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=15CpttunXO&p=https%3A//sudaneseonline.com&dtd=142

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e1e8608a0260738742a3c1bcd64b3651b854cb6971ef7457580193d4077dc65

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNzn5qKv4-4CFUjBEQgdW9wOOQ&gqi=PvElYK_ZJJPKtweWiYCgAQ&layout=/sadbundle/%24csp%253Der3%24/14072910087906121018/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326443&bpp=1&bdt=211&idt=138&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=15CpttunXO&p=https%3A//sudaneseonline.com&dtd=142
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNzn5qKv4-4CFUjBEQgdW9wOOQ&gqi=PvElYK_ZJJPKtweWiYCgAQ&layout=/sadbundle/%24csp%253Der3%24/14072910087906121018/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Feb 2021 03:08:46 GMT
server: cafe
content-length: 32414
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 12-Feb-2021 03:23:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Feb 2021 03:08:46 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6D10 166 KB
19 KB 291ms
290ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4c1894e5543828e9dcfb521609a620c5ea9003e3c0be6d5578540c4e392c929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Feb 2021 03:08:46 GMT
server: cafe
content-length: 19171
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 12-Feb-2021 03:23:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Feb 2021 03:08:46 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C397 43 KB
20 KB 267ms
267ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f1fd0ceeada7c5b7738a8679a776ef3a7ef3220084ed2238898c071b259174a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Feb 2021 03:08:46 GMT
server: cafe
content-length: 20195
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 12-Feb-2021 03:23:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Feb 2021 03:08:46 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3515 58 KB
21 KB 273ms
272ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=213&idt=161&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=951&ady=648&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8gBc2GFOE0&p=https%3A//sudaneseonline.com&dtd=165

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8884629ccc4d4a58573abda059d0aac043d252a619a9d6dc738385232f215b5b

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16239051499483693056/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16239051499483693056/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COWe6KKv4-4CFZSEewod2fwPJw&gqi=PvElYKKUJtCGtwe-nq3QDg&layout=/sadbundle/%24csp%253Der3%24/16239051499483693056/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=213&idt=161&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=951&ady=648&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8gBc2GFOE0&p=https%3A//sudaneseonline.com&dtd=165
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16239051499483693056/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16239051499483693056/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COWe6KKv4-4CFZSEewod2fwPJw&gqi=PvElYKKUJtCGtwe-nq3QDg&layout=/sadbundle/%24csp%253Der3%24/16239051499483693056/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Feb 2021 03:08:46 GMT
server: cafe
content-length: 20338
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 12-Feb-2021 03:23:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Feb 2021 03:08:46 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1028 100 KB
32 KB 317ms
316ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326521&bpp=1&bdt=289&idt=92&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=101&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=NLEZR4164z&p=https%3A//sudaneseonline.com&dtd=95

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a984c72d88c346c4adc1244440be9cd062aadecc64cebcb1868b5b5de6b8da9

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLbQ6KKv4-4CFZPZEQgd4ioAYQ&gqi=PvElYM7FJoP5tgfT4J2ABg&layout=/sadbundle/%24csp%253Der3%24/11849155685997082338/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326521&bpp=1&bdt=289&idt=92&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=101&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=NLEZR4164z&p=https%3A//sudaneseonline.com&dtd=95
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLbQ6KKv4-4CFZPZEQgd4ioAYQ&gqi=PvElYM7FJoP5tgfT4J2ABg&layout=/sadbundle/%24csp%253Der3%24/11849155685997082338/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Feb 2021 03:08:46 GMT
server: cafe
content-length: 32694
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 12-Feb-2021 03:23:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Feb 2021 03:08:46 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 12 Feb 2021 03:08:46 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0052 399 B
483 B 93ms
92ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=600&slotname=0328297630&adk=2265731008&adf=2802248822&pi=t.ma~as.0328297630&w=120&lmt=1613099326&psa=0&format=120x600&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&adsid=NT&dt=1613099326522&bpp=1&bdt=289&idt=135&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=801&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&fsb=1&xpc=DQqfYcNoPO&p=https%3A//sudaneseonline.com&dtd=138

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d074ca4e6e73b4304369241fd25691e513143af68319c5d9ebd9c7bbbec7a42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=600&slotname=0328297630&adk=2265731008&adf=2802248822&pi=t.ma~as.0328297630&w=120&lmt=1613099326&psa=0&format=120x600&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&adsid=NT&dt=1613099326522&bpp=1&bdt=289&idt=135&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=801&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&fsb=1&xpc=DQqfYcNoPO&p=https%3A//sudaneseonline.com&dtd=138
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Feb 2021 03:08:46 GMT
server: cafe
content-length: 200
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 12-Feb-2021 03:23:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Feb 2021 03:08:46 GMT
cache-control: private

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame D4B1 12 KB
5 KB 33ms
19ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 11 Feb 2021 20:55:18 GMT
expires: Fri, 11 Feb 2022 20:55:18 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 22408
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js Show response
pagead2.googlesyndication.com/bg/ Frame D4B1 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 11:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 57073
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
expires: Fri, 11 Feb 2022 11:17:33 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 39ms
39ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=2265731008&adf=2802248822&fmt=120x600&str=false&ad_y=801&vph=1200&r_nh=0&qid=CPSw66Kv4-4CFU_MEQgdpDIPiQ&w=120&h=600&err=1&url=https%3A%2F%2Fsudaneseonline.com%2F

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 03:08:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Darfur_Destroyed.jpg
1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/
Redirect Chain

https://bp1.blogger.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg
https://1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg

22 KB
22 KB

46ms
19ms

Image
image/jpeg

2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d470ab3f2efb2271564c86298b3139480369a7d8b85cc117631ae5714605d93a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="Darfur_Destroyed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22596
x-xss-protection: 0
server: fife
etag: "v45"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 11 Feb 2021 22:32:35 GMT

Redirect headers

date: Thu, 11 Feb 2021 07:26:28 GMT
x-content-type-options: nosniff
server: fife
age: 70938
location: https://1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg
vary: Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 297
x-xss-protection: 0
expires: Sat, 13 Mar 2021 07:26:28 GMT

GET
H2 200 shawgo.jpg
sudaneseonline.com/db/avatars/ 57 KB
58 KB 13ms
10ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/shawgo.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cf5f8602ddd688b3192c614d2ec643678944be422c98f2b7370423283ffa93e1

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1320563
x-powered-by: PleskLin
content-disposition: inline; filename="shawgo.webp"
content-length: 58382
cf-request-id: 0835cf758100002b895d2a9000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zH%2F%2Bvz2JXpGWbPfISCXjCfhvtbqJHIK5Ol%2FGNupirHwpsPSAZaIPJG73KW4pXvDv8p1%2BZ4%2BQGslP8opgzNTlXlc5BFDNVL3FreYNtrrB%2BnRjtdWTZy%2FjIHazITFaaH4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=262818
accept-ranges: bytes
cf-ray: 62031b68cc6e2b89-FRA
expires: Thu, 27 Jan 2022 20:19:23 GMT

GET
H2 200 p_185496fjg1.jpg
e.top4top.io/ 46 KB
46 KB 159ms
58ms Image
image/jpeg 195.154.113.34
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.top4top.io/p_185496fjg1.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.113.34 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-113-34.rev.poneytelecom.eu
Software: nginx /
Resource Hash: b8c0557cbdd0251dcad213bc5f4d2409ccbe9bce3da0d62db589208238f77f96

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-file-id: x36582964x
date: Fri, 12 Feb 2021 03:08:46 GMT
last-modified: Thu, 28 Jan 2021 03:52:13 GMT
server: nginx
etag: "601234ed-b731"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="ahmedmatar1.jpg"
accept-ranges: bytes
content-length: 46897
expires: Fri, 12 Feb 2021 05:08:46 GMT

GET
H2

404

sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg
sudaneseonline.com/uploadpic11/june/
Redirect Chain

https://www.sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg
https://sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg

3 KB
3 KB

288ms
287ms

Image
text/html

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ed7d72de81ce28a49509b04006c99759ce51715d83f38fac7f58ee59313d028a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 28 Nov 2013 07:11:13 GMT
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CuZerdVNPaYejY0bX%2F8%2FXTGGXlESV0QJTt4kDWEGmjvVcO964%2BzPrtDBgPAcel7tOqs4gp%2Bbwpt8tlmPiPEQFlNuM6VXVSwn0T9qQyRNurwgdCNjEukqIySOBgQ2jIw%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html
cache-control: max-age=172800
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 62031b69cd4b2b89-FRA
cf-request-id: 0835cf762500002b891334a000000001

Redirect headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 1182
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vIcctLI%2FJxfzcl4oznAS9nFcn%2BOniVgyQEQ2%2B%2Bws2qMZQzkA9Y2a2N8XkQbCGglrfA1VGT3POHQ3gJlC8IotEDtn4shLdOI1kEaEHGiXuoKy%2FDFbxod0c%2FfCLeGItaqp%2B2Pq"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg
cache-control: max-age=172800
cf-ray: 62031b68cc702b89-FRA
cf-request-id: 0835cf758100002b8949bad000000001

GET 1016333_488823897867823_1875840390_nsudan1sudan.jpg
http//www.sudaneseonline.com/uploadpic14/mar/ 0
0

GET
H2 200 mosafir.jpg
sudaneseonline.com/uploadpic16/may/ 2 KB
3 KB 15ms
14ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic16/may/mosafir.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 56583d7365641d0274d83f874ccdc02fd4524a491f481ef968c962c10c61d3b4

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 714717
x-powered-by: PleskLin
content-disposition: inline; filename="mosafir.webp"
content-length: 2432
cf-request-id: 0835cf758500002b89151e1000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bgiLk5mntQE9Z4bOkdtID7%2BNDebRP9GLyI4LTxRZCVghdjuk3JX%2Fx9eaSbOSycNb%2BOMePyO%2BjMmt4Nh%2FgbfkKqlv4XhrEcd6SCQSLyVRSqMQ95y2RDOOY61XOnjuheY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=3709
accept-ranges: bytes
cf-ray: 62031b68dc792b89-FRA
expires: Thu, 03 Feb 2022 20:36:48 GMT

GET
H2

200

00000asudaneseonline.jpg
sudaneseonline.com/db/avatars/
Redirect Chain

https://www.sudaneseonline.com/db/avatars/00000asudaneseonline.jpg
https://sudaneseonline.com/db/avatars/00000asudaneseonline.jpg

13 KB
13 KB

17ms
16ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/00000asudaneseonline.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 372d04f407947fdd808207dde54cf389d2535f566ea1b0cbd6dea35faf41e80c

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1321976
x-powered-by: PleskLin
content-disposition: inline; filename="00000asudaneseonline.webp"
content-length: 12846
cf-request-id: 0835cf762100002b894f343000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Bc13c3B%2Fz7X3YYjVU%2F879Eggfhnnap5%2FCXqPhHwgEmr8d24Tlrv0sOTcNQFSv%2ByoXTIuDIe035kEh22FwKliv9X2sYXzv07EQwkNrRX6%2B2OoolzKfkvF941PbCDEV9Q%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=48686
accept-ranges: bytes
cf-ray: 62031b69cd4c2b89-FRA
expires: Thu, 27 Jan 2022 19:55:51 GMT

Redirect headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 1182
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pk7ju1gLnYPq494y9E9CnaY5emRIcNNIpoM%2FJ%2FZ%2BFsB2b9kuPmT1ATkBSbWwRg%2FIP0ck0a7IbYM%2BywVSGhaHvUgH%2FhS47VI2ScHfal%2FM9HsK5LcYDDKRxAySDpsTw5uN%2FYlX"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/db/avatars/00000asudaneseonline.jpg
cache-control: max-age=172800
cf-ray: 62031b68cc712b89-FRA
cf-request-id: 0835cf758200002b894ab56000000001

GET
H2

200

mamanadwa.jpg
sudaneseonline.com/uploadpic10/May/
Redirect Chain

https://www.sudaneseonline.com/uploadpic10/May/mamanadwa.jpg
https://sudaneseonline.com/uploadpic10/May/mamanadwa.jpg

20 KB
20 KB

15ms
14ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic10/May/mamanadwa.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 992388fbeff91f69ece1f2af28b26cd013db8135f58d8d05b96c9aecdc62a731

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 707036
x-powered-by: PleskLin
content-disposition: inline; filename="mamanadwa.webp"
content-length: 20326
cf-request-id: 0835cf762000002b8939a8d000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mpHimKyrCuwvJ%2F7hS8koS%2F7EF8Rut88aSgMMHF9kF7ykPcrreAmapFNL5wgNu6Bz8HTgnJzEcmALWUTNSuYtOJGlHWlOVAujkbaVK%2Fy%2BWEVMJGJpSdDFYLGrrJuL%2FJ8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=45668
accept-ranges: bytes
cf-ray: 62031b69cd4a2b89-FRA
expires: Thu, 03 Feb 2022 22:44:51 GMT

Redirect headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 1182
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y%2FbDmrl55I7XmVANh%2BA0jDECciyKvnF%2BBZjO0vYMFJrYeuedjt6%2BHT%2B6u27ms9HObnp9rdS6GE%2F2Wo41gyeo8hPhDpN8%2BKG23j0ZXY94fElT0VRPfGL5FE0FwkrLnAkwbqQc"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic10/May/mamanadwa.jpg
cache-control: max-age=172800
cf-ray: 62031b68cc732b89-FRA
cf-request-id: 0835cf758100002b89489b1000000001

GET
H2

200

drawings_il_340x270.375184795_gkx2_766470924.jpg
sudaneseonline.com/db/avatars/
Redirect Chain

https://www.sudaneseonline.com/db/avatars/drawings_il_340x270.375184795_gkx2_766470924.jpg
https://sudaneseonline.com/db/avatars/drawings_il_340x270.375184795_gkx2_766470924.jpg

2 KB
3 KB

12ms
11ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/drawings_il_340x270.375184795_gkx2_766470924.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 341c395990c70eca9478ceddb6012b07c34db8cdc0e937583df1421101a89e19

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2438891
x-powered-by: PleskLin
content-disposition: inline; filename="drawings_il_340x270.webp"
content-length: 2428
cf-request-id: 0835cf762000002b893b34e000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wGwucx67%2BC4UAoi9s5nW37KLfHaJ%2BcBcYCLKjBRwdqiV8OOjVdDBJITSPffUFrN7xMml1N0NLoMhYjuJkD9L54kxwXsvGq3EI4wLj%2FrJ4OwPRbqRM%2FwObtYh3nfFMIo%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=2854
accept-ranges: bytes
cf-ray: 62031b69cd482b89-FRA
expires: Fri, 14 Jan 2022 21:40:35 GMT

Redirect headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 1182
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jFz2TfO04JBISzuVPb9vCLMQeV933JGsK%2BsxmFAb6C%2BuWUp82bxElKZBrMIW7vqIGNN9czGgSbfgW2wI%2FRGGP7Yvrk1jjVduerp1d7LuxOEAomka01rnjvTjkSgQcAsejVyP"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/db/avatars/drawings_il_340x270.375184795_gkx2_766470924.jpg
cache-control: max-age=172800
cf-ray: 62031b68cc742b89-FRA
cf-request-id: 0835cf758100002b89161bd000000001

GET
H2 200 01sudaneseonline.com_211120104.jpg
sudaneseonline.com/db/avatars/ 2 KB
3 KB 11ms
11ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/01sudaneseonline.com_211120104.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 21efb19adce8ebd5e9975c69f353b2f250cfd0ea4b7ee5d363ab98b015b660d4

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 80544
x-powered-by: PleskLin
content-disposition: inline; filename="01sudaneseonline.webp"
content-length: 2300
cf-request-id: 0835cf758500002b8919a9f000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1E3Sx97St1HXNlOu0sg21eFVx90oZu9F5OEWYp1hK1SOwZsFyDZRu07q4ys1tEpuPndG4Sqml6oirJXwkWC3JypH9CUXDSRsGKhQ8uIu0lCzFF7E%2FhbBXa8BjiWm7HA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=2642
accept-ranges: bytes
cf-ray: 62031b68dc7a2b89-FRA
expires: Fri, 11 Feb 2022 04:46:22 GMT

GET
H2

200

drawings_images_891866785.jpeg
sudaneseonline.com/db/avatars/
Redirect Chain

https://www.sudaneseonline.com/db/avatars/drawings_images_891866785.jpeg
https://sudaneseonline.com/db/avatars/drawings_images_891866785.jpeg

1 KB
2 KB

12ms
12ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/drawings_images_891866785.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: daf681b03f64492d5f4effd3fbf95718487fdd7d403ddd5add315b567693faed

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 953346
x-powered-by: PleskLin
content-disposition: inline; filename="drawings_images_891866785.webp"
content-length: 1504
cf-request-id: 0835cf75f100002b89151e4000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DzlvEnI95RcM72%2BXh%2BPz0irDR29aCJWvGkqWuAAdcZ%2Bxqc976rUe2bxoABFIR74R%2Fp%2BF9Twry4gvFoq2DQecDf0O4HeKFMmOePcZUUJf%2B8W9rshSSS6Fe38O1AjG3xc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=2134
accept-ranges: bytes
cf-ray: 62031b698cfe2b89-FRA
expires: Tue, 01 Feb 2022 02:19:40 GMT

Redirect headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 1182
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wEemQhZrW%2FFI4wnaIElQnhWKIGysdSRiaqaJTzbTgqGeaV0M59XmNpMvSL0%2BQbHlDgBjC8zkv%2BxemINqUWDhr%2BI14nGYthk0LaeJhXpMee5pKYosW%2BJ8EfYUTzUso333i2RZ"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/db/avatars/drawings_images_891866785.jpeg
cache-control: max-age=172800
cf-ray: 62031b68cc762b89-FRA
cf-request-id: 0835cf758100002b891e12f000000001

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/ Frame 7EC8 2 KB
2 KB 12ms
12ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1613099326&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326440&bpp=3&bdt=208&idt=132&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=579&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OnrDWJSVsf&p=https%3A//sudaneseonline.com&dtd=138

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5329a2c02372ed4eb72338bf64ba3d040f35d2303ff70cdb49228763eb2c9e51

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/17641178450847060165/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1613099326&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326440&bpp=3&bdt=208&idt=132&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=579&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OnrDWJSVsf&p=https%3A//sudaneseonline.com&dtd=138
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1613099326&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326440&bpp=3&bdt=208&idt=132&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=579&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OnrDWJSVsf&p=https%3A//sudaneseonline.com&dtd=138

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 782
date: Fri, 05 Feb 2021 04:26:16 GMT
expires: Sat, 05 Feb 2022 04:26:16 GMT
last-modified: Mon, 28 Sep 2020 12:04:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 600150
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/ Frame 14EB 18 KB
7 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bbf21d644eb606c170f9b814332ded340aeb17e70b94af6d4816a146ae8342a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1613099326&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326440&bpp=3&bdt=208&idt=132&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=579&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OnrDWJSVsf&p=https%3A//sudaneseonline.com&dtd=138
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 01:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 13709262462862093242
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 01:24:17 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame 14EB 3 KB
2 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1613099326&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326440&bpp=3&bdt=208&idt=132&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=579&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OnrDWJSVsf&p=https%3A//sudaneseonline.com&dtd=138
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 01:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 01:41:41 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 14EB 107 KB
33 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1613099326&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326440&bpp=3&bdt=208&idt=132&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=579&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OnrDWJSVsf&p=https%3A//sudaneseonline.com&dtd=138
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Fri, 12 Feb 2021 03:08:46 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame 14EB 14 KB
6 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1613099326&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326440&bpp=3&bdt=208&idt=132&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=579&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OnrDWJSVsf&p=https%3A//sudaneseonline.com&dtd=138
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 01:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 01:50:31 GMT

GET
H2 200 4kbWk.png
i.imgur.com/ 238 KB
238 KB 122ms
39ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/4kbWk.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

564aa8589a93ae62a4f5fe4ec55f34d506f5f7ebf24a31fa8549e92c58786f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
x-content-type-options: nosniff
age: 3987807
x-cache: HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 243224
x-served-by: cache-bwi5133-BWI, cache-hhn4030-HHN
last-modified: Thu, 18 Oct 2012 16:20:04 GMT
server: cat factory 1.0
x-timer: S1613099327.033580,VS0,VE1
etag: "3425c58fe19784bef758904bf8eeaa93"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2

200

1377132_660215000757843_8051103474068476735_n.jpg
sudaneseonline.com/uploadpic14/nov/
Redirect Chain

https://www.sudaneseonline.com/uploadpic14/nov/1377132_660215000757843_8051103474068476735_n.jpg
https://sudaneseonline.com/uploadpic14/nov/1377132_660215000757843_8051103474068476735_n.jpg

29 KB
30 KB

23ms
23ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic14/nov/1377132_660215000757843_8051103474068476735_n.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7282da3cf526d4660699ec27861b7991fe32f53b137457c1b9e4131021e23c45

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1478606
x-powered-by: PleskLin
content-disposition: inline; filename="1377132_660215000757843_8051103474068476735_n.webp"
content-length: 29782
cf-request-id: 0835cf764100002b891e137000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iA%2B5gaUFoERbxDhJyDXbJImf8ej4pvky%2Bxau0Fy9PgxaqmiX97vYOaFtzDuX8dVs0UNob1zSwfcrFpePJXxmz1TNAuTMl1kdEGGRsNY4OMcRBIfwEwWT0blDiG0WHIU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=34912
accept-ranges: bytes
cf-ray: 62031b6a0d812b89-FRA
expires: Wed, 26 Jan 2022 00:25:21 GMT

Redirect headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 679
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3ao6w%2FbjAcvJWzX0ej%2F7WBdR6maC9ynt6lsgXAlCG%2B5%2BaIpnAcXw%2BcKf8ZOeIW8GOMKtufJcbNC%2B6noK6razKSYrML7ysvKaHNI%2BU4UD7rYtR4hOoGf2OAmnQbU7cw08U9Yu"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic14/nov/1377132_660215000757843_8051103474068476735_n.jpg
cache-control: max-age=172800
cf-ray: 62031b696cde2b89-FRA
cf-request-id: 0835cf75e300002b894e804000000001

GET
H2 200 parent-5.png
i2.wp.com/arabatheistbroadcasting.com/wp-content/uploads/2014/12/ 14 KB
14 KB 100ms
33ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/arabatheistbroadcasting.com/wp-content/uploads/2014/12/parent-5.png?w=487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

8e0fc0402b9a3d3cc00cf682859d9288b50ea268e924d68c910a71a71a986e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Fri, 12 Feb 2021 03:08:47 GMT
x-content-type-options: nosniff
last-modified: Sat, 23 Jan 2021 12:30:43 GMT
server: nginx
etag: "133ee4fbbbb82628"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://arabatheistbroadcasting.com/wp-content/uploads/2014/12/parent-5.png>; rel="canonical"
content-length: 13844
expires: Tue, 24 Jan 2023 00:30:43 GMT

GET
H2 200 0a4f926a09c25a10e05f5cee2d35cfd5.jpg
i.pinimg.com/originals/0a/4f/92/ 36 KB
36 KB 39ms
15ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/0a/4f/92/0a4f926a09c25a10e05f5cee2d35cfd5.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c1d606773767eec58bc7c39f89713894577fb5b8ac3c11c86504c512d2cb97

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
etag: "d15a5165585a4c1eac56c86122051311"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 6
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b698a600601-FRA
content-length: 36986
cf-request-id: 0835cf75f0000006010c84b000000001
server: cloudflare
origin-latency: 6

GET
H2 200 p_1838izxfq1.jpg
b.top4top.io/ 118 KB
119 KB 150ms
57ms Image
image/jpeg 163.172.80.128
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.top4top.io/p_1838izxfq1.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.80.128 , France, ASN12876 (Online SAS, FR),
Reverse DNS: rev-163-172-80-128.embersyndicate.com
Software: nginx /
Resource Hash: 983cd22a3c9ff8f95ab04e73943a17c206e7ff98eb7a7d4a0553b6b893f4475d

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-file-id: x36317425x
date: Fri, 12 Feb 2021 03:08:47 GMT
last-modified: Tue, 12 Jan 2021 15:11:57 GMT
server: nginx
etag: "5ffdbc3d-1d893"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="w%2Cvm5.jpg"
accept-ranges: bytes
content-length: 120979
expires: Fri, 12 Feb 2021 05:08:47 GMT

GET
H2 200 p_15194aew01.jpg
h.top4top.io/ 44 KB
44 KB 155ms
58ms Image
image/jpeg 163.172.91.236
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.top4top.io/p_15194aew01.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.91.236 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-91-236.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 1e70af81161b491354bb7687d33ccc8a7eec86bef17424f45524eb96738a7a03

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-file-id: x31548883x
date: Fri, 12 Feb 2021 03:08:47 GMT
last-modified: Fri, 28 Feb 2020 09:38:59 GMT
server: nginx
etag: "5e58dfb3-ae07"
content-type: image/jpeg
cache-control: max-age=7200
x-ok: 0
content-disposition: inline; filename="%D8%AE%D8%B6%D8%B1%202.jpg"
accept-ranges: bytes
content-length: 44551
expires: Fri, 12 Feb 2021 05:08:47 GMT

GET
H2 200 NRst8TqQ_400x400.jpg
pbs.twimg.com/profile_images/1198562165675962368/ 33 KB
34 KB 62ms
13ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1198562165675962368/NRst8TqQ_400x400.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BB3) /

Resource Hash

e10dba2b62a403e299ad9ab9cf4d137389e7db2d016d7aaec2f25b78884942cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:46 GMT
x-content-type-options: nosniff
age: 49838
x-cache: HIT
content-length: 34031
x-response-time: 115
surrogate-key: profile_images profile_images/bucket/6 profile_images/1198562165675962368
last-modified: Sun, 24 Nov 2019 11:19:03 GMT
server: ECS (amb/6BB3)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7f96df4c8f79974b3eee43d551520db4
accept-ranges: bytes

GET
H2

200

11898683_1124830430878761_4931903866995045619_n.jpg
sudaneseonline.com/uploadpic15/sep/
Redirect Chain

https://www.sudaneseonline.com/uploadpic15/sep/11898683_1124830430878761_4931903866995045619_n.jpg
https://sudaneseonline.com/uploadpic15/sep/11898683_1124830430878761_4931903866995045619_n.jpg

12 KB
12 KB

17ms
16ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic15/sep/11898683_1124830430878761_4931903866995045619_n.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: db95a57dce798f5f2687ff163347a0175e8f70ef80271377647f0cc00b5b4ebd

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 280561
x-powered-by: PleskLin
content-disposition: inline; filename="11898683_1124830430878761_4931903866995045619_n.webp"
content-length: 12192
cf-request-id: 0835cf764100002b8965112000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Koh2M3nGcsN6vokHee7R0GBR%2BQVatT7%2FrbLoiUevsXlW5SEfI3UphxF9fbesoUWBGChLL8SgssClV34akybA%2FL3fBZCGdLWeodNnIx9XX3IHIDhvW7lmrTxIzwQI7ho%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=13156
accept-ranges: bytes
cf-ray: 62031b6a0d802b89-FRA
expires: Tue, 08 Feb 2022 21:12:46 GMT

Redirect headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 1183
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gnf4FRrmfkNyVtJu%2FV4FzIkFEZdFddCOKHyuAbg0edg%2BvlFqJXmjsMN6wCG6v%2Bx2hR6kF2AZumt6Of74NNEP8I%2Bqszh8x%2FIeld7u75ItltncNfz7qZ39ectK80f1pGfZuaw%2B"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic15/sep/11898683_1124830430878761_4931903866995045619_n.jpg
cache-control: max-age=172800
cf-ray: 62031b696ce02b89-FRA
cf-request-id: 0835cf75e300002b8979a3f000000001

GET
H2 200 USFlag88.png
i.ibb.co/xLvjmwY/ 394 KB
395 KB 127ms
39ms Image
image/png 145.239.131.51
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/xLvjmwY/USFlag88.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: dafc13faf3515ff6e6db88e2dee9fc225513b92b7c94a77570a0f03d7cc98b1f

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
last-modified: Wed, 20 Jan 2021 22:50:21 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 403671
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d38af4a1fa19289e76462fe3bd5a1a6f.jpg
i.pinimg.com/564x/d3/8a/f4/ 28 KB
29 KB 147ms
124ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/564x/d3/8a/f4/d38af4a1fa19289e76462fe3bd5a1a6f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c02ddc028251ce8b5aaf959bc6e90d6944467212439f5bf283dbbd99292c815f

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "96c05b4c1c11aa1721f7c84f3c2a267d"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 112
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b698a610601-FRA
content-length: 29038
cf-request-id: 0835cf75f100000601cd38b000000001
server: cloudflare
origin-latency: 112

GET
H2 200 2606-1.jpg
a7sas.net/wp-content/uploads/2019/10/ 48 KB
48 KB 56ms
15ms Image
image/jpeg 2606:4700:3030::6815:1146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a7sas.net/wp-content/uploads/2019/10/2606-1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d7af17d4ab24aeb00ee93394751160a184406d1f24800c5989d2696d2b25ef4

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1278066
x-rocket-nginx-serving-static: No
content-length: 48794
cf-request-id: 0835cf762900001f412335f000000001
last-modified: Sun, 20 Oct 2019 16:31:24 GMT
server: cloudflare
etag: "5dac8bdc-be9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VHc9paiDj3e7V1xo%2FOKsuEPrXEpHkSMDji4OJRWHZngLKN5SiqoQTSSKz8MYPPa%2BNcAZQEOFXeGA26pPcu%2BTVpzuQj6EGzElhvOsUUqS0QvSbFi7UnU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 62031b69db621f41-FRA
expires: Sat, 27 Feb 2021 08:07:41 GMT

GET
H2 200 142367974.jpg
www6.0zz0.com/2016/11/29/22/ 10 KB
10 KB 65ms
39ms Image
image/jpeg 2606:4700:3036::6815:1d27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www6.0zz0.com/2016/11/29/22/142367974.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:1d27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5669fcdd1fa7c5e07e297fae9a5f15adb1d9a200086be020e425e90b396cf72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
content-length: 9905
cf-request-id: 0835cf763200004a864780b000000001
last-modified: Tue, 29 Nov 2016 19:06:43 GMT
server: cloudflare
etag: "26b1-5427549ff41b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HHG4ptrUmh9KP%2Fvs6SYffM5qgzcdtkiM2gaVd4fXvvaY%2FkLmJOiFrJwcjWTK9yr%2FRJTAVe8vLgagKNt89n8zcvtJokLW50%2BUsu7jDPbU2HdRnzzSti%2FbtYGx"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 62031b69ea744a86-FRA

GET
H2 200 sudansudansudansudansudan62.jpg
sudaneseonline.com/uploadpic16/may/ 57 KB
58 KB 18ms
17ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic16/may/sudansudansudansudansudan62.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0313d7051b1cacf768e51e863bcf7462839cb9faf11f67493a551a70689fb91c

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 833183
x-powered-by: PleskLin
content-disposition: inline; filename="sudansudansudansudansudan62.webp"
content-length: 58664
cf-request-id: 0835cf761b00002b890d30b000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jScQmGgBpDfSX2OZpXFKgmvbuDUtDizhlXCAXU6RlLJ%2BnQ2g3NTKp7%2FD1N9PDwOpMjpEy2sDtnEeihcALl1lH0dDXfoT2trYRpuRecY65UI2Ywap%2B98pvTw%2BswWnXFo%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=74721
accept-ranges: bytes
cf-ray: 62031b69cd442b89-FRA
expires: Wed, 02 Feb 2022 11:42:23 GMT

GET
H2 200 V1qiWpoy.jpg
pbs.twimg.com/profile_images/890089918663454720/ 55 KB
55 KB 22ms
20ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/890089918663454720/V1qiWpoy.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B77) /

Resource Hash

22b4fc6bee580fef18e992087517050965ee3a8962600e3b00338f3587a7f668

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
x-content-type-options: nosniff
age: 330788
x-cache: HIT
content-length: 56060
x-response-time: 126
surrogate-key: profile_images profile_images/bucket/5 profile_images/890089918663454720
last-modified: Wed, 26 Jul 2017 06:00:28 GMT
server: ECS (amb/6B77)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4f05d65611ce6477213c4c3e869415f7
accept-ranges: bytes

GET
H2 200 muhand.jpg
sudaneseonline.com/db/avatars/ 33 KB
34 KB 16ms
14ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/muhand.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e95e9489203b6ea8c50e0c524c9054d531a9f2a4d3ba945b04eaf8d98d5958eb

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 52075
x-powered-by: PleskLin
content-disposition: inline; filename="muhand.webp"
content-length: 34132
cf-request-id: 0835cf761a00002b894388a000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vzP%2FbIozY2cSdJd0Xz6nT%2BZ6eEnEbqrTIKBRfB5oR0ZbOiW40ojUkXlmDlzw%2B7RLx1qH4Xz4gGZYtSETWlweI9RhB%2BP9L2GII%2FPYZxiimmAFDu%2BJtnAxHn%2Fdnl27fUY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=165295
accept-ranges: bytes
cf-ray: 62031b69cd452b89-FRA
expires: Fri, 11 Feb 2022 12:40:52 GMT

GET
H2 200 ae4edeaebbb81eed2e9cf1cbdbeed2f8.jpg
i.pinimg.com/originals/ae/4e/de/ 10 KB
10 KB 26ms
25ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/ae/4e/de/ae4edeaebbb81eed2e9cf1cbdbeed2f8.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 354737a1a05e204c9ed03a63eebf87d858e12232335787647ae265e70e4ce0e5

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "3ed39587fc1cda24c6d05db44c5d25a8"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 9
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b69ca870601-FRA
content-length: 10154
cf-request-id: 0835cf761900000601d40bb000000001
server: cloudflare
origin-latency: 9

GET
H2 200 937a15082c8364b7d235265dacc6a744.jpg
i.pinimg.com/originals/93/7a/15/ 32 KB
32 KB 15ms
14ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/93/7a/15/937a15082c8364b7d235265dacc6a744.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4130840cd3b4551d245f902798f99c85267091b851a6d4b389c35af04f9789f5

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "eb61072fc250ab1ed0329f2f37a0d177"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 4
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b69ca880601-FRA
content-length: 32862
cf-request-id: 0835cf761a00000601f903e000000001
server: cloudflare
origin-latency: 4

GET
H2 200 dd58ef26efbdb5f583f4b779ac531be9.jpg
i.pinimg.com/originals/dd/58/ef/ 2 MB
2 MB 21ms
20ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/dd/58/ef/dd58ef26efbdb5f583f4b779ac531be9.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8730b71e29db3b9adcec99032793ad923c988a043749e3bb6ed5f0382222e4f5

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "74ab069c695ce8165997829105d9c703"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 8
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b69ca890601-FRA
content-length: 2338159
cf-request-id: 0835cf761a00000601c9a92000000001
server: cloudflare
origin-latency: 8

GET
H2 200 press.png
sudaneseonline.com/uploadpic19/ 43 KB
43 KB 16ms
11ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic19/press.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7ddadf329de63774f1dedde0cd0a01a422b46a93daa2b36c138f659be3f1ac11

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1497529
x-powered-by: PleskLin
content-disposition: inline; filename="press.webp"
content-length: 43628
cf-request-id: 0835cf762d00002b8962848000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nblZUh7qub49GEyGa1Jc2c%2BMTewTwCEVFh7BgNnYxTTrFNKgAZIQ%2Bli%2F4HSuc9ysFJwdpimtZsad%2FivSVA9PvSawHfj2XblQTgNX3mwVMfCE3pRtf%2Bx2Ag%2BxDj71NkM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=62188
accept-ranges: bytes
cf-ray: 62031b69ed5e2b89-FRA
expires: Tue, 25 Jan 2022 19:09:58 GMT

GET
H2 200 news1.png
sudaneseonline.com/uploadpic19/ 26 KB
27 KB 15ms
14ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic19/news1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f0c9e59fe4556a5ca7da317a52097784bbe634004d9f67c78b36d0b7f4656704

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 95173
x-powered-by: PleskLin
content-disposition: inline; filename="news1.webp"
content-length: 26968
cf-request-id: 0835cf762d00002b8919005000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SS5sUuAcujhOUnojVJYq0h%2B14UQQ3mBCEDvY3aTrgKPpx2RakDhfznx25TqrWowWhu2PYzjGlWHMag4%2BA50O1Dn1xJnZ0Biu1QS947Xw%2FzTdkY6E15P1TMn187Olqm8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=43107
accept-ranges: bytes
cf-ray: 62031b69ed5f2b89-FRA
expires: Fri, 11 Feb 2022 00:42:34 GMT

GET
H2 200 salah_albasha_679470719.jpg
sudaneseonline.com/files/daily-writer/ 41 KB
42 KB 12ms
10ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/salah_albasha_679470719.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8371ca7726358d3088e19a1406a034d30cafa4fef366e69d959dd6a41822e9ff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 825780
x-powered-by: PleskLin
content-disposition: inline; filename="salah_albasha_679470719.webp"
content-length: 42320
cf-request-id: 0835cf763000002b8979a42000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=58tvptA1rld6cwKYgaCsKzvd2F6KtaLLMjSBMOjxFKdH8R2qZCGPG4D6bLfbUo8SHPnUGhntk5RA5ryvwvT7LqBnIs67romHAq2hWMAeSWKPX1fsJt%2BOVioXi9%2FCYVs%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=58723
accept-ranges: bytes
cf-ray: 62031b69ed652b89-FRA
expires: Wed, 02 Feb 2022 13:45:47 GMT

GET
H2 200 f707db3ae6b3ca8fbbb8b5fa1602017d.jpg
i.pinimg.com/originals/f7/07/db/ 79 KB
80 KB 117ms
116ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/f7/07/db/f707db3ae6b3ca8fbbb8b5fa1602017d.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccd589c6f3c28f9ab95307472950b234952f43985cbcd75ced28d8f5ba06d42a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "bc33d1db3a3ba61c6260c0c86e04f7d8"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 106
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b69eaad0601-FRA
content-length: 81366
cf-request-id: 0835cf7630000006013e3b4000000001
server: cloudflare
origin-latency: 106

GET
H2 200 noimg.jpg
sudaneseonline.com/db/avatars/ 4 KB
4 KB 33ms
32ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/noimg.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0820fd80b014512cc0b2a2e97cca7347bc9c4bdccec8cfe6c145e4b8fef4b06b

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 94147
x-powered-by: PleskLin
content-disposition: inline; filename="noimg.webp"
content-length: 4062
cf-request-id: 0835cf763000002b894d88b000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BuheviiLfZE%2FjS0C1nyF64wIvno7Oh%2F9xyz31UlB%2FdW4mfIrlqyrxNYbtzdHnqVSHGZbxTw81RDaMtkZdqn3dwyAAto%2FAo%2B4TOIzo1dqVYSbi%2BaA5BSkLduJuyGZEY0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=37470
accept-ranges: bytes
cf-ray: 62031b69ed662b89-FRA
expires: Fri, 11 Feb 2022 00:59:40 GMT

GET
H2

200

4sudanews_jpg10.jpg_500x400_841775616.jpg
sudaneseonline.com/db/avatars/
Redirect Chain

https://www.sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg
https://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg

1 KB
2 KB

20ms
18ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b9b22ee5c44be56ed8d9915f66fdc68649e6b6280facfc5416dec407f8362f4c

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1886968
x-powered-by: PleskLin
content-disposition: inline; filename="4sudanews_jpg10.webp"
content-length: 1290
cf-request-id: 0835cf764700002b8971a4c000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XTRHl39xF6OwIllwTSnKDXe45zu2dWiyWQCCfTM1XM3A230Korgks8d%2BJFIjSvlYmBbRUc%2BBQeW2Fv3GZNG92PT%2BgND4dB6VAQaN8bjfwi0bZRBCX72trSrFypq1%2Bo4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=1852
accept-ranges: bytes
cf-ray: 62031b6a0d8c2b89-FRA
expires: Fri, 21 Jan 2022 06:59:19 GMT

Redirect headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 1183
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7CE%2B%2FQmfyD4FLhSAmbflLAaS4%2FmSqilnbdtyWHMXrK4%2FsMeH6WuQ3A3JIlqv%2FcJue0RwQ093eSAFyp908lmBVXvzOGiVHLnpZLV%2BE3voF88t8zv6%2FmuHFIkqL%2FwxVYiuicj%2B"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg
cache-control: max-age=172800
cf-ray: 62031b696ce12b89-FRA
cf-request-id: 0835cf75e400002b894d887000000001

GET
H2 200 nopic.jpg
sudaneseonline.com/db/avatars/ 2 KB
3 KB 12ms
11ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/nopic.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b0b47fbe08813f2964de03684b90df90615e5591820069441e26471cf176fc0f

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 29493
x-powered-by: PleskLin
content-disposition: inline; filename="nopic.webp"
content-length: 2442
cf-request-id: 0835cf761a00002b896a188000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eOCZMYfNX03O32f%2FGVNVeBhXqwF9ONbag8sJ1OMwJDOZx3cnJ9qpyxLpOVRcQcMJTyysRBzm8QDdxOo0zK2VtVNAiXjX4ogQEOFkdmjfu3ZLpoaGq8bXgE%2BzfiU6H9o%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=29041
accept-ranges: bytes
cf-ray: 62031b69cd402b89-FRA
expires: Fri, 11 Feb 2022 18:57:14 GMT

GET
H2 200 a036bc4ce9daeafaa9ee984673df40d7.jpg
i.pinimg.com/originals/a0/36/bc/ 25 KB
25 KB 116ms
114ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/a0/36/bc/a036bc4ce9daeafaa9ee984673df40d7.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c00666874404c226c8385dd9b2a6b09ec253613b8f1b6ea998dd4d1166a52e8

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "ce03d5158cf9bbb72119dfc57aff063a"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 105
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b69ca860601-FRA
content-length: 25529
cf-request-id: 0835cf761900000601f5919000000001
server: cloudflare
origin-latency: 105

GET
H2 200 _._____%20___%20______.jpg
sudaneseonline.com/db/avatars/ 37 KB
37 KB 13ms
11ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/_._____%20___%20______.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bed02c16941497047a8e371f87ae9e0a594757ab219d9d6c96ead426c82c4062

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2527771
x-powered-by: PleskLin
content-disposition: inline; filename="_.webp"
content-length: 37820
cf-request-id: 0835cf761a00002b8960847000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JIsLbFg1L5tt1pq78j%2BIORXToSoJuxkPwzWBlXBhYVnSb2SnWXh0TToXzMUEmBUmrdDwxkwpqcNyC7XU%2ByVcNsx%2F9Et%2FiYMTdxK4JK0TGTMltNG1MEU0ykOlTWCUZUQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=205611
accept-ranges: bytes
cf-ray: 62031b69cd422b89-FRA
expires: Thu, 13 Jan 2022 20:59:16 GMT

GET
H2

200

c4febb7d361abfef7763ccb68406db37.jpg
i.pinimg.com/originals/c4/fe/bb/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/originals/c4/fe/bb/c4febb7d361abfef7763ccb68406db37.jpg
https://i.pinimg.com/originals/c4/fe/bb/c4febb7d361abfef7763ccb68406db37.jpg

30 KB
30 KB

112ms
112ms

Image
image/jpeg

2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/c4/fe/bb/c4febb7d361abfef7763ccb68406db37.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd1665c06814cd2459affd4cc6aa2b48ac9229dee9bedfe1df7717056c9c732d

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "a6573d6cf4210ac7ecac873ed74c349b"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 102
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b6a1ad50601-FRA
content-length: 30512
cf-request-id: 0835cf764d00000601d932e000000001
server: cloudflare
origin-latency: 102

Redirect headers

date: Fri, 12 Feb 2021 03:08:47 GMT
x-cdn: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8
location: https://i.pinimg.com/originals/c4/fe/bb/c4febb7d361abfef7763ccb68406db37.jpg
cf-ray: 62031b69ca8b0601-FRA
content-length: 0
cf-request-id: 0835cf761b00000601cfa51000000001
server: cloudflare

GET
H2

200

Ayyoub_Othman_118876582.jpg
sudaneseonline.com/files/daily-writer/
Redirect Chain

https://www.sudaneseonline.com/files/daily-writer/Ayyoub_Othman_118876582.jpg
https://sudaneseonline.com/files/daily-writer/Ayyoub_Othman_118876582.jpg

10 KB
11 KB

13ms
13ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/Ayyoub_Othman_118876582.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 99f7ae47c31c2629f3a2f8e9bb6997048bfe040aea37580d39746c166b967185

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 8602
x-powered-by: PleskLin
content-disposition: inline; filename="Ayyoub_Othman_118876582.webp"
content-length: 10486
cf-request-id: 0835cf774a00002b893f93e000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J8FJlN4%2FSHlRe0DsByw7Y4UKuoxAcvoLHG1tZjcvuuQlXVgPRCm16vV%2FeJsy3L%2FEepslHMDK5LLmxoXmGGe6N%2BuoOvkwXeTyCR2tQFet3s9khPFukwKMlPTwvKuMKEA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=29137
accept-ranges: bytes
cf-ray: 62031b6baecf2b89-FRA
expires: Sat, 12 Feb 2022 00:45:25 GMT

Redirect headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=12Xm1mauPlmbul2hzHVpGliOXJSENkGynpcWixXOfXwXpYoJnV8KAciCmlCe05yJla7ddNdcRNt8U425RQhZ0iCe86P7EVYppuigTUGKFfoLU56HtXvCETb2e0Sv0h3bobnQ"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/files/daily-writer/Ayyoub_Othman_118876582.jpg
cache-control: max-age=172800
cf-ray: 62031b697ce72b89-FRA
cf-request-id: 0835cf75e900002b895f804000000001

GET
H2

200

80c3dce5efbc748d66aacdda6fe6996f.jpg
i.pinimg.com/736x/80/c3/dc/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/736x/80/c3/dc/80c3dce5efbc748d66aacdda6fe6996f.jpg
https://i.pinimg.com/736x/80/c3/dc/80c3dce5efbc748d66aacdda6fe6996f.jpg

64 KB
64 KB

127ms
112ms

Image
image/jpeg

2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/80/c3/dc/80c3dce5efbc748d66aacdda6fe6996f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4de7b51725d4bb70235fb155bc24eec9d215d5693a3b6f6774ac1d19bb2ca024

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "da3d9aefeb9eaff0ca2fef3947874296"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 103
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b6a3af40601-FRA
content-length: 65760
cf-request-id: 0835cf76600000060141325000000001
server: cloudflare
origin-latency: 103

Redirect headers

date: Fri, 12 Feb 2021 03:08:47 GMT
x-cdn: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8
location: https://i.pinimg.com/736x/80/c3/dc/80c3dce5efbc748d66aacdda6fe6996f.jpg
cf-ray: 62031b69ca8a0601-FRA
content-length: 0
cf-request-id: 0835cf761a000006013a283000000001
server: cloudflare

GET
H2

200

000nothing_476480549_754956420.jpg
sudaneseonline.com/db/avatars/
Redirect Chain

https://www.sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg
https://sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg

672 B
1 KB

14ms
13ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: eaafcf858dacd31ee94ea267b50975065796ba5aec12e2cc0d87d744e83a247f

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 80547
x-powered-by: PleskLin
content-disposition: inline; filename="000nothing_476480549_754956420.webp"
content-length: 672
cf-request-id: 0835cf764300002b8952046000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=21y%2BqcqLE%2BBZjMdGPohFZMG3EAbuqicznv6w%2F%2BYbEyF6AFJboAvjBFc1aduHv1Eb3AXL6PsNKiYFiCLvVeEYWiLRQw9HsB6XeISvM8C3TCLVTtzglbm6GCwWbD%2B0qlU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=1551
accept-ranges: bytes
cf-ray: 62031b6a0d842b89-FRA
expires: Fri, 11 Feb 2022 04:46:20 GMT

Redirect headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 163
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xw06mVzkGjGmq10bhHjxrUN7dgXVsTPn%2Fomdty%2FdXRHccrAJYYEGvNQn%2BZPwQQ8wlQ7L4IOz5yOfgYLCqHogk%2FTmkcg75lJC3Ti3H3JMS8bfgMWFU2SXrR4%2FWUoR3otHUaBm"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg
cache-control: max-age=172800
cf-ray: 62031b697ce82b89-FRA
cf-request-id: 0835cf75ea00002b896a184000000001

GET
H2

200

e26b7ebb6bdfa8fd1f2ccff54674a2ae.jpg
i.pinimg.com/originals/e2/6b/7e/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/originals/e2/6b/7e/e26b7ebb6bdfa8fd1f2ccff54674a2ae.jpg
https://i.pinimg.com/originals/e2/6b/7e/e26b7ebb6bdfa8fd1f2ccff54674a2ae.jpg

21 KB
21 KB

16ms
16ms

Image
image/jpeg

2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/e2/6b/7e/e26b7ebb6bdfa8fd1f2ccff54674a2ae.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4176501e296715eea36093ef15dd2774c199f2b2ec57231dc6a3425c3aee6d1

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "614bb5e6dfc93c9000bcde7ca567e973"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 6
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b6a8b650601-FRA
content-length: 21843
cf-request-id: 0835cf769300000601011b1000000001
server: cloudflare
origin-latency: 6

Redirect headers

date: Fri, 12 Feb 2021 03:08:47 GMT
x-cdn: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8
location: https://i.pinimg.com/originals/e2/6b/7e/e26b7ebb6bdfa8fd1f2ccff54674a2ae.jpg
cf-ray: 62031b69fac20601-FRA
content-length: 0
cf-request-id: 0835cf763f00000601c92e7000000001
server: cloudflare

GET
H2 200 e8537a2e674a901497443e1f544a2324.jpg
i.pinimg.com/originals/e8/53/7a/ 21 KB
21 KB 32ms
26ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/e8/53/7a/e8537a2e674a901497443e1f544a2324.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b96d52bbeaf4b1e8233c9f95a3c15219649eda5f59216c604241322f109f2c09

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "12de398acacc133965b44a8af8cb41e2"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 6
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b69fac30601-FRA
content-length: 21277
cf-request-id: 0835cf764000000601cabb7000000001
server: cloudflare
origin-latency: 6

GET
H2

200

hassan_elgizuli1_473596400.jpg
sudaneseonline.com/files/daily-writer/
Redirect Chain

https://www.sudaneseonline.com/files/daily-writer/hassan_elgizuli1_473596400.jpg
https://sudaneseonline.com/files/daily-writer/hassan_elgizuli1_473596400.jpg

7 KB
7 KB

17ms
15ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/hassan_elgizuli1_473596400.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2f834e8cc2f1b8a7d988b2c0ef58e0c10d2409856614f042bf93175c118aec62

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 714597
x-powered-by: PleskLin
content-disposition: inline; filename="hassan_elgizuli1_473596400.webp"
content-length: 7116
cf-request-id: 0835cf764600002b8919006000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ln1GF8bsUZPwwq5Rm%2F2IcWt%2Bj%2FGBg2QwtfTSxfm3CBOnjcCQVvoUnoCF%2BXhsiouC4NKr5CIbyN%2F5%2B99PN31qigIxzf4HaivvGnmsyhU9YexddYQQgSNUnlAzh%2Bt0Y3g%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=22834
accept-ranges: bytes
cf-ray: 62031b6a0d8e2b89-FRA
expires: Thu, 03 Feb 2022 20:38:50 GMT

Redirect headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 1182
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CPWcEsTmPNPIzvDNv7iwgFB3Zx75qrawgyK%2FY%2BUsh1l4qqrnF%2BjynqaEdHZr9awSXa%2B6LjZ%2BGaErWibKpfk%2BMqB9PQDKO136VqOJGO1mo2BYr4IGZ6YphOWId65pFa6w0Ncn"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/files/daily-writer/hassan_elgizuli1_473596400.jpg
cache-control: max-age=172800
cf-ray: 62031b697cec2b89-FRA
cf-request-id: 0835cf75ec00002b895628a000000001

GET
H2

200

abdalla_algam1_968465557.jpg
sudaneseonline.com/files/daily-writer/
Redirect Chain

https://www.sudaneseonline.com/files/daily-writer/abdalla_algam1_968465557.jpg
https://sudaneseonline.com/files/daily-writer/abdalla_algam1_968465557.jpg

10 KB
11 KB

17ms
15ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/abdalla_algam1_968465557.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 21d4194937eaa3a9df8dfeee6bb7de53348afc248257b400f36a2e2a670317a9

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 35674
x-powered-by: PleskLin
content-disposition: inline; filename="abdalla_algam1_968465557.webp"
content-length: 10650
cf-request-id: 0835cf764500002b894ab5c000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NvdVJxOz2LHooqB%2FSvySy%2FVSJ1jerwqTFd9gVTTZ8fQbjCOrVTA%2F201qrCwIrWkUZhC0CUeK5VHXm7W8oEcMIRbjSLsDklDBERWpMzxf4yA0hNXAOZOFUdHRVBv2Mxg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=15076
accept-ranges: bytes
cf-ray: 62031b6a0d882b89-FRA
expires: Fri, 11 Feb 2022 17:14:13 GMT

Redirect headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 1182
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wA3ja2idkb3het2ed6YJigcSMupMifi6Y6MOsodm4OSk56rVfxaIogB5glQtGtiE7y0vsSHqjesKQKhrIh62GuZ6tWaBWLVfbi%2BdvanbQthC9Qp6Z1hsEDwctlt91kFrlU8F"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/files/daily-writer/abdalla_algam1_968465557.jpg
cache-control: max-age=172800
cf-ray: 62031b697ced2b89-FRA
cf-request-id: 0835cf75ea00002b8943887000000001

GET
H2 200 Shihab_Taha1_313488691.jpg
sudaneseonline.com/files/daily-writer/ 8 KB
8 KB 20ms
15ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/Shihab_Taha1_313488691.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b40dd3fbad1ba3e77403799bbb95c196391a8c5682a6a7209c5b64c9ff4042e9

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 42487
x-powered-by: PleskLin
content-disposition: inline; filename="Shihab_Taha1_313488691.webp"
content-length: 7772
cf-request-id: 0835cf764000002b892280f000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Zj2Y%2BqCd0Yb9UeM2qe7%2B4x4fx92a%2Fd1wnYP767nsy73Fb2g8c3NWCQIhszRJkLcA13lgfmrr9U7ltVYpI1AkWpkuvcSA0jIpSuPbHEmGa8bgNaU7YiZ1vOpTPYwaRpk%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=24045
accept-ranges: bytes
cf-ray: 62031b6a0d7f2b89-FRA
expires: Fri, 11 Feb 2022 15:20:40 GMT

GET
H2

200

______________________618378484.jpg
sudaneseonline.com/files/
Redirect Chain

https://www.sudaneseonline.com/files/______________________618378484.jpg
https://sudaneseonline.com/files/______________________618378484.jpg

1 KB
2 KB

18ms
15ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/______________________618378484.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 99e7cbcf84d9e9c4767ef0dca3402b9de917df19133ceb284a0f0f3a4057e2cd

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 43740
x-powered-by: PleskLin
content-disposition: inline; filename="______________________618378484.webp"
content-length: 1478
cf-request-id: 0835cf764500002b890c28c000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Xb14aL4WlMDsuNvOJOFsnLWdCMUuGgrncEWfgUVZ8%2FK9dt8TMkuWZgNBZZLuiyTcFsbMhF5cb%2BLvNmaEjSqit9%2Ftre3OYq5rce9Nj9%2Bp%2FlIj9skpZY5Y4c7sd2pRqfY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=2293
accept-ranges: bytes
cf-ray: 62031b6a0d892b89-FRA
expires: Fri, 11 Feb 2022 14:59:47 GMT

Redirect headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 1182
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JxHys57lGLZtbPiwvuMCFmnfMc1sx%2FruNoPInMBSKhh8SK92qbBHUGNtbkyVRb3lN00XiAdm%2By4Ami%2BlFhTLFwIe5s6warTHmmeiN2bEwqXDsnWohwAi31lgOxNbTNyvtwsc"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/files/______________________618378484.jpg
cache-control: max-age=172800
cf-ray: 62031b697cef2b89-FRA
cf-request-id: 0835cf75ea00002b896c079000000001

GET
H2 200 e9142f03cc21a815705b63f4fbe84fc5.jpg
i.pinimg.com/originals/e9/14/2f/ 42 KB
43 KB 115ms
111ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/e9/14/2f/e9142f03cc21a815705b63f4fbe84fc5.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43a82cf4ba9728c892351f12c170230555c0fb58162b414c88e4cdf0b69f8aed

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "575a6d8332aea787ee5433a979d8e51e"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 100
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b69fac40601-FRA
content-length: 43390
cf-request-id: 0835cf76400000060134ad6000000001
server: cloudflare
origin-latency: 100

GET
H2 200 MY-PHOTO.jpg
i.postimg.cc/j5VBw98q/ 10 KB
11 KB 118ms
37ms Image
image/jpeg 51.91.224.95
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/j5VBw98q/MY-PHOTO.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.91.224.95 , France, ASN16276 (OVH, FR),
Reverse DNS: i.postimg.cc
Software: nginx /
Resource Hash: 1c4f1a9488c3f6301aae3a559e40d8155d6a3dd59b8931212193647d6d715033

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
last-modified: Mon, 03 Jun 2019 13:57:14 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 10625
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ea3bdae2c4f44d961ce2b2e7d2d79275.jpg
i.pinimg.com/originals/ea/3b/da/ 109 KB
110 KB 22ms
18ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/ea/3b/da/ea3bdae2c4f44d961ce2b2e7d2d79275.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 872cad15a49ec8b35cb03fa1164dcfc589d7f77cde5b0511edacc61d7b9dca80

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "6ee67a66ecffdf5325922519c6e82827"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 5
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b6a0ac50601-FRA
content-length: 112071
cf-request-id: 0835cf7640000006013d013000000001
server: cloudflare
origin-latency: 5

GET
H2

200

45a44ba5f3b5e97ed55d9965fa5f813c.jpg
i.pinimg.com/736x/45/a4/4b/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/736x/45/a4/4b/45a44ba5f3b5e97ed55d9965fa5f813c.jpg
https://i.pinimg.com/736x/45/a4/4b/45a44ba5f3b5e97ed55d9965fa5f813c.jpg

69 KB
70 KB

18ms
18ms

Image
image/jpeg

2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/45/a4/4b/45a44ba5f3b5e97ed55d9965fa5f813c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 145b3cf099e9fbd456a398279cfdb784c81d5ff42c7296081076d84e2391493a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "5d19f6c19631173e741ab9dbd43f3b66"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 8
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b6a8b6c0601-FRA
content-length: 71001
cf-request-id: 0835cf769400000601f9044000000001
server: cloudflare
origin-latency: 8

Redirect headers

date: Fri, 12 Feb 2021 03:08:47 GMT
x-cdn: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8
location: https://i.pinimg.com/736x/45/a4/4b/45a44ba5f3b5e97ed55d9965fa5f813c.jpg
cf-ray: 62031b6a0ac60601-FRA
content-length: 0
cf-request-id: 0835cf7640000006011fb8b000000001
server: cloudflare

GET
H2

200

binmair.jpg
sudaneseonline.com/uploadpic14/mar/
Redirect Chain

https://www.sudaneseonline.com/uploadpic14/mar/binmair.jpg
https://sudaneseonline.com/uploadpic14/mar/binmair.jpg

8 KB
8 KB

15ms
13ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic14/mar/binmair.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d15962872cf36fd3b67f2aee96acabadf04b452b1c5e52fb492d06349b81f0ec

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 53864
x-powered-by: PleskLin
content-disposition: inline; filename="binmair.webp"
content-length: 8030
cf-request-id: 0835cf764400002b8919aa7000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dD5TYoMFIBSlnbeKg4GRCt3ySLvzBIPXYbnQua9yhBlQtq2lO%2F2vMcYn0LeuSMoXhVes9gzri%2BO5AwId%2FpO8xArFIlcKnDzywnv8CGNc8udB3yCdbx0zN8%2F5DxAW9CA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=32290
accept-ranges: bytes
cf-ray: 62031b6a0d872b89-FRA
expires: Fri, 11 Feb 2022 12:11:03 GMT

Redirect headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 1182
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=riuZVzU88q7XExalFkXGjhR8C4%2B0MeSuxv1iPTzwDWbbwwpVCz71IDLW5HpSTLJHt3KP%2FZMAxzx%2F9kA6j88nVUDrZ3Fz8IuCHzspyEVjKC%2BKnuw0CU%2BzYttUCR1Im9uUzCn%2B"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic14/mar/binmair.jpg
cache-control: max-age=172800
cf-ray: 62031b697cf02b89-FRA
cf-request-id: 0835cf75eb00002b8939a8b000000001

GET
H2

200

4db1b7dfdbb2c09a3cb35c13008c7315.jpg
i.pinimg.com/originals/4d/b1/b7/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/originals/4d/b1/b7/4db1b7dfdbb2c09a3cb35c13008c7315.jpg
https://i.pinimg.com/originals/4d/b1/b7/4db1b7dfdbb2c09a3cb35c13008c7315.jpg

8 KB
8 KB

114ms
114ms

Image
image/jpeg

2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/4d/b1/b7/4db1b7dfdbb2c09a3cb35c13008c7315.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a79673f3b08f477f58c30d902ef57f5d5d7aadf7661ca639fd417d80498666a2

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "ec6fd053c617be1c539f9ff334b8d137"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 101
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b6abb9b0601-FRA
content-length: 8480
cf-request-id: 0835cf76b400000601e31e7000000001
server: cloudflare
origin-latency: 101

Redirect headers

date: Fri, 12 Feb 2021 03:08:47 GMT
x-cdn: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8
location: https://i.pinimg.com/originals/4d/b1/b7/4db1b7dfdbb2c09a3cb35c13008c7315.jpg
cf-ray: 62031b6a3af70601-FRA
content-length: 0
cf-request-id: 0835cf766200000601dcb2e000000001
server: cloudflare

GET
H2 200 7b6d3b362a37dc4f9fd418db42cfef54.jpg
i.pinimg.com/originals/7b/6d/3b/ 52 KB
53 KB 29ms
14ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/7b/6d/3b/7b6d3b362a37dc4f9fd418db42cfef54.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dad400480ed910066d05fde9e1a0f1525d78d3d37f3321571af05672075bf41e

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "51844701a9cf7583682c3ad994628cd3"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 4
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b6a3af80601-FRA
content-length: 53758
cf-request-id: 0835cf766300000601e5b27000000001
server: cloudflare
origin-latency: 4

GET
H2

200

d6f3c45031f7b6a5b1e38579d337792b.jpg
i.pinimg.com/originals/d6/f3/c4/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/originals/d6/f3/c4/d6f3c45031f7b6a5b1e38579d337792b.jpg
https://i.pinimg.com/originals/d6/f3/c4/d6f3c45031f7b6a5b1e38579d337792b.jpg

72 KB
72 KB

15ms
15ms

Image
image/jpeg

2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/d6/f3/c4/d6f3c45031f7b6a5b1e38579d337792b.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5991903bf492d7e775911f7d1c5d8625c57dc82a6cd99e0f7b5a6691215f7ba4

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "d6f3c45031f7b6a5b1e38579d337792b"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 6
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b6abb9d0601-FRA
content-length: 73523
cf-request-id: 0835cf76b400000601cfa58000000001
server: cloudflare
origin-latency: 6

Redirect headers

date: Fri, 12 Feb 2021 03:08:47 GMT
x-cdn: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8
location: https://i.pinimg.com/originals/d6/f3/c4/d6f3c45031f7b6a5b1e38579d337792b.jpg
cf-ray: 62031b6a3afa0601-FRA
content-length: 0
cf-request-id: 0835cf766300000601fa86e000000001
server: cloudflare

GET
H2

200

drawings_images__1__710491940.jpeg
sudaneseonline.com/db/avatars/
Redirect Chain

https://www.sudaneseonline.com/db/avatars/drawings_images__1__710491940.jpeg
https://sudaneseonline.com/db/avatars/drawings_images__1__710491940.jpeg

2 KB
3 KB

25ms
23ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/drawings_images__1__710491940.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: eb77c1e984c822e951f8e7aacc8cb4007d0ab0aa0dcc4455f1dee2293ac5b9f0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 243573
x-powered-by: PleskLin
content-disposition: inline; filename="drawings_images__1__710491940.webp"
content-length: 2378
cf-request-id: 0835cf764500002b8949198000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XQWj%2F06EjfAtnhCW9WCMd83g%2FHIXR2hEEFhSQtg%2FPGyvWBdidvfQc4LHFCeGduf1m2ytazTqnCWv7RGs76xGhwL9iUp4M5pu4jy6yhm0BfNKpbeMnXpxT4CFFkgO5XQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=2889
accept-ranges: bytes
cf-ray: 62031b6a0d8a2b89-FRA
expires: Wed, 09 Feb 2022 07:29:14 GMT

Redirect headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 1182
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SqrmAbc70IHzjiaYJmX0Ab9a6cd8RnpubnDh9X83yygJpUFwqP3jnH4431Om2CMmzdQ3lwlgIxOc2tQvTlL7chFU%2BOqGcL3ZexWuI9SSMIiMX%2BZrAtdH52l2sSuZifJxif7P"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/db/avatars/drawings_images__1__710491940.jpeg
cache-control: max-age=172800
cf-ray: 62031b697cf12b89-FRA
cf-request-id: 0835cf75eb00002b893b34b000000001

GET
H2 200 0b806f617a61c419960bc1358a35d881.jpg
i.pinimg.com/originals/0b/80/6f/ 37 KB
37 KB 128ms
113ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/0b/80/6f/0b806f617a61c419960bc1358a35d881.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 772029ffddff8892ab9484f7ac91a8a9d7e12d1edef3390dc336054184c880d3

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "bc18dcfbeecae83eedc2426466e8d3af"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 102
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b6a3afc0601-FRA
content-length: 37565
cf-request-id: 0835cf76630000060107853000000001
server: cloudflare
origin-latency: 102

GET
H2 200 nuraldin_Madani_618166527.jpg
sudaneseonline.com/files/daily-writer/ 11 KB
12 KB 16ms
11ms Image
image/jpeg 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/nuraldin_Madani_618166527.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0b8f2c815b29a22692ff010e8185dabd533fd50b99222fed22917577a26aac02

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 80640
x-powered-by: PleskLin
content-length: 11550
cf-request-id: 0835cf766300002b8971a4d000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B11RhhTurslYDODC201fRdr5ga1Crc3eqllcLfsfzl%2FL9z%2F8eyJkbfIb%2Fd99u%2BOlylp4Yuvwd%2Fs4taQoePSp99U4ozBDyMwYyAtrzzssHmMEXGDVP1hYFCnQaZi6MfY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-polished: degrade=85, origSize=15710, status=webp_bigger
accept-ranges: bytes
cf-ray: 62031b6a3dbb2b89-FRA
expires: Fri, 11 Feb 2022 04:44:47 GMT

GET
H2

200

24ed5273d5f5f474866c74596e2aba8a.jpg
i.pinimg.com/originals/24/ed/52/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/originals/24/ed/52/24ed5273d5f5f474866c74596e2aba8a.jpg
https://i.pinimg.com/originals/24/ed/52/24ed5273d5f5f474866c74596e2aba8a.jpg

103 KB
104 KB

41ms
37ms

Image
image/jpeg

2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/24/ed/52/24ed5273d5f5f474866c74596e2aba8a.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f33e0efa1e11e567c817cc2e3ec472592f112140d58ebb773d28b1e1a64b7e0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "d85e1b24a260e31d5eeff639ade32f8f"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 8
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b6b3bef0601-FRA
content-length: 105871
cf-request-id: 0835cf770700000601d0bd0000000001
server: cloudflare
origin-latency: 8

Redirect headers

date: Fri, 12 Feb 2021 03:08:47 GMT
x-cdn: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8
location: https://i.pinimg.com/originals/24/ed/52/24ed5273d5f5f474866c74596e2aba8a.jpg
cf-ray: 62031b6aab850601-FRA
content-length: 0
cf-request-id: 0835cf76a500000601dbb1b000000001
server: cloudflare

GET
H2

200

dr.mahmoudasuleiman.jpg
sudaneseonline.com/uploadpic14/mar/
Redirect Chain

https://www.sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg
https://sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg

7 KB
8 KB

23ms
21ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2961b3db2b46da7335a7b966b4503e9c698b31721b54d65ce1b93c5662447624

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 124087
x-powered-by: PleskLin
content-disposition: inline; filename="dr.webp"
content-length: 7212
cf-request-id: 0835cf764900002b890c8b9000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kZDvxM9hNMJUUGQ2Vw85gpQQ9RJI7RiZHVKzTQ4366DfUPB%2B1s1RF6knPNaPLgv2mBgdVo9f7osGPHTNl%2BxqXD97d5szSiETDY0RtdvEBtfuzVH4ib7HCxc7%2FMUnYa4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=17935
accept-ranges: bytes
cf-ray: 62031b6a0d932b89-FRA
expires: Thu, 10 Feb 2022 16:40:40 GMT

Redirect headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 679
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B%2Bh649k9tjf%2BSS7wUTIVyPTDOzTH%2F9D4DIPJ8W%2F8al66RbvGtici7XRvKwG4nFuvtwQhS%2FXhasq8VTaN7Cymi7wdz4pPFuMOpQ1rEHYe6SDCMEcjDPsCgr5GjDCqNZ949OwT"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg
cache-control: max-age=172800
cf-ray: 62031b697cf62b89-FRA
cf-request-id: 0835cf75ee00002b891c34f000000001

GET
H2 200 8207d2559f1099a95f1fc9bd10e4826b.jpg
i.pinimg.com/originals/82/07/d2/ 329 KB
330 KB 133ms
127ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/82/07/d2/8207d2559f1099a95f1fc9bd10e4826b.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d536ac86bd42f483358b267bc5daf5cd150bb8c774c37b3b3c66b5d7dc6f0342

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "a12f3b09f8fa9d8302b29cdeba3298cb"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 114
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b6a3afe0601-FRA
content-length: 337393
cf-request-id: 0835cf766300000601dbb18000000001
server: cloudflare
origin-latency: 114

GET
H2

200

idris1.jpg
sudaneseonline.com/uploadpic14/mar/
Redirect Chain

https://www.sudaneseonline.com/uploadpic14/mar/idris1.jpg
https://sudaneseonline.com/uploadpic14/mar/idris1.jpg

18 KB
18 KB

24ms
22ms

Image
image/jpeg

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic14/mar/idris1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b985c9d61d3616f8cb9ae78e1658946c7f395b30d86c18af9e8f4acd137592c8

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 417149
x-powered-by: PleskLin
content-length: 18317
cf-request-id: 0835cf764700002b890fb13000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9Y7DXYIwYrmfDT99Q6EEhIDU9NmcBwzfx4PV%2F0q50bNGC98plZleSLmlWI6SJERQ1CPYfwpLNenETK56PQWeOiHZ%2FPzQ5X4VrwmOCBCz8ADqir6gspSqvneC67tmHEY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-polished: origSize=19094, status=webp_bigger
accept-ranges: bytes
cf-ray: 62031b6a0d952b89-FRA
expires: Mon, 07 Feb 2022 07:16:18 GMT

Redirect headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 1182
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A5kzn2LK6w4m84VvyCdVxCrAqPCdMbR0Hj1c2Vkri5q2zn1nwr8FkadsuMxQjnARSXHuKhvfpl%2FlMm%2BcnSTP%2Bs%2B5ocj0WkvhNiOVnQcZX4UAv7y4T4tLwbdd5eTWgeH3n%2Bx6"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic14/mar/idris1.jpg
cache-control: max-age=172800
cf-ray: 62031b697cf72b89-FRA
cf-request-id: 0835cf75ef00002b891c350000000001

GET
H2 200 6049937f1e9542bb11fe778f28786d39.jpg
i.pinimg.com/originals/60/49/93/ 17 KB
17 KB 21ms
16ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/60/49/93/6049937f1e9542bb11fe778f28786d39.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b18ed6ca4c98d8ef4e32f9bc82778ee7f52d3d645acff62107d7ead99036a3de

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "85de7027e49c3f3d67b7f871e9f5e630"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 4
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b6a3aff0601-FRA
content-length: 17284
cf-request-id: 0835cf766300000601e20ca000000001
server: cloudflare
origin-latency: 4

GET
H2

200

Salim_Dekin_948126226.jpg
sudaneseonline.com/files/daily-writer/
Redirect Chain

https://www.sudaneseonline.com/files/daily-writer/Salim_Dekin_948126226.jpg
https://sudaneseonline.com/files/daily-writer/Salim_Dekin_948126226.jpg

8 KB
8 KB

17ms
15ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/Salim_Dekin_948126226.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a153f3819c758754117e2a2c953c2003ecf1bc55ef9c8d0db6ba8969215ce1c6

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 709822
x-powered-by: PleskLin
content-disposition: inline; filename="Salim_Dekin_948126226.webp"
content-length: 7760
cf-request-id: 0835cf764600002b897f129000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p8i5jax6uW5JMmN591DKot1w4zBmov2amWPBQ0LVE9hvXhAIz0ZB6wHWlydJczpArbhOB6riVLgY7T%2FwTUONjVztcpL%2Fja%2BMfbcmH4pEVItYVEz%2B8BeWqIdmkKCZzfw%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=23898
accept-ranges: bytes
cf-ray: 62031b6a0d942b89-FRA
expires: Thu, 03 Feb 2022 21:58:25 GMT

Redirect headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 1182
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VD6nSyqZIJo74ONenKdiMuzg9VCnv8M3kwH3kJGdSUv9OD5WmB3ONtwQDBdzawO6Fskbd2zEb2wIgGsprPSMJrDk1eDO2xy92NH3s4VX7WsWneaxowW1pmgJKMSzuhq6Q5tl"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/files/daily-writer/Salim_Dekin_948126226.jpg
cache-control: max-age=172800
cf-ray: 62031b697cf92b89-FRA
cf-request-id: 0835cf75f000002b89489b6000000001

GET
H2 200 1bfe522ed5ae55dd4611a81eb230989e.png
i.pinimg.com/originals/1b/fe/52/ 202 KB
202 KB 124ms
119ms Image
image/png 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/1b/fe/52/1bfe522ed5ae55dd4611a81eb230989e.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8f6622cfbd9872f2fd15939125bf8c707180c7a1f3b885a0710eb0ac6cb18fd

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "163ff35b33678da78d85d1f8d4ecf0d2"
x-cdn: cloudflare
edge-start: 107
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b6a3b000601-FRA
content-length: 206836
cf-request-id: 0835cf766400000601e7949000000001
server: cloudflare
origin-latency: 107

GET
H2 200 karti.jpg
sudaneseonline.com/uploadpic16/may/ 12 KB
12 KB 20ms
15ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic16/may/karti.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5a9fd7b21dc6a10ecd891500b275827227ded1bc4da401d19806c1c432c6d2d5

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 513730
x-powered-by: PleskLin
content-disposition: inline; filename="karti.webp"
content-length: 12062
cf-request-id: 0835cf766300002b8962849000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FIjEd%2F4gj%2BzKfXKmwqCVLibs3hLdOKwL8tLnPZSTYs%2B1kMbkhq4kYOhpak4%2BKeEa0cS09Wv8MtRqp98pyv2yafFekCpANSQovWGgps2CimroTR8tUhKHMmbJkQa%2FfRw%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=55773
accept-ranges: bytes
cf-ray: 62031b6a3dbc2b89-FRA
expires: Sun, 06 Feb 2022 04:26:37 GMT

GET
H2 200 7cd63ddcc9cb27bb4a82277fa21ec192.jpg
i.pinimg.com/originals/7c/d6/3d/ 15 KB
15 KB 106ms
104ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/7c/d6/3d/7cd63ddcc9cb27bb4a82277fa21ec192.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7359ac53adc88dae2f28ff7a0e9156dcb2d088c6b434d0c2946e9c5ec7a1dce

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "00f6850a5b04d6b300c84c9ebcfe669d"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 94
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b6a4b130601-FRA
content-length: 15460
cf-request-id: 0835cf766f00000601f9041000000001
server: cloudflare
origin-latency: 94

GET
H2 200 764677a60bdfbdc24d361db3d7dec9df.jpg
i.pinimg.com/originals/76/46/77/ 399 KB
399 KB 109ms
108ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/76/46/77/764677a60bdfbdc24d361db3d7dec9df.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 733a90c78ebe6072cb5bff90bf028b9cba6e50d0570686265a30589570edb925

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "4b959f8e8b2412020e29ce9d74889856"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 96
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b6a4b150601-FRA
content-length: 408328
cf-request-id: 0835cf766f000006013a286000000001
server: cloudflare
origin-latency: 96

GET
H2 200 00Latest_News_808188640.jpg
sudaneseonline.com/english/files/ 10 KB
11 KB 12ms
10ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/english/files/00Latest_News_808188640.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a2c0e0a1bf8b3c57bd4825c24dbea2cb72bb0bf3127fc88970a982e5d7d6eebb

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 250332
x-powered-by: PleskLin
content-disposition: inline; filename="00Latest_News_808188640.webp"
content-length: 10702
cf-request-id: 0835cf767000002b895628e000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C69CdSAsZFRx4M8ZdiqUqAAww5eo0Ay6NGU7J3hrffrmrTyxc8R8BeBvFHrKHXMcRbh%2F5z%2BxlyJXyHCF8D5bM6JbN3nZK%2F1OLIqdnHFjecl5qx7Dn7WzmDt1hdXgxYY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=17618
accept-ranges: bytes
cf-ray: 62031b6a4dce2b89-FRA
expires: Wed, 09 Feb 2022 05:36:35 GMT

GET
H2

200

1nur_131441372.jpg
sudaneseonline.com/english/files/cover/
Redirect Chain

https://www.sudaneseonline.com/english/files/cover/1nur_131441372.jpg
https://sudaneseonline.com/english/files/cover/1nur_131441372.jpg

12 KB
12 KB

16ms
15ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/english/files/cover/1nur_131441372.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 06b683609a410f8c005dd4b27a0a660b5304d31b0e5614b95ea3ae02cd1b8072

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 707031
x-powered-by: PleskLin
content-disposition: inline; filename="1nur_131441372.webp"
content-length: 12164
cf-request-id: 0835cf764700002b8950080000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qJ9%2FEcIGhDIfd4o%2BHyysMZ496djiwgAB9pqPm2kMer1Lxdw10MsddW8Smd%2B6xVrjRS7IIVO3ZyJC79iQDIEGaKdT2VAKp%2BiCczv%2FALCAFPcWkyDJ0GSciiI2l46tQTU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=35440
accept-ranges: bytes
cf-ray: 62031b6a0d972b89-FRA
expires: Thu, 03 Feb 2022 22:44:56 GMT

Redirect headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 681
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RWjYofsHtROyWgB7rsZ5sFhGMafD5N1OkUGuFWx0dWi4Cl%2B7GAA6UCiZo2Aya2CXbQ7S%2BPgXjiVPOAIF5h%2BDX36qKpqwzrstjoHWbtfhu7p%2F7574PrJ0hkDQh2p4R%2BOSxmEb"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/english/files/cover/1nur_131441372.jpg
cache-control: max-age=172800
cf-ray: 62031b698d0d2b89-FRA
cf-request-id: 0835cf75f800002b894d889000000001

GET
H2

200

ICC-Logo.jpg
sudaneseonline.com/uploadpic14/nov/
Redirect Chain

https://www.sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg
https://sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg

18 KB
18 KB

19ms
18ms

Image
image/webp

2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8d3d5252c5c8636e3a85a58e8a925714c7cb17c8da2563ed39d2824d33833993

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 92965
x-powered-by: PleskLin
content-disposition: inline; filename="ICC-Logo.webp"
content-length: 18476
cf-request-id: 0835cf764700002b893f935000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ex5wzjSdqusPEkRipSwshghuSFCY3VB6cP%2BBeITVDNfQzW3ZJv7bDg6%2B1Hc%2Fs1gDgxD3W66EXmhcrXdXpndsOIM01v%2F518M3Vl3jfLH0cTmAjZ7lVBa5VGOkNZAxMrM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=32696
accept-ranges: bytes
cf-ray: 62031b6a0d962b89-FRA
expires: Fri, 11 Feb 2022 01:19:22 GMT

Redirect headers

date: Fri, 12 Feb 2021 03:08:46 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 1183
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O1Idew09cetIp7aQoss2P6BASWM1kpypziU5R3GiM%2BMlN%2B98dpvAOlmBTRGurILmKx3zSbrWN0xuEpujcPHMoUm%2FPNO59lFyRyNmKzOC3veA%2Fz%2BCt5t%2FsNneOHVaKH9Q%2B1Jv"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg
cache-control: max-age=172800
cf-ray: 62031b698d102b89-FRA
cf-request-id: 0835cf75f900002b893f932000000001

GET
H2

200

766efe683cde3ebb0b9b5cbc7b3fed71.jpg
i.pinimg.com/564x/76/6e/fe/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg
https://i.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg

12 KB
12 KB

116ms
112ms

Image
image/jpeg

2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34bf4ec3eca0adc00a246b829f90f947845d914d89cfa0a0d6de663628449a67

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
etag: "0d941b7ba11d2da3dba6ca4aaaab872d"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 101
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 62031b6b3bf10601-FRA
content-length: 11878
cf-request-id: 0835cf77070000060104914000000001
server: cloudflare
origin-latency: 101

Redirect headers

date: Fri, 12 Feb 2021 03:08:47 GMT
x-cdn: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8
location: https://i.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg
cf-ray: 62031b6aab880601-FRA
content-length: 0
cf-request-id: 0835cf76a800000601de9c0000000001
server: cloudflare

GET
H2 200 00Press_Releases_743165196.jpg
sudaneseonline.com/english/files/ 12 KB
12 KB 12ms
11ms Image
image/webp 2606:4700:20::ac43:4b3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/english/files/00Press_Releases_743165196.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c1005580aa64ecc161e55963e34a2a829a95a3446b9ab0a66d2b51d35413f203

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 626869
x-powered-by: PleskLin
content-disposition: inline; filename="00Press_Releases_743165196.webp"
content-length: 12100
cf-request-id: 0835cf767000002b890d30f000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZJF8tkoIxoA%2B7BgrUeHByiIXHkJEkgYleRGHBLlerafEWdGNVFxVIl0d4z4Jhsq%2Bn5BNPgBOMM4JPAi88vTTyMPSmrS2%2F4fwGrk%2BcCyPHTNTypoCm4zAtcA7UCWPg1k%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=18775
accept-ranges: bytes
cf-ray: 62031b6a4dcf2b89-FRA
expires: Fri, 04 Feb 2022 21:00:57 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 14EB 0
0 49ms
45ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAu9APvElYNSXJa_Z-gaH-4KgBvCN86FhwJLYi-IMsd_xnf0bEAEgioHAA2CVAqABzJmd-ALIAQmpAhTWcA3CWrQ-qAMByANIqgTDAU_Q4XZvYiYi7qSFXDJN_OwyMZKVqDr7pfsElGmwgFruYikGt1PkghQpblwyt-rUgwEoSi87yLBouMX0QZ5l_cUaUP5D9pTL6oXhZDCFev4B_ANJ0PUGE7VhDtY1DP9Waqdmx8goC_IU2MrR42wE7gYMmBd9MDDHnqrc9fLu8iqX63i6W1-0ibSsockesuWvTvY28G9_dxO33eCMzwSq19R12XxJzpdfqJhbH8TzL1y93vTjpwe3j2b47wVn8KLdQyUIDcAEv7S_26IDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7PEmpgBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELzrCdIICQiA4YAQEAEYH4AKAcgLAdgTDYgUArIXGgoYCAASFHB1Yi05ODYyNjY1MTY5ODMzNTg2&sigh=v6qp2f22LJk&template_id=419&tpd=AGWhJmvfB7CV8j4GXefSKY5vB7JuFinKP5wisETDySTSVcq2gQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1613099326&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326440&bpp=3&bdt=208&idt=132&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=579&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OnrDWJSVsf&p=https%3A//sudaneseonline.com&dtd=138
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 12 Feb 2021 03:08:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Feb 2021 03:08:47 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 065A 143 B
216 B 12ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1613099326&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326440&bpp=3&bdt=208&idt=132&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=579&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OnrDWJSVsf&p=https%3A//sudaneseonline.com&dtd=138
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1613099326&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326440&bpp=3&bdt=208&idt=132&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=579&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OnrDWJSVsf&p=https%3A//sudaneseonline.com&dtd=138

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 12 Feb 2021 02:23:05 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2742
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 14EB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8959174b12db9a56208784f4b48d715326bb18cfaaa133378446515cbf6662b3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 6D10 180 KB
51 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 573586
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Fri, 05 Feb 2021 11:49:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Feb 2022 11:49:01 GMT

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C397 42 B
131 B 48ms
44ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A8xEU3h62vXxKTu3DYj4VEvTSzBOAoJSjVm3W7ZOKI_2nwbhOHPbm4Vbe7Koi68WsHv7mcKnppx2BBiQJXSJebwdN4X-pww5ljHCLaFvyOps7LzzE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 03:08:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame C397 3 KB
2 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 01:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 01:41:41 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C397 107 KB
33 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Fri, 12 Feb 2021 03:08:47 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame C397 14 KB
6 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 01:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 01:50:31 GMT

GET
H3-Q050 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BCD6 286 B
310 B 31ms
30ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-8yQIQ78_RAhiPvemXATAB&v=APEucNUYRp1oTqXGD5puejz-M8oqmy5Iq5WcTasr8hE-sFPNdsyIF7lNgvOn5gbHtZ5h7fUk4m9ieQVqUVrfDQb-giTgeUll-YZ-GDj7hx-WeVCwM_XZgH71xGeFu9_cxBQJ0W0kaGaB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8968c474def847cbb78da5635e03dffc060c826a0b2b9fdc5981359859cd4874

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CI-8yQIQ78_RAhiPvemXATAB&v=APEucNUYRp1oTqXGD5puejz-M8oqmy5Iq5WcTasr8hE-sFPNdsyIF7lNgvOn5gbHtZ5h7fUk4m9ieQVqUVrfDQb-giTgeUll-YZ-GDj7hx-WeVCwM_XZgH71xGeFu9_cxBQJ0W0kaGaB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcQW9tEOjAJcUtQU83RTQCFZ0qAqLbHavPuf0rZ9A30UnNWoYHTVqjYsjeYqk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 12 Feb 2021 03:08:47 GMT
server: cafe
cache-control: private
content-length: 151
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210208/r20110914/ Frame C397 18 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210208/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bbf21d644eb606c170f9b814332ded340aeb17e70b94af6d4816a146ae8342a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 23:52:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11800
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 13709262462862093242
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Feb 2021 23:52:07 GMT

GET
H3-Q050 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210208/r20110914/elements/html/ Frame C397 5 KB
2 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210208/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d40e445084a94c08c165cf83b0b538d97729c72b41d21a4cf2bb11c9185b64e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 21:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2207
x-xss-protection: 0
server: cafe
etag: 615008709056058855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Feb 2021 21:31:59 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C397 0
730 B 153ms
76ms Other
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvpLFP60CImo9hJTut5uS4wrLmbbEj587gspm9rsSwBoSly00UyQ-_ovbpIeCuQhPaAa4i6rhkac19d76x-gF2zeUTjFF8JQafZfTjj2gRA6O_Q_aJQ3XwbYQEPGtPAOGeVaYVaOMY7qODmbazWoHDN3s7K0gJfemNUQjiNBn3FLJt4w-kIMa4zArQH3ObQxcjVks9qykGVCbCJQsN1dbRffX0wpqic1_-n3meSrjbKrkZmNoVJDE4ndfRwAGyczXY9eGKAa5NkkU-DEZ07C4lW_omMhYavKHdeLXkgB9d6CbzYciSMNAr9EIdf3M_qZHpyFaMHvxjdem0m_y_q8IrF3xvW6f05FhXGWZ7Bag_rsl1cxJI9nn50-SYi_Uk-dNarNMkE0dkCJt9lqOaWBTXBJnPtMPcku9Q_tTTnYofpAXEES0cqXk45e0BYhL2PSbhYIadZmF0Y9wTACYK8zxC6U9t-qEEeQL7UfaIC7iy1BUoaeNhYi-DzqD5a-pOPQQSspCggsoaKwDz3-QyBUv4mhOCO3sfg9I_1NFsvw3NdEFg5Pl2O7xS3DPalyN9B7Mn23YWxmJ19SI_SL7M0ugkTqDSK7GfN1ixYxNE2GSGQheJC3VQHqMOe8A9UgNdPBvj5hYwCzzK7EnS_O2C0V2OerAZZ56B6hTMBCkvN7Zzjdis11yJclrFhz3syRnDniMhG2cfTnOKlC66ysh1UjBItFArttAsI9t6Xv7-7RIAup6YhHxIKN8OlAzG-8PVjKiZz7Du1FB0v-NKODg6giN4CVkISvAJp2HXGLhqOXJEvsLjATHXq8vOPhuoJbfdD3cbaS-56tyCEL0GZkNRa4VQ22y39GuiAFmLqF6NtWd9L2KQ8L-VD9elPPe6qSBYJk52boUJdmEuYwtJsJpCmFyw14WWo1g6mz7xl866pyFFlX2in8PJ9fakxsmPbLw5hdUAo9Ik-aY9MQMqCK0FxqbI8FuL57t1yGBGcWJaTOByDR2X63MbsZ9uKCiYc_1GHNaB4RNu5H3KfDg4qKBbXjKPsutuDR27pj2wAPcX3PS_km3U&sai=AMfl-YS2uUxNozFp75LLqI41Tf8wFcv0KAcxfXLPPo47lmVV9YNUo-QYZtxeZyF-WOg8kyYsAsWfvw4090E9yeEz0DJX5WOdri0RDguHaD5Umk0wvY7VKJTpCRGyf8unmXB4EDFubLTmvH2BExFImjQZjpiI8QrM_cjlfY-3j3tLUQ&sig=Cg0ArKJSzCSKNJv0YVZkEAE&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20210208.25483&adurl=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 12 Feb 2021 03:08:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C397 41 KB
15 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 10:50:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58694
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 10:50:33 GMT

GET
H2 200 14950636005081807071
s0.2mdn.net/simgad/ Frame C397 173 KB
174 KB 33ms
5ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14950636005081807071

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7e084a5e8683457205803549a7a0138771431d6aa496f518526de3d52e3af02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 18:43:30 GMT
x-content-type-options: nosniff
age: 203117
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 177509
x-xss-protection: 0
last-modified: Wed, 02 Dec 2020 19:10:01 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 18:43:30 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame 3515 3 KB
2 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=213&idt=161&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=951&ady=648&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8gBc2GFOE0&p=https%3A//sudaneseonline.com&dtd=165

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=213&idt=161&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=951&ady=648&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8gBc2GFOE0&p=https%3A//sudaneseonline.com&dtd=165
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 01:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 01:41:41 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3515 107 KB
33 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=213&idt=161&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=951&ady=648&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8gBc2GFOE0&p=https%3A//sudaneseonline.com&dtd=165

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=213&idt=161&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=951&ady=648&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8gBc2GFOE0&p=https%3A//sudaneseonline.com&dtd=165
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Fri, 12 Feb 2021 03:08:47 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame 3515 14 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=213&idt=161&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=951&ady=648&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8gBc2GFOE0&p=https%3A//sudaneseonline.com&dtd=165

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=213&idt=161&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=951&ady=648&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8gBc2GFOE0&p=https%3A//sudaneseonline.com&dtd=165
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 01:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 01:50:31 GMT

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16239051499483693056/ Frame 6A6D 58 KB
17 KB 12ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16239051499483693056/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=213&idt=161&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=951&ady=648&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8gBc2GFOE0&p=https%3A//sudaneseonline.com&dtd=165

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2724fbea48b78c573f9e820db79b466494ae7bd49ee900d374f8c8246120422b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/16239051499483693056/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=213&idt=161&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=951&ady=648&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8gBc2GFOE0&p=https%3A//sudaneseonline.com&dtd=165
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=213&idt=161&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=951&ady=648&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8gBc2GFOE0&p=https%3A//sudaneseonline.com&dtd=165

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 09 Feb 2021 02:27:19 GMT
expires: Wed, 09 Feb 2022 02:27:19 GMT
last-modified: Fri, 20 Nov 2020 14:18:59 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 16538
age: 261688
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3515 0
0 58ms
52ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClfjMPvElYOWHJ5SJ7gPZ-b-4At7a6LBh5ODR0bMMloLNhYgWEAEgioHAA2CVAqABjuDrvwLIAQmpAhTWcA3CWrQ-qAMByAMCqgTKAU_Q6eKqEHRCGYuIzXOLp_VHpf5L2WA9LLv5QHA2vbwaJeSi40zh62QC5Kv5Jm5ey0WuWh9WEizunXLfaV1v-4NoTZnNhvqcHcSav8jzr8xmqBpX0DvfWabgqz0a0MVpY2UywnJ5I0HpiowRg11VfOLSu7mBaNgzaK4IWAbYXrNO4JTe6epzrVx5ebd9mSZqijPwWLEkip-IJfh5Kt8qrwlwqcEvYMxajtAeFF8jBlU-ZX0lU0Uk7gPD24gmqbUztRjZZU9fzpVX_tDABOPqoNKqA5IFBAgEGAGSBQQIBRgEoAZdgAfan5TAAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCeqAHSCAkIgOGAEBABGB-ACgHICwHYEw2YFgGyFxoKGAgAEhRwdWItOTg2MjY2NTE2OTgzMzU4Ng&sigh=1rBLmFKaCdw&tpd=AGWhJmuBLlyljXQpL4GCAZ6Mb7wRJYxzQ3PNrLH88sdg0zu-jQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=213&idt=161&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=951&ady=648&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8gBc2GFOE0&p=https%3A//sudaneseonline.com&dtd=165

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=213&idt=161&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=951&ady=648&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8gBc2GFOE0&p=https%3A//sudaneseonline.com&dtd=165
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 12 Feb 2021 03:08:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A27A 143 B
184 B 12ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=213&idt=161&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=951&ady=648&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8gBc2GFOE0&p=https%3A//sudaneseonline.com&dtd=165

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=213&idt=161&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=951&ady=648&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8gBc2GFOE0&p=https%3A//sudaneseonline.com&dtd=165
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcQW9tEOjAJcUtQU83RTQCFZ0qAqLbHavPuf0rZ9A30UnNWoYHTVqjYsjeYqk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=213&idt=161&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=951&ady=648&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8gBc2GFOE0&p=https%3A//sudaneseonline.com&dtd=165

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 12 Feb 2021 02:23:05 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2742
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 6D10 13 KB
5 KB 56ms
33ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 127515
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 10 Feb 2021 15:43:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 15:43:32 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 6D10 90 KB
28 KB 52ms
32ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 573615
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Fri, 05 Feb 2021 11:48:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Feb 2022 11:48:32 GMT

GET
H3-Q050 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 6D10 72 KB
16 KB 53ms
33ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-animation-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ed84e4aa1f7fe5f0907cb64ee40941cf5cf83395e98292472157d2be68dbdd7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 36378
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16597
x-xss-protection: 0
server: sffe
date: Thu, 11 Feb 2021 17:02:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9b07487c3da4c1d6"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 17:02:29 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 6D10 3 KB
1 KB 54ms
33ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 127527
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 10 Feb 2021 15:43:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 15:43:20 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 6D10 41 KB
13 KB 53ms
32ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 127545
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 10 Feb 2021 15:43:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 15:43:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6D10 4 KB
749 B 22ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

754fac4810074e8a762844e6929031a73054640d0a51e8428653762553e0a3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 02:20:22 GMT
server: ESF
date: Fri, 12 Feb 2021 03:08:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Feb 2021 03:08:47 GMT

GET
H3-Q050 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6D10 3 KB
3 KB 12ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Feb 2021 03:21:12 GMT
x-content-type-options: nosniff
server: cafe
age: 85655
etag: 9421415325968714010
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2737
x-xss-protection: 0
expires: Fri, 12 Feb 2021 03:21:12 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6D10 344 B
439 B 13ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Feb 2021 09:04:24 GMT
x-content-type-options: nosniff
server: cafe
age: 65063
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 12 Feb 2021 09:04:24 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6D10 0
21 B 54ms
49ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6xnsPvElYPbEJs2Nx_APz7OM2AeenfKLYb-l1vuTDN3ZHhABIIqBwANglQKgAdqpo-0CyAEJqQIU1nANwlq0PqgDAcgDCKoExgFP0Lovqpw553xlGiB5dDCiUzTPLGfpVnkJfuEnfI-8rMGZbLDwtCC8PLq7JkJQv5-EpAFnBqkg-488CS0VPmzoa7zczKOmsfowWDUFfpsnheSHjlEF6zYd_uWaQwg_wvlCD-0Zj5ClVlO840D_bjRoomkEdyWMc5vTRtkfgJ6HswoEY-n0e1x_R-8h7dqKd_wXJXTgTBfpqh2gC5sUak9_WJDN7JHVbl07gUNvS4T5WbgnQn9yoqR0kHEUstBfCMsdzoLKAWPABLLas8mRApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfG35AMqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJr-B9IICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi05ODYyNjY1MTY5ODMzNTg2&sigh=oGdSWeQBDtc&template_id=419&tpd=AGWhJms4j9_a_mPGijRJ6fBAVF88X0blcEKZT9gPZ4Ox00gS5w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 12 Feb 2021 03:08:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 bild_1.jpg
tpc.googlesyndication.com/sadbundle/3817660499293443613/Walbusch_WBK_v1-AT-DE_970x250/images/ Frame 6D10 49 KB
49 KB 15ms
9ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3817660499293443613/Walbusch_WBK_v1-AT-DE_970x250/images/bild_1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e8132de54ba9b4a2eb40ff44a78788e4ecb6b9eac62461fada88472159a775a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 18:51:53 GMT
x-content-type-options: nosniff
age: 202614
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50152
x-xss-protection: 0
last-modified: Mon, 27 Jul 2020 09:02:32 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 18:51:53 GMT

GET
H3-Q050 200 bild_2.jpg
tpc.googlesyndication.com/sadbundle/3817660499293443613/Walbusch_WBK_v1-AT-DE_970x250/images/ Frame 6D10 25 KB
25 KB 13ms
8ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3817660499293443613/Walbusch_WBK_v1-AT-DE_970x250/images/bild_2.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36a2ee487e77d55a1eff35dacb039d1e4df8e6168e59fb758c15a3105136e42a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 18:51:53 GMT
x-content-type-options: nosniff
age: 202614
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25504
x-xss-protection: 0
last-modified: Mon, 27 Jul 2020 09:02:32 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 18:51:53 GMT

GET
H3-Q050 200 textbox.svg
tpc.googlesyndication.com/sadbundle/3817660499293443613/Walbusch_WBK_v1-AT-DE_970x250/images/ Frame 6D10 3 KB
2 KB 14ms
9ms Image
image/svg+xml 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3817660499293443613/Walbusch_WBK_v1-AT-DE_970x250/images/textbox.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebdcc133657a062f351230bd4fcab4c4f80924c7946260ae18c43985197699e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 09:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151636
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1591
x-xss-protection: 0
last-modified: Mon, 27 Jul 2020 09:02:32 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 09:01:31 GMT

GET
H3-Q050 200 cta-icon.svg
tpc.googlesyndication.com/sadbundle/3817660499293443613/Walbusch_WBK_v1-AT-DE_970x250/images/ Frame 6D10 198 B
244 B 16ms
11ms Image
image/svg+xml 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3817660499293443613/Walbusch_WBK_v1-AT-DE_970x250/images/cta-icon.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6458a29ee3ece5dfe1f568c9fbc935bd85c076510162ef82f79a1c76cf456eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50822
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
last-modified: Mon, 27 Jul 2020 09:02:32 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 13:01:45 GMT

GET
H3-Q050 200 cta-text.svg
tpc.googlesyndication.com/sadbundle/3817660499293443613/Walbusch_WBK_v1-AT-DE_970x250/images/ Frame 6D10 1 KB
822 B 16ms
9ms Image
image/svg+xml 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3817660499293443613/Walbusch_WBK_v1-AT-DE_970x250/images/cta-text.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07c0e56d3dab9ba01869922dc45a09928804d0ce6c4de08f6f2ff1c558ac8670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 17:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Mon, 27 Jul 2020 09:02:32 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Feb 2022 17:24:55 GMT

GET
H3-Q050 200 logo.svg
tpc.googlesyndication.com/sadbundle/3817660499293443613/Walbusch_WBK_v1-AT-DE_970x250/images/ Frame 6D10 2 KB
1 KB 17ms
10ms Image
image/svg+xml 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/3817660499293443613/Walbusch_WBK_v1-AT-DE_970x250/images/logo.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7033fd5df92bff5392cd7166aa9e02fbeb56cfdace1aef20f8ba4a04d5665bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 04:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 600078
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1082
x-xss-protection: 0
last-modified: Mon, 27 Jul 2020 09:02:32 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Feb 2022 04:27:29 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 7EC8 9 KB
3 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 05:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Feb 2021 05:56:13 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7EC8 22 KB
9 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Feb 2021 22:10:28 GMT

GET
H3-Q050 200 style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/css/ Frame 7EC8 4 KB
3 KB 14ms
10ms Stylesheet
text/css 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/css/style.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a6633e5e21d0b7a696b0fcf43a7da2e6db0aeb37e2320726af8533193b3f6ce

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 600150
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1243
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 12:04:51 GMT
server: sffe
date: Fri, 05 Feb 2021 04:26:17 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Feb 2022 04:26:17 GMT

GET
H3-Q050 200 classList.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/js/ Frame 7EC8 3 KB
1 KB 15ms
10ms Script
application/x-javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/js/classList.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89d9b7a7b8e5d17c32994a4871c83a588f7ab509a80d1ff90d612c9cf9f1614e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 600150
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1207
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 12:04:51 GMT
server: sffe
date: Fri, 05 Feb 2021 04:26:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Feb 2022 04:26:17 GMT

GET
H3-Q050 200 script.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/js/ Frame 7EC8 2 KB
587 B 15ms
10ms Script
application/x-javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/js/script.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c9086af7b3290bf9103737b79df69da5a9479c9f683e4960bd502bd661dbb6d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 14831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 503
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 12:04:51 GMT
server: sffe
date: Thu, 11 Feb 2021 23:01:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 23:01:36 GMT

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/ Frame 641C 2 KB
2 KB 14ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/index.html

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db237cbdabdaac650983ee9d1c2ddccd10539c12d026e3d712ff6a6744097bcc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/14072910087906121018/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326443&bpp=1&bdt=211&idt=138&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=15CpttunXO&p=https%3A//sudaneseonline.com&dtd=142
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326443&bpp=1&bdt=211&idt=138&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=15CpttunXO&p=https%3A//sudaneseonline.com&dtd=142

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 800
date: Wed, 10 Feb 2021 23:09:42 GMT
expires: Thu, 10 Feb 2022 23:09:42 GMT
last-modified: Mon, 28 Sep 2020 12:04:49 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 100745
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame A996 0
0 48ms
43ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3pbWPvElYNzQJciCx_AP27i7yAPwjfOhYfiQ2IviDLHf8Z39GxABIIqBwANglQKgAcyZnfgCyAEJqQIU1nANwlq0PqgDAcgDSKoExAFP0Kt9It7CQHi5BT2u5vmMMK0UzzwPuJ2qkIT3VKwMcnkiV5WtemSFRGq4dzqT6yyH7yIm72fhJmsK5BhxQ0SrB85ugPb7y9-aCZD_VoqhTtyz8KUDnfjZojL7jqU2BC5LVfTQelLqAz1fQakZenS-bDqzfnxTpsbnOXoJWxec77md0vvW7lpNY9KdUiNsde1DiKM8_mpHdRnXWiNA4TDaFAZDKy7OyTLOy5MSA-TPN5OSbTY49N_kniUDoyEyy2uw8dIFwAS_tL_bogOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHs8SamAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ3-0K0ggJCIDhgBAQARgfgAoByAsB2BMNiBQCshcaChgIABIUcHViLTk4NjI2NjUxNjk4MzM1ODY&sigh=mHSAaheZymM&template_id=419&tpd=AGWhJmsyxIY-AwhNuNcx8CT2NpmHhtPuaUTe7T-uSrvuxPCFjw

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326443&bpp=1&bdt=211&idt=138&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=15CpttunXO&p=https%3A//sudaneseonline.com&dtd=142
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 12 Feb 2021 03:08:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/ Frame A996 18 KB
7 KB 11ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326443&bpp=1&bdt=211&idt=138&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=15CpttunXO&p=https%3A//sudaneseonline.com&dtd=142

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bbf21d644eb606c170f9b814332ded340aeb17e70b94af6d4816a146ae8342a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326443&bpp=1&bdt=211&idt=138&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=15CpttunXO&p=https%3A//sudaneseonline.com&dtd=142
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 01:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 13709262462862093242
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 01:24:17 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame A996 3 KB
2 KB 27ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326443&bpp=1&bdt=211&idt=138&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=15CpttunXO&p=https%3A//sudaneseonline.com&dtd=142

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326443&bpp=1&bdt=211&idt=138&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=15CpttunXO&p=https%3A//sudaneseonline.com&dtd=142
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 01:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 01:41:41 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A996 107 KB
33 KB 30ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326443&bpp=1&bdt=211&idt=138&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=15CpttunXO&p=https%3A//sudaneseonline.com&dtd=142

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326443&bpp=1&bdt=211&idt=138&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=15CpttunXO&p=https%3A//sudaneseonline.com&dtd=142
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Fri, 12 Feb 2021 03:08:47 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame A996 14 KB
6 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326443&bpp=1&bdt=211&idt=138&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=15CpttunXO&p=https%3A//sudaneseonline.com&dtd=142

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326443&bpp=1&bdt=211&idt=138&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=15CpttunXO&p=https%3A//sudaneseonline.com&dtd=142
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 01:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 01:50:31 GMT

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/ Frame 3170 48 KB
24 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/index.html

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eb844bf7cd567f8c7d849c4007d56adcb61890d591b6e26aa38ee65b10b8316

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/11849155685997082338/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326521&bpp=1&bdt=289&idt=92&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=101&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=NLEZR4164z&p=https%3A//sudaneseonline.com&dtd=95
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326521&bpp=1&bdt=289&idt=92&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=101&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=NLEZR4164z&p=https%3A//sudaneseonline.com&dtd=95

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Wed, 10 Feb 2021 10:15:43 GMT
expires: Thu, 10 Feb 2022 10:15:43 GMT
last-modified: Fri, 22 May 2020 11:04:53 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 23960
age: 147184
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9DBD 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjIXvPvElYLa5J5Ozx_AP4tWAiAaL49umYefOvbTKDPSFrqGoERABIIqBwANglQKgAdeX7LoCyAEJqQKLZTd0flm0PqgDAcgDSKoExAFP0E-HHr1JspcvPvf4Odw-ujmofXNbFf4vZOW0lVOI9NUdmfCXoWCSoHE11Ivjxu9dBvY9pOlFYPmFRjra3Jh1rjv2N1xOdPpW7ecJHz5W9vQL856fv3XDLua3xyssbC_7ykgy0bn0CuTXMAIDVaJq1mlKijsKpoh53mH9g0rh27rbT1Va9ZmLIeWbdskCT7gBbh27SvRQyRxXmQxXFD42qpO3PEeWNMWTwQX3dCulo9O5L5LFynO-WkdgYm4rquqmeUrDwAT6rojj3gKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHkeiTxQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ-5gB0ggJCIDhgBAQARgfgAoByAsB2BMNiBQBshcaChgIABIUcHViLTk4NjI2NjUxNjk4MzM1ODY&sigh=s9Pc5ApZqog&template_id=419&tpd=AGWhJmtctTQeR3NbphCHk9ewcQYH17UbfS0_S4dRZMjjhWyxSw

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326521&bpp=1&bdt=289&idt=92&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=101&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=NLEZR4164z&p=https%3A//sudaneseonline.com&dtd=95
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 12 Feb 2021 03:08:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/ Frame 9DBD 18 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326521&bpp=1&bdt=289&idt=92&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=101&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=NLEZR4164z&p=https%3A//sudaneseonline.com&dtd=95

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bbf21d644eb606c170f9b814332ded340aeb17e70b94af6d4816a146ae8342a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326521&bpp=1&bdt=289&idt=92&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=101&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=NLEZR4164z&p=https%3A//sudaneseonline.com&dtd=95
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 01:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 13709262462862093242
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 01:24:17 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame 9DBD 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326521&bpp=1&bdt=289&idt=92&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=101&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=NLEZR4164z&p=https%3A//sudaneseonline.com&dtd=95

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326521&bpp=1&bdt=289&idt=92&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=101&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=NLEZR4164z&p=https%3A//sudaneseonline.com&dtd=95
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 01:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 01:41:41 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9DBD 107 KB
33 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326521&bpp=1&bdt=289&idt=92&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=101&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=NLEZR4164z&p=https%3A//sudaneseonline.com&dtd=95

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326521&bpp=1&bdt=289&idt=92&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=101&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=NLEZR4164z&p=https%3A//sudaneseonline.com&dtd=95
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Fri, 12 Feb 2021 03:08:47 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame 9DBD 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326521&bpp=1&bdt=289&idt=92&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=101&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=NLEZR4164z&p=https%3A//sudaneseonline.com&dtd=95

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326521&bpp=1&bdt=289&idt=92&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=101&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=NLEZR4164z&p=https%3A//sudaneseonline.com&dtd=95
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 01:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 01:50:31 GMT

GET
DATA 200
OK truncated
/ Frame 6D10 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc9d2a68aa22d3ef62d32721e160ebc72180ca421398aef38a6d97cdd126962c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 6D10 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 16:25:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 297814
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Tue, 08 Feb 2022 16:25:13 GMT

GET
DATA 200
OK truncated
/ Frame 3515 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7290634751625e0e6a016e6323194832e0017a229541eb0538d69d21cc10c585

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 motiv.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/img/ Frame 7EC8 9 KB
10 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/img/motiv.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/css/style.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d6b5c5ada27fc330d6f72bff476acf9f679228f6dcaedfedb1260a54a799e8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 14831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8728
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 12:04:51 GMT
server: sffe
date: Thu, 11 Feb 2021 23:01:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 23:01:36 GMT

GET
H3-Q050 200 karte.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/img/ Frame 7EC8 4 KB
4 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/img/karte.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/css/style.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de753ec2b20e22f8eb60e01ce6c4f79cc039b45887303a0255c88c6150b18f50

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 14831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4321
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 12:04:51 GMT
server: sffe
date: Thu, 11 Feb 2021 23:01:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 23:01:36 GMT

GET
H3-Q050 200 banner.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/img/ Frame 7EC8 9 KB
9 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/img/banner.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/css/style.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ffb99970c4283676b67e5d7040b1dc1893c244c3b69742b48737f7e56e317ae

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 14831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9365
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 12:04:51 GMT
server: sffe
date: Thu, 11 Feb 2021 23:01:36 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 23:01:36 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 01D5 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326443&bpp=1&bdt=211&idt=138&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=15CpttunXO&p=https%3A//sudaneseonline.com&dtd=142

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326443&bpp=1&bdt=211&idt=138&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=15CpttunXO&p=https%3A//sudaneseonline.com&dtd=142
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcQW9tEOjAJcUtQU83RTQCFZ0qAqLbHavPuf0rZ9A30UnNWoYHTVqjYsjeYqk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326443&bpp=1&bdt=211&idt=138&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=15CpttunXO&p=https%3A//sudaneseonline.com&dtd=142

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 12 Feb 2021 02:23:05 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2742
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A996 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 784e0ca86a7d2ad8898d5e754f03af866401e4f33e25e140edd71c3d94f453ad

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 39CC 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 11 Feb 2021 11:00:32 GMT
expires: Fri, 11 Feb 2022 11:00:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 58095
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 88C4 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326521&bpp=1&bdt=289&idt=92&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=101&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=NLEZR4164z&p=https%3A//sudaneseonline.com&dtd=95

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326521&bpp=1&bdt=289&idt=92&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=101&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=NLEZR4164z&p=https%3A//sudaneseonline.com&dtd=95
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcQW9tEOjAJcUtQU83RTQCFZ0qAqLbHavPuf0rZ9A30UnNWoYHTVqjYsjeYqk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326521&bpp=1&bdt=289&idt=92&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=101&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=NLEZR4164z&p=https%3A//sudaneseonline.com&dtd=95

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 12 Feb 2021 02:23:05 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2742
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame C397 0
24 B 44ms
44ms Other
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=212&idt=155&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=579&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=j5sOepCtNW&p=https%3A//sudaneseonline.com&dtd=159
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 12 Feb 2021 03:08:47 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9DBD 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0a7ac9fc6db6f412b91731f283ca95731c1f1200bf07bd280bfbf7a8a9d5cb8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012010270040000/ 20 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-host-v0.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437f0df93cfde16d277d61ba740d9a3f56fecde74a3de7d789ae02808590a9db

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 69293
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7254
x-xss-protection: 0
server: sffe
date: Thu, 11 Feb 2021 07:53:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bb338742afe376d1"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 07:53:54 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 41ms
41ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210208&jk=2635091225451825&bg=!qaqlqunNAAWP4B5EjzsAKQB2-DxaZWD-QSYEtinnXBI0v1iW6IOEQnQY4FZf5Bx_xb6kKawN1_rPAgAAATtSAAAAmWgBBwoBLruoqE5Y0xNSYZWfJO00kHIIMGaxRYTU_SH9sC8MkfZuEQCAUUjDLFuUhHbzMNyvJjvIUrlGrBHb4s1ErL-znLhDNtGHfloIAbR_JTNVZXkD1q9GcIy5vxhew1HqqYF1u1zJzi-giDWqPjJZ15yWC93SOvVYrEV_FJWAKy43zIxb2JW838OaKPIC73rwKM1ks5ElNbgFWQoUxUYLPkFgpXTJS1ZjmcgNcrP3wIfrJJWVAWABRd_ltYkaEh8gG_H9clBP3pt-9omRYI7nlGOUHToLxO3X8IK0HcJBBHdV92-scLqYzM6fwlYAqUdA79HBiRx0wf1PAecDmOoTunAe60G9d4iH1KKeiWgkgfWPP9DSRgfSOyL4QlKEvfPUAfE8R8sPfSypkN3vfg64tzyYmQHpYLJiBOa7g_raGhDIgnmgndPUVOFkvWNgoQmRTRWsYlwyi_e41SYFRa6iqJH7raoURM_RCDc8Uu4J0lNu31ijb0lzqfJ7KWWrSKiWs9UuBSqGJ--wva6UxWC5t-6Wgf3Mvkg5MZTt5PViBNrIiha_D8tfPRu4XVZyjhRAdxKHkMuPdOKwbyy8Ocfyu8_YH8Z-4z9xYAow7aF0JP29DK0ljVD4p9BomE2QI377APigc5XioGzEUfmXi1jDyRAHLS-ml8lGI-IGHLDZYloDTDO127cc1P7asDmI3mTEcDWGhizVrIT9OZbes98_3OHpyff_-1aUjcoqLrMafhfgnJAtKskTDhgPx_6IHELp0ff8Fakd7x5QTCqM9vmoLr2HOWWTs1ghZcJhhGz75F2ARj0F_oinkD5rDey7A8YaKSSv_c--ntlmQWtJHwJUMIY8c05G3pIqq84B2909hO8zaCyfnximZOQI6N4uA7lb9zhr1O-Hko7ULynGEdc7hI3IuTrMEDT2Xzpiih7HAyuck-DGTTYCffoy-giYTb8RztTRQtFadLu-MKkagjEYGpRDPUz_0goByXTNndJCsp9kr1O3LPNEMRVyKGoypnt_uNywxNeZB9uiBGOAeRbsGVNwwoSz-JnMKbSr3z24

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 03:08:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C397 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25fda70e483c2caa92ee6788623a97e654c423ca7f722df86f62f2536e346957

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 6A6D 4 KB
1 KB 45ms
30ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:800,600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16239051499483693056/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

027877c5ad5b40c6f2a5d7593604ec61c6be1d1584acef94361a6a755ad8ef97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 02:30:48 GMT
server: ESF
date: Fri, 12 Feb 2021 03:08:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Feb 2021 03:08:47 GMT

GET
H3-Q050 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6A6D 16 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16239051499483693056/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 04:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Feb 2021 04:25:40 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6A6D 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16239051499483693056/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Feb 2021 22:10:28 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame BCD6 170 B
317 B 43ms
41ms Image
image/png 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-8yQIQ78_RAhiPvemXATAB&v=APEucNUYRp1oTqXGD5puejz-M8oqmy5Iq5WcTasr8hE-sFPNdsyIF7lNgvOn5gbHtZ5h7fUk4m9ieQVqUVrfDQb-giTgeUll-YZ-GDj7hx-WeVCwM_XZgH71xGeFu9_cxBQJ0W0kaGaB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-8yQIQ78_RAhiPvemXATAB&v=APEucNUYRp1oTqXGD5puejz-M8oqmy5Iq5WcTasr8hE-sFPNdsyIF7lNgvOn5gbHtZ5h7fUk4m9ieQVqUVrfDQb-giTgeUll-YZ-GDj7hx-WeVCwM_XZgH71xGeFu9_cxBQJ0W0kaGaB
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 03:08:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
partners.tremorhub.com/ Frame BCD6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_sc&google_dbm
https://partners.tremorhub.com/sync?UIGL=CAESEGJLV-PrsF8HDhAG5XEegVk&google_cver=1

43 B
183 B

270ms
88ms

Image
image/gif

2600:1f18:612b:4216:c290:4128:6be:3247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIGL=CAESEGJLV-PrsF8HDhAG5XEegVk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-8yQIQ78_RAhiPvemXATAB&v=APEucNUYRp1oTqXGD5puejz-M8oqmy5Iq5WcTasr8hE-sFPNdsyIF7lNgvOn5gbHtZ5h7fUk4m9ieQVqUVrfDQb-giTgeUll-YZ-GDj7hx-WeVCwM_XZgH71xGeFu9_cxBQJ0W0kaGaB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:c290:4128:6be:3247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-8yQIQ78_RAhiPvemXATAB&v=APEucNUYRp1oTqXGD5puejz-M8oqmy5Iq5WcTasr8hE-sFPNdsyIF7lNgvOn5gbHtZ5h7fUk4m9ieQVqUVrfDQb-giTgeUll-YZ-GDj7hx-WeVCwM_XZgH71xGeFu9_cxBQJ0W0kaGaB
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 03:08:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://partners.tremorhub.com/sync?UIGL=CAESEGJLV-PrsF8HDhAG5XEegVk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 641C 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 05:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Feb 2021 05:56:13 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 641C 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Feb 2021 22:10:28 GMT

GET
H3-Q050 200 style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/css/ Frame 641C 6 KB
3 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/css/style.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4a7c13ad510d22054d213fb20e3f045b1bfc4f8a0a713768abd4db381f7d3b6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 186928
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1531
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 12:04:49 GMT
server: sffe
date: Tue, 09 Feb 2021 23:13:19 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 23:13:19 GMT

GET
H3-Q050 200 classList.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/js/ Frame 641C 3 KB
1 KB 9ms
9ms Script
application/x-javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/js/classList.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89d9b7a7b8e5d17c32994a4871c83a588f7ab509a80d1ff90d612c9cf9f1614e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 100745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1207
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 12:04:49 GMT
server: sffe
date: Wed, 10 Feb 2021 23:09:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 23:09:42 GMT

GET
H3-Q050 200 script.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/js/ Frame 641C 3 KB
656 B 11ms
10ms Script
application/x-javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/js/script.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7765f0763113c53b837164849a3c334f99aca236191b99eb921c9656d9f2643

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 14831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 572
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 12:04:49 GMT
server: sffe
date: Thu, 11 Feb 2021 23:01:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 23:01:36 GMT

GET
H3-Q050 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/ 141 KB
51 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fcd3dd3a7638080dc4eccb4dc2547fc70f1213029b2727495bc45067a42586f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 52019
x-xss-protection: 0
server: cafe
etag: 5055074899333445325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Feb 2021 03:08:47 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 39ms
38ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8&c=ca-pub-9862665169833586

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 03:08:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3170 9 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 05:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Feb 2021 05:56:13 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3170 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Feb 2021 22:10:28 GMT

GET
H3-Q050 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3170 109 KB
37 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Feb 2021 03:08:47 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 065A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

14ms
14ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcQW9tEOjAJcUtQU83RTQCFZ0qAqLbHavPuf0rZ9A30UnNWoYHTVqjYsjeYqk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Feb 2021 03:08:47 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 12-Feb-2021 04:08:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Feb 2021 03:08:47 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Feb 2021 03:08:47 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 motiv.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/img/ Frame 641C 30 KB
30 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/img/motiv.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/css/style.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fca45ae80c6450497732a7062eeacad2889c040fda5c4a11cf4e833d0e0575e6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 14831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30948
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 12:04:49 GMT
server: sffe
date: Thu, 11 Feb 2021 23:01:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 23:01:36 GMT

GET
H3-Q050 200 karte.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/img/ Frame 641C 6 KB
6 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/img/karte.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/css/style.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee9f56800393ffbbc4e52b10f7e06c8bebb250aab66f471ac7740077cf26ec14

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 186928
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5854
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 12:04:49 GMT
server: sffe
date: Tue, 09 Feb 2021 23:13:19 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 23:13:19 GMT

GET
H3-Q050 200 banner.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/img/ Frame 641C 11 KB
13 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/img/banner.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/css/style.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e308f2e4812faee1816c3812bdcff613bf8d96e653a977f73f86de9bcfee1fd0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 100745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11609
x-xss-protection: 0
last-modified: Mon, 28 Sep 2020 12:04:49 GMT
server: sffe
date: Wed, 10 Feb 2021 23:09:42 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 23:09:42 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 6A6D 9 KB
9 KB 35ms
20ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:800,600

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/css?family=Open+Sans:800,600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 13:34:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:44 GMT
server: sffe
age: 308052
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9192
x-xss-protection: 0
expires: Tue, 08 Feb 2022 13:34:35 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 6A6D 9 KB
9 KB 36ms
21ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:800,600

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/css?family=Open+Sans:800,600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 05:56:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 249122
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Wed, 09 Feb 2022 05:56:45 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A27A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
25 B

15ms
15ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1613099326&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326445&bpp=1&bdt=213&idt=161&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=951&ady=648&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=8gBc2GFOE0&p=https%3A//sudaneseonline.com&dtd=165

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcQW9tEOjAJcUtQU83RTQCFZ0qAqLbHavPuf0rZ9A30UnNWoYHTVqjYsjeYqk; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Feb 2021 03:08:47 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 12-Feb-2021 04:08:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Feb 2021 03:08:47 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Feb 2021 03:08:47 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js Show response
pagead2.googlesyndication.com/bg/ Frame 7EC8 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 11:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 57074
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
expires: Fri, 11 Feb 2022 11:17:33 GMT

GET
DATA 200
OK truncated
/ Frame 3170 5 KB
0 Font
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/plain;charset=US-ASCII

GET
DATA 200
OK truncated
/ Frame 3170 10 KB
0 Font
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/plain;charset=US-ASCII

GET
DATA 200
OK truncated
/ Frame 3170 3 KB
0 Font
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/plain;charset=US-ASCII

GET
H3-Q050 200 5ea98c4a91e3a5001324c538.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/ Frame 3170 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/5ea98c4a91e3a5001324c538.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498726678fff6c29c6682908dfebfb54295907559abd7695d0b4892d09bb6860

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 271907
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1941
x-xss-protection: 0
last-modified: Fri, 22 May 2020 11:04:53 GMT
server: sffe
date: Mon, 08 Feb 2021 23:37:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Feb 2022 23:37:00 GMT

GET
H3-Q050 200 5ea98c5424c98a00104f490d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/ Frame 3170 19 KB
19 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/5ea98c5424c98a00104f490d.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ee0af704ef923ecb176813321cf8f56f0de1c14aee1ffaa111943d1f2e41ae9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 45512
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19432
x-xss-protection: 0
last-modified: Fri, 22 May 2020 11:04:53 GMT
server: sffe
date: Thu, 11 Feb 2021 14:30:15 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 14:30:15 GMT

GET
H3-Q050 200 5ec25d089c3f8500117de5db.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/ Frame 3170 6 KB
6 KB 8ms
8ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/5ec25d089c3f8500117de5db.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2d34ab43112d27eb568fd635cd07669d94024c0d77576d0ea6cc87df89c59b0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11849155685997082338/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 45512
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5860
x-xss-protection: 0
last-modified: Fri, 22 May 2020 11:04:53 GMT
server: sffe
date: Thu, 11 Feb 2021 14:30:15 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 14:30:15 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
48 B 39ms
39ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8&c=ca-pub-9862665169833586

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 03:08:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/ Frame 46A8 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102080101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcQW9tEOjAJcUtQU83RTQCFZ0qAqLbHavPuf0rZ9A30UnNWoYHTVqjYsjeYqk; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 11 Feb 2021 20:35:30 GMT
expires: Thu, 25 Feb 2021 20:35:30 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 23597
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 01D5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

14ms
14ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326443&bpp=1&bdt=211&idt=138&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=15CpttunXO&p=https%3A//sudaneseonline.com&dtd=142

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcQW9tEOjAJcUtQU83RTQCFZ0qAqLbHavPuf0rZ9A30UnNWoYHTVqjYsjeYqk; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Feb 2021 03:08:47 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 12-Feb-2021 04:08:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Feb 2021 03:08:47 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Feb 2021 03:08:47 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js Show response
pagead2.googlesyndication.com/bg/ Frame 39CC 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 11:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 57074
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
expires: Fri, 11 Feb 2022 11:17:33 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 88C4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

42ms
42ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326521&bpp=1&bdt=289&idt=92&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=101&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=NLEZR4164z&p=https%3A//sudaneseonline.com&dtd=95

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcQW9tEOjAJcUtQU83RTQCFZ0qAqLbHavPuf0rZ9A30UnNWoYHTVqjYsjeYqk; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Feb 2021 03:08:47 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 12-Feb-2021 04:08:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Feb 2021 03:08:47 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Feb 2021 03:08:47 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js Show response
pagead2.googlesyndication.com/bg/ Frame 641C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 11:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 57074
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
expires: Fri, 11 Feb 2022 11:17:33 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 46A8 2 KB
562 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 02:15:54 GMT
server: ESF
date: Fri, 12 Feb 2021 03:08:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Feb 2021 03:08:47 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 46A8 205 B
571 B 27ms
6ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 16:26:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 297723
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
expires: Tue, 08 Feb 2022 16:26:45 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 46A8 604 B
694 B 27ms
6ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 20:26:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 283341
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
expires: Tue, 08 Feb 2022 20:26:27 GMT

GET
H3-Q050 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/elements/html/ Frame 46A8 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1286948d89eb1a7ebcd9b2d9feca7ec2baf391a57131754375142e2d50d4130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7193
x-xss-protection: 0
server: cafe
etag: 14548608182166414779
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Feb 2021 22:44:03 GMT

GET
H3-Q050 200 Invirto_Logo_WHITE_version_1200.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16239051499483693056/ Frame 6A6D 33 KB
35 KB 7ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16239051499483693056/Invirto_Logo_WHITE_version_1200.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6822a15013b198440c6b01aee7805c48e46f9e4868029163f5b7c853606a64c5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 261384
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34291
x-xss-protection: 0
last-modified: Fri, 20 Nov 2020 14:18:59 GMT
server: sffe
date: Tue, 09 Feb 2021 02:32:23 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 02:32:23 GMT

GET
H3-Q050 200 Yellow_Monster_komprimiert.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16239051499483693056/ Frame 6A6D 91 KB
91 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16239051499483693056/Yellow_Monster_komprimiert.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d8d1667d35f9c248022f5961469c2d3054de4026f3f1d6a75c677733de519d1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 261384
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92899
x-xss-protection: 0
last-modified: Fri, 20 Nov 2020 14:18:59 GMT
server: sffe
date: Tue, 09 Feb 2021 02:32:23 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Feb 2022 02:32:23 GMT

GET
H3-Q050 200 Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js Show response
pagead2.googlesyndication.com/bg/ Frame 3170 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 11:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 57075
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
expires: Fri, 11 Feb 2022 11:17:33 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 6584 2 KB
606 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02cd60655fcce9585457a7cd041767aba7c4aeef590805801be7090b5fe3fd5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 02:15:53 GMT
server: ESF
date: Fri, 12 Feb 2021 03:08:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Feb 2021 03:08:48 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame 6584 2 KB
992 B 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 02:01:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 02:01:54 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/ Frame 6584 18 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bbf21d644eb606c170f9b814332ded340aeb17e70b94af6d4816a146ae8342a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 01:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 13709262462862093242
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 01:24:17 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame 6584 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 01:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 01:41:41 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6584 107 KB
33 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 03:08:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Fri, 12 Feb 2021 03:08:48 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame 6584 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 01:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4697
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 01:50:31 GMT

GET
H3-Q050 200 f39ec1586bd36f0603e16664b9cc775d.js Show response
www.gstatic.com/mysidia/ Frame 6584 25 KB
11 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f39ec1586bd36f0603e16664b9cc775d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92cea13927f23ea44ef028e531d5fbef3be60d7211fbbf843bc430bf437a870b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 10:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 03:32:11 GMT
server: sffe
age: 58588
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10792
x-xss-protection: 0
expires: Wed, 12 May 2021 10:52:20 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 14EB 42 B
155 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuP_CKFwHq1WFrv_HoKqJj6sphOwXIruysfi8PyDyV9GDYrj2Q1-TUW649CmStXBWWsbyuVPfNaDj_v3U7OVFO-McZSS9r5-eehnJ9ve8RKlqHThVqrPPSw0-W8HA&sai=AMfl-YSBv3kRXxkVqWu8KY5FVdd_G4PGt2IbeIF8o-udpsuK0LvKHolhRYK0qvXhcYhgPLBDBnLeh_kOUUxK&sig=Cg0ArKJSzEbKUMrsuOvFEAE&id=osdim&mcvt=1029&p=0,579,57.875,1047&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20210210&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=2256891426&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1613099326580&dlt=243&rpt=56&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1613099326&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326440&bpp=3&bdt=208&idt=132&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=579&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OnrDWJSVsf&p=https%3A//sudaneseonline.com&dtd=138
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 03:08:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js Show response
pagead2.googlesyndication.com/bg/ Frame 3CFB 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 11:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 57075
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
expires: Fri, 11 Feb 2022 11:17:33 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 39CC 0
160 B 43ms
42ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHU8SPvElYO3PJryy-gb0k6D4AQAAAAA4AeAEAg&bg=!NTalNnXNAAWP4B5EjzsAKQB2-DxaiWOFj5GgyCGb1loRo04R4WYouw6bqIJvXmPHHPeHR6ZVvRhMAgAAAaNSAAAADWgBB5kCZ-qo8m7g2Yf3VSWu99Yr-zzosyFiy42gKqwXicrRRhoetLgosWLgL5R1NLP9yzhnuCkS2WKfpWQmBxGBRStcM7tOEZysb90M6DZIXaJ-gHZ-e3DJRGnIdxkuSI41jAFrFrygtiGyxq7gkn75xhs1dfw5H88gLk3Nl-q5QdgsD7a18EzHxBujsLp48z5atwg80LMNEEH2nMpFzUlcAtetK7q_TAwpU59xyVPCskrpGRH78eTWmqbR3xEekvQHSx0RbupFzib93mIAV6-Lq78BQWieabRZHqbbIM_6Fa3YETx8pwJMeyBp72mdeAUwP6ayKySphfeANX2nAC_-wBeFMWPe2u5qix6Jtllyb1E3oP3QQUFmhfqFZMs9WKZHDSL-QBgRGMJi55-bXt-EqsNRhPUnxFje3as_wWTE4kHBrv6QZxRSmB3wYGLh8X-alvMaw8VRph-EeUOjED7kZ7Mib5rjiLiX04lhs7xmLp68ZjgrhJOsJA4Jd-i5G9WhxFNmWXZr0bi0MApuiU5saEQJ9vK5-4OyhuxyzNflnAhpl9o-arDALchqKWSSogCjLpzii9MzWz77SoMHNMgm3sbxDDYo5M6eUfIbhfvNkE2MT5hoi6tVDh-IVboH3En5aHEjJ9PkPz4Kml52vR2bh68KTo5ixqEQtAwBnTE_dCoSFKA-VHZq1EZKXPkwDVNfVIbgvX4TkeBlKwSQ1EisUqxusLN53zXfM77BqDphcRjVeYaxNoiOaQob8HL9EWeMLzjkMayJ448KL5MnB88HtHFwwG7d2eY8hB8VYluaLefv5slNjOMPhv_sGg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 03:08:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9DBD 42 B
66 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqkR0eOU9oNU0ETsFZIvjTgpiYeROLMb_MvaRKENVy6w1YPWPKyV-ggBNqTPBGbln9Hgnh4dUOqA4YqDYBgdlfaO1J9yLF7M5FQ2MMbysHiPCX7wKgZsBLRYlnuA&sai=AMfl-YQLsAztgoNwXpoK6DX_dVUipVuYY4tk3e-OTApHeDdL4HLhhXJi0y7gDwLs0VJ3S7VQIkiP8TEr1P01&sig=Cg0ArKJSzDZJt0xyqzW9EAE&id=osdim&mcvt=1000&p=102,1446,777,1581&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210210&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=90918906&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1613099326617&dlt=597&rpt=32&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326521&bpp=1&bdt=289&idt=92&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1445&ady=101&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=NLEZR4164z&p=https%3A//sudaneseonline.com&dtd=95
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 03:08:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A996 42 B
66 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHeOux4jfG3IP-X-c8mucFRbz09ZuHSiVasbN_vfrQtZFvWvqk8h2bVZh5TnEyMyp7bXWbM89wVDlGlZXDptOK86ZrSjx2KXV_-5NETQjbVZb8TbFKDtGDu96hoA&sai=AMfl-YQIRL1rdtUFyaO0Iec8OgPd1dbrsGMb_7qdyojeGwHd15T5GwgVWgyJS8_3E_yAmgcGKsj9HeSeNuqy&sig=Cg0ArKJSzN1B2azuZHBtEAE&id=osdim&mcvt=1000&p=111,11,617.25,146&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210210&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3758595536&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1613099326586&dlt=561&rpt=56&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1613099326&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326443&bpp=1&bdt=211&idt=138&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=15CpttunXO&p=https%3A//sudaneseonline.com&dtd=142
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 03:08:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6D10 42 B
66 B 43ms
43ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYmf1TE5tyl85kHCP0HWT6K29EeYqSSuyuEUiC7XePu16pcT-0EQhY-t_MiPNtZ3rLfAfswvseirRffxrUTkTSP9LYauZ76_Rich3hQwqB0NCoUIAUzk-QZ2mMsQ&sai=AMfl-YS5-JiLJpDCXTHxprjArzT6lZGPdjDhexwOpf61TZB-NV7QqFxjsxxyFqk-UatMbhVJHHlGGO6JT4UO&sig=Cg0ArKJSzOk-XoX_AzzFEAE&id=ampim&o=339,111&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=314&tls=1315&g=100&h=100&tt=1315&r=v&avms=ampa&adk=1230168666

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 03:08:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: http
URL: https://http//www.sudaneseonline.com/uploadpic14/mar/1016333_488823897867823_1875840390_nsudan1sudan.jpg

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sudaneseonline.com/	1970-01-19 16:04:59	Name: _gat Value: 1
.sudaneseonline.com/	1970-01-20 09:36:11	Name: _ga Value: GA1.2.687507642.1613099326
.sudaneseonline.com/	1970-01-19 16:06:25	Name: _gid Value: GA1.2.1981411016.1613099326
.sudaneseonline.com/	1970-01-19 16:48:11	Name: __cfduid Value: dd6fa8451bff524cbe2b1676c8280658a1613099326

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=505
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=510
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=10
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=30
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=15
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=12
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1613099326&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1613099326444&bpp=1&bdt=211&idt=151&shv=r20210208&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=8578429790685&frm=20&pv=1&ga_vid=687507642.1613099326&ga_sid=1613099326&ga_hid=605764342&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=339&ady=111&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067982%2C21068083%2C21068769%2C21068893%2C31060009&oid=3&pvsid=2635091225451825&pem=260&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=BJjlOZZ3c0&p=https%3A//sudaneseonline.com&dtd=154
console-api	log	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/js/script.js(Line 53) Message: 13000
console-api	log	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/js/script.js(Line 73) Message: 16750
console-api	log	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17641178450847060165/js/script.js(Line 53) Message: 13000
console-api	log	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14072910087906121018/js/script.js(Line 73) Message: 16750

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
a7sas.net
adservice.google.com
adservice.google.de
ajax.cloudflare.com
b.top4top.io
bp1.blogger.com
cdn.ampproject.org
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
e.top4top.io
fonts.googleapis.com
fonts.gstatic.com
google-analytics.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
h.top4top.io
http
i.ibb.co
i.imgur.com
i.pinimg.com
i.postimg.cc
i2.wp.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
pbs.twimg.com
s-media-cache-ak0.pinimg.com
s0.2mdn.net
ssl.google-analytics.com
stats.g.doubleclick.net
sudaneseonline.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.sudaneseonline.com
www6.0zz0.com
xslt.alexa.com
http
13.35.253.7
142.250.186.66
142.250.186.98
145.239.131.51
151.101.112.193
163.172.80.128
163.172.91.236
192.0.77.2
195.154.113.34
2001:4de0:ac19::1:b:3a
2600:1f18:612b:4216:c290:4128:6be:3247
2606:2800:134:1a0d:1429:742:782:b6
2606:4700:20::ac43:4b3e
2606:4700:3030::6815:1146
2606:4700:3036::6815:1d27
2606:4700::6810:a823
2606:4700::6812:fb0
2a00:1450:4001:800::2008
2a00:1450:4001:801::2001
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::200e
2a00:1450:4001:813::2004
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:400c:c00::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
51.91.224.95
00e9a376ce61cbedea5beb54c998706783a33491cf140aea66d0b397d992b03b
027877c5ad5b40c6f2a5d7593604ec61c6be1d1584acef94361a6a755ad8ef97
02cd60655fcce9585457a7cd041767aba7c4aeef590805801be7090b5fe3fd5e
0313d7051b1cacf768e51e863bcf7462839cb9faf11f67493a551a70689fb91c
03652ccf25e11afea2e0d5e0a443cbe2b7a201a567d1f9e83d152921b80ebcbb
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b683609a410f8c005dd4b27a0a660b5304d31b0e5614b95ea3ae02cd1b8072
0731d649e8ef3d95236966caadd92ee1e5e4464d30d523c1d1b6b20b4b151144
07c0e56d3dab9ba01869922dc45a09928804d0ce6c4de08f6f2ff1c558ac8670
0820fd80b014512cc0b2a2e97cca7347bc9c4bdccec8cfe6c145e4b8fef4b06b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8f2c815b29a22692ff010e8185dabd533fd50b99222fed22917577a26aac02
0d074ca4e6e73b4304369241fd25691e513143af68319c5d9ebd9c7bbbec7a42
0ee0af704ef923ecb176813321cf8f56f0de1c14aee1ffaa111943d1f2e41ae9
0ffb5e6a9625ae55529682bcb47bc148799f92f6c4b9aa7b959d0ecba3031b99
1137d4c1e3478a9652bd6ca78e55ed48335bd330a209cd4ef45d1c54bf8d6c8d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
145b3cf099e9fbd456a398279cfdb784c81d5ff42c7296081076d84e2391493a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18a0f425e7929f0e35040c31fa34d0ac3584eea98b70d632a2da71554b827583
19a61f80e9cd10968010b2a4472da16459ded203cc751acf50c5bd8d6d9d6551
19ab5dbfffb7d167c584dcd1eeb18fc08cae1f8c7cb0f3e15a3ed927b3c7356b
1c00666874404c226c8385dd9b2a6b09ec253613b8f1b6ea998dd4d1166a52e8
1c4f1a9488c3f6301aae3a559e40d8155d6a3dd59b8931212193647d6d715033
1e1e8608a0260738742a3c1bcd64b3651b854cb6971ef7457580193d4077dc65
1e70af81161b491354bb7687d33ccc8a7eec86bef17424f45524eb96738a7a03
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
1ed84e4aa1f7fe5f0907cb64ee40941cf5cf83395e98292472157d2be68dbdd7
21d4194937eaa3a9df8dfeee6bb7de53348afc248257b400f36a2e2a670317a9
21efb19adce8ebd5e9975c69f353b2f250cfd0ea4b7ee5d363ab98b015b660d4
22b4fc6bee580fef18e992087517050965ee3a8962600e3b00338f3587a7f668
25fda70e483c2caa92ee6788623a97e654c423ca7f722df86f62f2536e346957
2724fbea48b78c573f9e820db79b466494ae7bd49ee900d374f8c8246120422b
2961b3db2b46da7335a7b966b4503e9c698b31721b54d65ce1b93c5662447624
29a368265e2c4f3576011d1143ab0e9f6ca9492f7036c298ea1734d818e5abf4
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2d0ed65db95ee9a4db6cfc439c2cfd35b8562cd082357fd24bd4ee7e903768cc
2f834e8cc2f1b8a7d988b2c0ef58e0c10d2409856614f042bf93175c118aec62
341c395990c70eca9478ceddb6012b07c34db8cdc0e937583df1421101a89e19
34bf4ec3eca0adc00a246b829f90f947845d914d89cfa0a0d6de663628449a67
354737a1a05e204c9ed03a63eebf87d858e12232335787647ae265e70e4ce0e5
36a2ee487e77d55a1eff35dacb039d1e4df8e6168e59fb758c15a3105136e42a
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
372d04f407947fdd808207dde54cf389d2535f566ea1b0cbd6dea35faf41e80c
3c3e9126fa4cb9be7ca9abcab88f51219a9e9a91c6375fd354a43fab829a19de
3d0f27e7b01b00859e3232e590e5a88c18379af6ac09416077a785eacd3d2035
3fcd3dd3a7638080dc4eccb4dc2547fc70f1213029b2727495bc45067a42586f
40841c1ad6fb48b38bc6fd49ebc005498ea417da05937d619d7de65ff2caec66
4130840cd3b4551d245f902798f99c85267091b851a6d4b389c35af04f9789f5
437f0df93cfde16d277d61ba740d9a3f56fecde74a3de7d789ae02808590a9db
43a82cf4ba9728c892351f12c170230555c0fb58162b414c88e4cdf0b69f8aed
45489ce6a2f29e5c607dfa5187bf7ba3fc73d5a8eb7702e376279e1692370852
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
496f9e7f84eb8c342c0086e43768b3723292564d2d2d6f1b9bdaee00684d9877
498726678fff6c29c6682908dfebfb54295907559abd7695d0b4892d09bb6860
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d8d1667d35f9c248022f5961469c2d3054de4026f3f1d6a75c677733de519d1
4de7b51725d4bb70235fb155bc24eec9d215d5693a3b6f6774ac1d19bb2ca024
4e11456515fb6091e3ef2c30ba4fe851345ae0e33b9244992a0dde4cbd04c5d6
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5329a2c02372ed4eb72338bf64ba3d040f35d2303ff70cdb49228763eb2c9e51
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
547ac2b7bf734f40cc994c11bbe5643fb7ae0f86442b53694a73a2b7bc550b53
553184002d49f3197d581f56de0f8ab37d66f0ae73c3f3faa363ac26c56b02e0
564aa8589a93ae62a4f5fe4ec55f34d506f5f7ebf24a31fa8549e92c58786f97
56583d7365641d0274d83f874ccdc02fd4524a491f481ef968c962c10c61d3b4
5669fcdd1fa7c5e07e297fae9a5f15adb1d9a200086be020e425e90b396cf72b
5991903bf492d7e775911f7d1c5d8625c57dc82a6cd99e0f7b5a6691215f7ba4
5a984c72d88c346c4adc1244440be9cd062aadecc64cebcb1868b5b5de6b8da9
5a9fd7b21dc6a10ecd891500b275827227ded1bc4da401d19806c1c432c6d2d5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
6822a15013b198440c6b01aee7805c48e46f9e4868029163f5b7c853606a64c5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9086af7b3290bf9103737b79df69da5a9479c9f683e4960bd502bd661dbb6d
6ffb99970c4283676b67e5d7040b1dc1893c244c3b69742b48737f7e56e317ae
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
719a9c5b70a7847cc11a4cbec622308f61315c4e849d91e3f156fe5790487f76
724e999373acde2068adc1a148b9fce57faed54dae3dd9edf30345c26bdeaaea
7282da3cf526d4660699ec27861b7991fe32f53b137457c1b9e4131021e23c45
7290634751625e0e6a016e6323194832e0017a229541eb0538d69d21cc10c585
72a492fc88306b58b590d47f55feb08b11119d149db001980f20ad10846b21a2
72fea3fe50ffbc7bbf4648547ccf1a38ed660ec9971829aae72147845f44f81a
733a90c78ebe6072cb5bff90bf028b9cba6e50d0570686265a30589570edb925
754fac4810074e8a762844e6929031a73054640d0a51e8428653762553e0a3a4
756d7dfac4a35bb57543f677283d6c682e8d704e5350884b27325badd2b3c4a7
7717de7e2e218e956580963a667c5899e3ea5653cbc1569152330429f38542b5
772029ffddff8892ab9484f7ac91a8a9d7e12d1edef3390dc336054184c880d3
782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc
784e0ca86a7d2ad8898d5e754f03af866401e4f33e25e140edd71c3d94f453ad
797c26f036647914a3edb42b47186fef5dea31a6d548fa4bf94917c7e17735a2
7be91ce97275c300ce632c8e46d84811da453937eb643aa48f63f723fef0153a
7d7af17d4ab24aeb00ee93394751160a184406d1f24800c5989d2696d2b25ef4
7ddadf329de63774f1dedde0cd0a01a422b46a93daa2b36c138f659be3f1ac11
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8371ca7726358d3088e19a1406a034d30cafa4fef366e69d959dd6a41822e9ff
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8568618df18202314a62419e94e30f4183c4878adb08066b1e76110173c16c1a
872cad15a49ec8b35cb03fa1164dcfc589d7f77cde5b0511edacc61d7b9dca80
8730b71e29db3b9adcec99032793ad923c988a043749e3bb6ed5f0382222e4f5
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8884629ccc4d4a58573abda059d0aac043d252a619a9d6dc738385232f215b5b
8959174b12db9a56208784f4b48d715326bb18cfaaa133378446515cbf6662b3
8968c474def847cbb78da5635e03dffc060c826a0b2b9fdc5981359859cd4874
89d9b7a7b8e5d17c32994a4871c83a588f7ab509a80d1ff90d612c9cf9f1614e
8a6633e5e21d0b7a696b0fcf43a7da2e6db0aeb37e2320726af8533193b3f6ce
8bbf21d644eb606c170f9b814332ded340aeb17e70b94af6d4816a146ae8342a
8d3d5252c5c8636e3a85a58e8a925714c7cb17c8da2563ed39d2824d33833993
8dfce04e20664e11e151528f4f1ba4bb9e75f62c322c67964c70a1abde8db31b
8e0fc0402b9a3d3cc00cf682859d9288b50ea268e924d68c910a71a71a986e60
8e8132de54ba9b4a2eb40ff44a78788e4ecb6b9eac62461fada88472159a775a
9280c3e8fd25c51470aeb64ebd6eb253083f78b26bc26291462015ae267b5755
92cea13927f23ea44ef028e531d5fbef3be60d7211fbbf843bc430bf437a870b
983cd22a3c9ff8f95ab04e73943a17c206e7ff98eb7a7d4a0553b6b893f4475d
992388fbeff91f69ece1f2af28b26cd013db8135f58d8d05b96c9aecdc62a731
99c1d606773767eec58bc7c39f89713894577fb5b8ac3c11c86504c512d2cb97
99e7cbcf84d9e9c4767ef0dca3402b9de917df19133ceb284a0f0f3a4057e2cd
99f7ae47c31c2629f3a2f8e9bb6997048bfe040aea37580d39746c166b967185
9eb844bf7cd567f8c7d849c4007d56adcb61890d591b6e26aa38ee65b10b8316
9f1fd0ceeada7c5b7738a8679a776ef3a7ef3220084ed2238898c071b259174a
9f33e0efa1e11e567c817cc2e3ec472592f112140d58ebb773d28b1e1a64b7e0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a153f3819c758754117e2a2c953c2003ecf1bc55ef9c8d0db6ba8969215ce1c6
a2c0e0a1bf8b3c57bd4825c24dbea2cb72bb0bf3127fc88970a982e5d7d6eebb
a4176501e296715eea36093ef15dd2774c199f2b2ec57231dc6a3425c3aee6d1
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a79673f3b08f477f58c30d902ef57f5d5d7aadf7661ca639fd417d80498666a2
a7e084a5e8683457205803549a7a0138771431d6aa496f518526de3d52e3af02
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
ab42ff31d07c36ec69c448d804ee5b0204822d8ae24c49a00b0c5fe117467e61
ac411c85316736224056916552d837e3cbe139cf7468a98826b34821355aa1ca
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b0b47fbe08813f2964de03684b90df90615e5591820069441e26471cf176fc0f
b112d143d0b935fa4c67ee13a697324083dee7bb17b2ae39edee1753e7160db7
b18ed6ca4c98d8ef4e32f9bc82778ee7f52d3d645acff62107d7ead99036a3de
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b2d34ab43112d27eb568fd635cd07669d94024c0d77576d0ea6cc87df89c59b0
b35985addd0683dd70c493ae32951c64ee9cf767c177ab729034d99bf416456f
b40dd3fbad1ba3e77403799bbb95c196391a8c5682a6a7209c5b64c9ff4042e9
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b6458a29ee3ece5dfe1f568c9fbc935bd85c076510162ef82f79a1c76cf456eb
b8c0557cbdd0251dcad213bc5f4d2409ccbe9bce3da0d62db589208238f77f96
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b96d52bbeaf4b1e8233c9f95a3c15219649eda5f59216c604241322f109f2c09
b985c9d61d3616f8cb9ae78e1658946c7f395b30d86c18af9e8f4acd137592c8
b9b22ee5c44be56ed8d9915f66fdc68649e6b6280facfc5416dec407f8362f4c
be3320dc4e3f9f68c6f001ac32d204b9d881de39e0895d6cfa094f2271b59b6a
bed02c16941497047a8e371f87ae9e0a594757ab219d9d6c96ead426c82c4062
c02ddc028251ce8b5aaf959bc6e90d6944467212439f5bf283dbbd99292c815f
c1005580aa64ecc161e55963e34a2a829a95a3446b9ab0a66d2b51d35413f203
c10af103c2513beba5a7397f609106745382adea54bd90b818fa6f4fe8781026
c4a7c13ad510d22054d213fb20e3f045b1bfc4f8a0a713768abd4db381f7d3b6
c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00
c7359ac53adc88dae2f28ff7a0e9156dcb2d088c6b434d0c2946e9c5ec7a1dce
ccd589c6f3c28f9ab95307472950b234952f43985cbcd75ced28d8f5ba06d42a
cd19302865a315df9a57552a585191f452efcbed7b0ab6b6569f4bebb764366e
cef431d062a50c4daaa15655cc4b46e819986052ae6b5d55c3dc12b09598e710
cf5f8602ddd688b3192c614d2ec643678944be422c98f2b7370423283ffa93e1
d15962872cf36fd3b67f2aee96acabadf04b452b1c5e52fb492d06349b81f0ec
d15f56ad8410162f6486e3dddf17ace90b3b3dd10142d29a97d4f26a9b13f9b7
d40e445084a94c08c165cf83b0b538d97729c72b41d21a4cf2bb11c9185b64e9
d470ab3f2efb2271564c86298b3139480369a7d8b85cc117631ae5714605d93a
d536ac86bd42f483358b267bc5daf5cd150bb8c774c37b3b3c66b5d7dc6f0342
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d697675c94c096a0739d0888b9754ba7887d282f5ce84077c8759fed58ec9b5a
d8535f1b381398d4053486b50f3b99b5b283f65adc65ed66c52fb74ad44f47a3
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
d8f6622cfbd9872f2fd15939125bf8c707180c7a1f3b885a0710eb0ac6cb18fd
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dad400480ed910066d05fde9e1a0f1525d78d3d37f3321571af05672075bf41e
daf681b03f64492d5f4effd3fbf95718487fdd7d403ddd5add315b567693faed
dafc13faf3515ff6e6db88e2dee9fc225513b92b7c94a77570a0f03d7cc98b1f
db237cbdabdaac650983ee9d1c2ddccd10539c12d026e3d712ff6a6744097bcc
db95a57dce798f5f2687ff163347a0175e8f70ef80271377647f0cc00b5b4ebd
dbf89db2d125549c513937d10e3af603d5aee8ec51bd14c318322c1dc2b97195
dc9d2a68aa22d3ef62d32721e160ebc72180ca421398aef38a6d97cdd126962c
dd1665c06814cd2459affd4cc6aa2b48ac9229dee9bedfe1df7717056c9c732d
de753ec2b20e22f8eb60e01ce6c4f79cc039b45887303a0255c88c6150b18f50
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e0a7ac9fc6db6f412b91731f283ca95731c1f1200bf07bd280bfbf7a8a9d5cb8
e10dba2b62a403e299ad9ab9cf4d137389e7db2d016d7aaec2f25b78884942cf
e1286948d89eb1a7ebcd9b2d9feca7ec2baf391a57131754375142e2d50d4130
e308f2e4812faee1816c3812bdcff613bf8d96e653a977f73f86de9bcfee1fd0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4c1894e5543828e9dcfb521609a620c5ea9003e3c0be6d5578540c4e392c929
e5d6b5c5ada27fc330d6f72bff476acf9f679228f6dcaedfedb1260a54a799e8
e7033fd5df92bff5392cd7166aa9e02fbeb56cfdace1aef20f8ba4a04d5665bf
e95e9489203b6ea8c50e0c524c9054d531a9f2a4d3ba945b04eaf8d98d5958eb
eaafcf858dacd31ee94ea267b50975065796ba5aec12e2cc0d87d744e83a247f
eb77c1e984c822e951f8e7aacc8cb4007d0ab0aa0dcc4455f1dee2293ac5b9f0
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ebdcc133657a062f351230bd4fcab4c4f80924c7946260ae18c43985197699e3
ed7d72de81ce28a49509b04006c99759ce51715d83f38fac7f58ee59313d028a
ee9f56800393ffbbc4e52b10f7e06c8bebb250aab66f471ac7740077cf26ec14
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c9e59fe4556a5ca7da317a52097784bbe634004d9f67c78b36d0b7f4656704
f7765f0763113c53b837164849a3c334f99aca236191b99eb921c9656d9f2643
fca45ae80c6450497732a7062eeacad2889c040fda5c4a11cf4e833d0e0575e6

sudaneseonline.com Open in urlscan Pro 2606:4700:20::ac43:4b3e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

261 Requests

99 %HTTPS

73 %IPv6

31 Domains

44 Subdomains

37 IPs

6 Countries

7661 kBTransfer

10445 kBSize

4 Cookies

7 Outgoing links

Page URL History

Redirected requests

261 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sudaneseonline.com Open in urlscan Pro
2606:4700:20::ac43:4b3e Public Scan

Screenshot
Live screenshot

Full Image

261
Requests

99 %
HTTPS

73 %
IPv6

31
Domains

44
Subdomains

37
IPs

6
Countries

7661 kB
Transfer

10445 kB
Size

4
Cookies

261 HTTP transactions
9 data transactions