sudaneseonline.com Open in urlscan Pro
2606:4700:20::681a:b2e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.sudaneseonline.com/
Effective URL:
https://sudaneseonline.com/
Submission: On March 21 via api (March 21st 2021, 5:22:16 am UTC) from US

Summary HTTP 240 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 29 domains to perform 240 HTTP transactions. The main IP is 2606:4700:20::681a:b2e, located in United States and belongs to CLOUDFLARENET, US. The main domain is sudaneseonline.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 17th 2020. Valid for: a year.

This is the only time sudaneseonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20 83	2606:4700:20:... 2606:4700:20::681a:b2e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:20:... 2606:4700:20::ac43:4b3e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	13.226.156.166 13.226.156.166	16509 (AMAZON-02) (AMAZON-02)
1 4	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1 2	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
4 5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 42	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
5 33	2606:4700::68... 2606:4700::6812:fb0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.154.113.34 195.154.113.34	12876 (Online SAS) (Online SAS)
1	146.59.152.166 146.59.152.166	16276 (OVH) (OVH)
3	51.91.224.95 51.91.224.95	16276 (OVH) (OVH)
2	2606:4700:303... 2606:4700:3033::ac43:9455	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.209.66 143.204.209.66	16509 (AMAZON-02) (AMAZON-02)
1	66.7.219.146 66.7.219.146	33182 (DIMENOC) (DIMENOC)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1	178.162.150.43 178.162.150.43	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	107.6.185.250 107.6.185.250	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	2a00:1450:400... 2a00:1450:400d:804::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a02:26f0:710... 2a02:26f0:7100:1ac::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:401... 2607:f8b0:4012:80b::2003	15169 (GOOGLE) (GOOGLE)
240	39

83 2606:4700:20::681a:b2e (United States) 20 redirects

ASN13335 (CLOUDFLARENET, US)

www.sudaneseonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sudaneseonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b3e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sudaneseonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.166 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-166.dus51.r.cloudfront.net

xslt.alexa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2606:4700::6812:fb0 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-media-cache-ak0.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.154.113.34 (Ivry-sur-Seine, France)

ASN12876 (Online SAS, FR)
PTR: 195-154-113-34.rev.poneytelecom.eu

e.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.152.166 (France)

ASN16276 (OVH, FR)
PTR: i.ibb.co

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.91.224.95 (France)

ASN16276 (OVH, FR)
PTR: i.postimg.cc

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:9455 (United States)

ASN13335 (CLOUDFLARENET, US)

www13.0zz0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www6.0zz0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.209.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-66.fra53.r.cloudfront.net

www.fotoknudsen.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.7.219.146 (Portland, United States)

ASN33182 (DIMENOC, US)
PTR: server2.sudanesesongs.net

www.sudanesesongs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.150.43 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

up4net.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.6.185.250 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
PTR: am1.fcomet.com

sudan-uprisings.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::200e (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

bp1.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:1ac::1931 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

media-cache-ec0.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4012:80b::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	sudaneseonline.com 21 redirects www.sudaneseonline.com sudaneseonline.com	573 KB
61	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	719 KB
34	pinimg.com 6 redirects i.pinimg.com s-media-cache-ak0.pinimg.com media-cache-ec0.pinimg.com	4 MB
26	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	207 KB
16	gstatic.com www.gstatic.com fonts.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com csi.gstatic.com	215 KB
8	googletagservices.com www.googletagservices.com	277 KB
8	google-analytics.com 1 redirects www.google-analytics.com google-analytics.com ssl.google-analytics.com	63 KB
7	google.com 4 redirects www.google.com adservice.google.com	2 KB
4	google.de www.google.de adservice.google.de	2 KB
3	postimg.cc i.postimg.cc	157 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	0zz0.com www13.0zz0.com www6.0zz0.com	68 KB
2	facebook.net connect.facebook.net	60 KB
1	blogspot.com 1.bp.blogspot.com	22 KB
1	blogger.com 1 redirects bp1.blogger.com	407 B
1	sudan-uprisings.org sudan-uprisings.org	40 KB
1	up4net.com up4net.com	99 KB
1	twimg.com pbs.twimg.com	34 KB
1	sudanesesongs.net www.sudanesesongs.net	69 KB
1	fotoknudsen.no www.fotoknudsen.no	21 KB
1	ibb.co i.ibb.co	10 KB
1	top4top.io e.top4top.io i.top4top.io Failed	46 KB
1	facebook.com www.facebook.com
1	googleadservices.com partner.googleadservices.com	645 B
1	jquery.com code.jquery.com	77 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	alexa.com xslt.alexa.com	622 B
1	cloudflare.com ajax.cloudflare.com	5 KB
0	Failed function sub() { [native code] }. Failed
240	29

	Domain	Requested by
64	sudaneseonline.com	1 redirects sudaneseonline.com code.jquery.com
42	tpc.googlesyndication.com	1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
28	i.pinimg.com
22	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
20	www.sudaneseonline.com	20 redirects
19	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
8	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
5	s-media-cache-ak0.pinimg.com	5 redirects
5	www.google.com	4 redirects sudaneseonline.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.google-analytics.com	sudaneseonline.com www.google-analytics.com www.googletagmanager.com
3	i.postimg.cc
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	ssl.google-analytics.com	1 redirects sudaneseonline.com
2	csi.gstatic.com	securepubads.g.doubleclick.net
2	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	connect.facebook.net	sudaneseonline.com connect.facebook.net
2	www.google.de	sudaneseonline.com
2	stats.g.doubleclick.net	1 redirects www.google-analytics.com
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	media-cache-ec0.pinimg.com	1 redirects
1	1.bp.blogspot.com
1	bp1.blogger.com	1 redirects
1	sudan-uprisings.org
1	www6.0zz0.com
1	up4net.com
1	pbs.twimg.com
1	www.sudanesesongs.net
1	www.fotoknudsen.no
1	www13.0zz0.com
1	i.ibb.co
1	e.top4top.io
1	www.facebook.com	connect.facebook.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	code.jquery.com	ajax.cloudflare.com
1	www.googletagmanager.com	ajax.cloudflare.com
1	xslt.alexa.com	ajax.cloudflare.com
1	google-analytics.com	ajax.cloudflare.com
1	ajax.cloudflare.com	sudaneseonline.com
0	http Failed
0	i.top4top.io Failed
240	46

This site contains links to these domains. Also see Links.

Domain
youtube.com
instagram.com
pinterest.com
www.linkedin.com
twitter.com
facebook.com
plus.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.pinimg.com DigiCert SHA2 High Assurance Server CA	`2020-05-28` - `2021-06-14`	a year	crt.sh
top4top.io R3	`2021-01-24` - `2021-04-24`	3 months	crt.sh
ibb.co R3	`2021-02-02` - `2021-05-03`	3 months	crt.sh
postimg.cc R3	`2021-01-17` - `2021-04-17`	3 months	crt.sh
www.albelli.com Amazon	`2020-05-09` - `2021-06-09`	a year	crt.sh
www.sudanesesongs.net Go Daddy Secure Certificate Authority - G2	`2020-04-22` - `2022-06-22`	2 years	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
up4net.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-30` - `2021-11-30`	a year	crt.sh
sudan-uprisings.org R3	`2021-01-31` - `2021-05-01`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://sudaneseonline.com/
Frame ID: 1D2EF3B467AEE3C1A55329219B3A2600
Requests: 136 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Frame ID: 1988839EEEB83631E320D64AC7773CFE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&adk=1812271804&adf=3025194257&lmt=1616304118&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsudaneseonline.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616304118191&bpp=12&bdt=352&idt=113&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5317095380662&frm=20&pv=2&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=132
Frame ID: F9C34C305BA14788388F3EC754AD9F74
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1616304118&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118211&bpp=3&bdt=372&idt=121&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cO8VU9JSfE&p=https%3A//sudaneseonline.com&dtd=127
Frame ID: B8F055FA3C803C3622D27C553D04B5DB
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118215&bpp=1&bdt=376&idt=136&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mZZ5sQDjbh&p=https%3A//sudaneseonline.com&dtd=140
Frame ID: 72FE1D81E790B525A9F20A86B836227E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1616304118&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=378&idt=145&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Tm7qQN1eLK&p=https%3A//sudaneseonline.com&dtd=148
Frame ID: 2AF5B309C729974C2DD07C43C77B1964
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=377&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QMTK9ZkNCB&p=https%3A//sudaneseonline.com&dtd=158
Frame ID: 032778A01F6BC9EFC66B2D615028BD6C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118217&bpp=2&bdt=379&idt=161&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=uyoRyLsHac&p=https%3A//sudaneseonline.com&dtd=165
Frame ID: 961F46A360F3AB6F916384ACA00B45AA
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=389&idt=191&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=dxoI7UVr0C&p=https%3A//sudaneseonline.com&dtd=194
Frame ID: 936D375233FD0B9AB8856CCF2EE759AD
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=600&slotname=0328297630&adk=2265731008&adf=2802248822&pi=t.ma~as.0328297630&w=120&lmt=1616304118&psa=0&format=120x600&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=388&idt=205&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280%2C135x700&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=801&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&fsb=1&xpc=nYLMWdhuDJ&p=https%3A//sudaneseonline.com&dtd=207
Frame ID: 9C8E5AE4F6F47C6338A13D3AEAC26AA3
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 9C10CEFC72D24486A96446BFF62355CE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C3303069C4BF89A597C7D3C3FF248D1B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 1D1EDB20732052F4F44A0F6C5E82BC1A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3456726179506550991/index.html
Frame ID: 784EA6E0AC0E620C926141F18A4FD333
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C4747CEEF7BCDD883EB860B81AB0C11E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 971657ADC65BB37C3FDEA46AAEFF185E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 4AFAE76AFC9EFECD1D82F989A2D49034
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: C546F215922AFD41FDB1EFB9F7F6F89A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 30248D1284DAA302AF9FD649E741AAC3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 0F9ED543A03ACB5BBF6DFB42CE983047
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: B966EB9CE5010F5E01FF0C32CE6EB610
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.sudaneseonline.com/ HTTP 301
http://sudaneseonline.com/ HTTP 301
https://sudaneseonline.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

240
Requests

99 %
HTTPS

78 %
IPv6

29
Domains

46
Subdomains

39
IPs

6
Countries

7084 kB
Transfer

9500 kB
Size

4
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://youtube.com/sudaneseonline/videos

Search URL Search Domain Scan URL

URL: https://instagram.com/sudaneseonline
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/sudaneseonline/pins/
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/sudaneseonline

Search URL Search Domain Scan URL

URL: https://twitter.com/sudaneseonline1

Search URL Search Domain Scan URL

URL: https://facebook.com/sudaneseonline
Title:

Search URL Search Domain Scan URL

URL: https://plus.google.com/+SudaneseOnline
Title: Google+

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.sudaneseonline.com/ HTTP 301
http://sudaneseonline.com/ HTTP 301
https://sudaneseonline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1575776726&utmhn=sudaneseonline.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D8%B3%D9%88%D8%AF%D8%A7%D9%86%D9%8A%D8%B2%D8%A7%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86%3ASudanese%20Online&utmhid=790675306&utmr=-&utmp=%2F&utmht=1616304118250&utmac=UA-251719-1&utmcc=__utma%3D24067384.1911798496.1616304118.1616304118.1616304118.1%3B%2B__utmz%3D24067384.1616304118.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1198953867&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-251719-1&cid=1911798496.1616304118&jid=1198953867&_v=5.7.2&z=1575776726 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=1911798496.1616304118&jid=1198953867&_v=5.7.2&z=1575776726 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=1911798496.1616304118&jid=1198953867&_v=5.7.2&z=1575776726&slf_rd=1&random=173607105

Request Chain 80

https://s-media-cache-ak0.pinimg.com/736x/41/33/4f/41334f236622880aa58d85f9fba3155c.jpg HTTP 301
https://i.pinimg.com/736x/41/33/4f/41334f236622880aa58d85f9fba3155c.jpg

Request Chain 82

https://www.sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg HTTP 301
https://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg

Request Chain 85

https://www.sudaneseonline.com/uploadpic15/sep/sudansudansudansudansudansudansudansudansudan-sudansudansudansudansudan1.jpg HTTP 301
https://sudaneseonline.com/uploadpic15/sep/sudansudansudansudansudansudansudansudansudan-sudansudansudansudansudan1.jpg

Request Chain 87

https://www.sudaneseonline.com/uploadpic14/mar/adamb_cowboy1.JPG HTTP 301
https://sudaneseonline.com/uploadpic14/mar/adamb_cowboy1.JPG

Request Chain 88

https://c.top4top.net/p_514yotp41.jpg HTTP 301
https://c.top4top.io/p_514yotp41.jpg HTTP 302
https://i.top4top.io/p_514yotp41.jpg

Request Chain 90

https://www.sudaneseonline.com/files/01sudaneseonline.com_767499326.jpg HTTP 301
https://sudaneseonline.com/files/01sudaneseonline.com_767499326.jpg

Request Chain 92

https://www.sudaneseonline.com/uploadpic15/sep/sudan24.JPG HTTP 301
https://sudaneseonline.com/uploadpic15/sep/sudan24.JPG

Request Chain 104

https://www.sudaneseonline.com/db/avatars/00000asudaneseonline.jpg HTTP 301
https://sudaneseonline.com/db/avatars/00000asudaneseonline.jpg

Request Chain 105

https://bp1.blogger.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg HTTP 301
https://1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg

Request Chain 107

https://www.sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg HTTP 301
https://sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg

Request Chain 110

https://www.sudaneseonline.com/uploadpic10/May/mamanadwa.jpg HTTP 301
https://sudaneseonline.com/uploadpic10/May/mamanadwa.jpg

Request Chain 111

https://www.sudaneseonline.com/db/avatars/drawings_il_340x270.375184795_gkx2_766470924.jpg HTTP 301
https://sudaneseonline.com/db/avatars/drawings_il_340x270.375184795_gkx2_766470924.jpg

Request Chain 113

https://www.sudaneseonline.com/english/files/cover/1nur_131441372.jpg HTTP 301
https://sudaneseonline.com/english/files/cover/1nur_131441372.jpg

Request Chain 114

https://www.sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg HTTP 301
https://sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg

Request Chain 115

https://s-media-cache-ak0.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg HTTP 301
https://i.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg

Request Chain 117

https://www.sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg HTTP 301
https://sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg

Request Chain 121

https://www.sudaneseonline.com/uploadpic14/mar/idris1.jpg HTTP 301
https://sudaneseonline.com/uploadpic14/mar/idris1.jpg

Request Chain 123

https://www.sudaneseonline.com/files/daily-writer/Salim_Dekin_948126226.jpg HTTP 301
https://sudaneseonline.com/files/daily-writer/Salim_Dekin_948126226.jpg

Request Chain 127

https://s-media-cache-ak0.pinimg.com/originals/97/b6/d0/97b6d0e6ea884632c0772aefbc4cd594.jpg HTTP 301
https://i.pinimg.com/originals/97/b6/d0/97b6d0e6ea884632c0772aefbc4cd594.jpg

Request Chain 129

https://s-media-cache-ak0.pinimg.com/originals/e2/6b/7e/e26b7ebb6bdfa8fd1f2ccff54674a2ae.jpg HTTP 301
https://i.pinimg.com/originals/e2/6b/7e/e26b7ebb6bdfa8fd1f2ccff54674a2ae.jpg

Request Chain 134

https://www.sudaneseonline.com/files/daily-writer/siri_gadora_194927617.jpg HTTP 301
https://sudaneseonline.com/files/daily-writer/siri_gadora_194927617.jpg

Request Chain 136

https://media-cache-ec0.pinimg.com/736x/27/f1/80/27f1805796a7f4c7e7f9d8c9a7fd1b4c.jpg HTTP 301
https://i.pinimg.com/736x/27/f1/80/27f1805796a7f4c7e7f9d8c9a7fd1b4c.jpg

Request Chain 138

https://www.sudaneseonline.com/arabic/files/daily-writer/mouafaq_950019901.jpg HTTP 301
https://sudaneseonline.com/arabic/files/daily-writer/mouafaq_950019901.jpg

Request Chain 143

https://s-media-cache-ak0.pinimg.com/736x/80/c3/dc/80c3dce5efbc748d66aacdda6fe6996f.jpg HTTP 301
https://i.pinimg.com/736x/80/c3/dc/80c3dce5efbc748d66aacdda6fe6996f.jpg

Request Chain 144

https://www.sudaneseonline.com/files/daily-writer/Ahmed_Elyas_202175910.jpg HTTP 301
https://sudaneseonline.com/files/daily-writer/Ahmed_Elyas_202175910.jpg

Request Chain 147

https://www.sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg HTTP 301
https://sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg

Request Chain 148

https://www.sudaneseonline.com/files/daily-writer/tawfiq_elhaj_588208489.jpg HTTP 301
https://sudaneseonline.com/files/daily-writer/tawfiq_elhaj_588208489.jpg

Request Chain 195

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrk9-MlgEQsAkYrAIyCCwXq2pyxb1C HTTP 301
https://tpc.googlesyndication.com/simgad/1942932766610285941

Request Chain 232

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 237

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 254

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

240 HTTP transactions
24 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sudaneseonline.com/
Redirect Chain

https://www.sudaneseonline.com/
http://sudaneseonline.com/
https://sudaneseonline.com/

38 KB
9 KB

13ms
13ms

Document
text/html

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 825c53dfafd552da507d2fec0b33fc102155787f668b801115dffe243460daa4

Request headers

:method: GET
:authority: sudaneseonline.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dc26b7353ad3d6a912521d2b831b46f4a1616304117
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
content-type: text/html
cache-control: max-age=10800
expires: Sat, 20 Mar 2021 10:00:00 GMT
vary: Accept-Encoding
x-powered-by: PleskLin
cf-cache-status: HIT
age: 69718
cf-request-id: 08f4d4b04100004e68248ac000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r%2FpsR0rOFujUZbgzO%2F%2FA4qjSFCvJfhCMEclfBIkU2QaO2oMQwhekRXD0EabiW5GQkjKfGoCS%2BOLSF5AGJF6vE6H39ZA2WTDNGS7rPUyUvS8qyg%2BJhxukgc8q2cXJu24%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6334bd6068114e68-FRA
content-encoding: br

Redirect headers

Date: Sun, 21 Mar 2021 05:21:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 21 Mar 2021 06:21:57 GMT
Location: https://sudaneseonline.com/
cf-request-id: 08f4d4b03300004de232a05000000001
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K5P1k9RYmArKypHUPo353RBDDhJo4CZ8r%2BXdL2XNAcm3NUUJRhetCWbaOKUdzRB9PLSA2QymEY3ozKr3KUKcs47vgxYILOjar8RI%2FtqXzcG67Y%2FHD1X%2FIp%2FOC8K8n3M%3D"}],"max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6334bd605cb64de2-FRA

GET
H2 200 5FC2zOw_W9_dNWqSVD1R6XReqLM.js Show response
sudaneseonline.com/cdn-cgi/apps/head/ 6 KB
2 KB 15ms
14ms Script
application/javascript 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cdn-cgi/apps/head/5FC2zOw_W9_dNWqSVD1R6XReqLM.js
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18a0f425e7929f0e35040c31fa34d0ac3584eea98b70d632a2da71554b827583

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2669080
content-type: application/javascript; charset=utf-8
x-amz-request-id: 773D4BCFD0755E03
x-amz-id-2: dKMr0kZqx4cqnUuWU+PCPp3CnIgoCfEB+3DPyoaFhJKp61YeELeV82zRIxJjTirdnbmfzwZpxLQ=
last-modified: Mon, 24 Jul 2017 16:32:06 GMT
server: cloudflare
etag: W/"71e55573d60eceb049b3e5b8113546ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zmiHe1XfA5sXTArCFt47v3IbR54FI8rEDZmLIttcGNlEHe09xzBHcnnlp7vb5BKoz9vR4KIu04UzDX5ROFno5ouR51X4t%2BtGOCzPoMmIg4aaGOzvu1QAnOVQnUqdjEU%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-version-id: sMxU3zQi_vRRZ5x5XHHTu9rDvofI_BJ0
cache-control: public, max-age=31536000
cf-request-id: 08f4d4b05600004e682d8d9000000001
cf-ray: 6334bd60883a4e68-FRA

GET
H2 200 rss2.css
sudaneseonline.com/ 1 KB
710 B 18ms
18ms Stylesheet
text/css 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/rss2.css?v=1.137
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 553184002d49f3197d581f56de0f8ab37d66f0ae73c3f3faa363ac26c56b02e0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 388888
x-powered-by: PleskLin
cf-request-id: 08f4d4b05600004e6808bd1000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DNk3Yx1iGIxS19SRkhIIJXrrJ4BxhKIWmkGR5wwTvjpVq5gT%2BDhDMOK5qDirhDOU8mESqjCQp%2BNZd9wSPHkGrp%2F4qWFXG437kXK1L2S0mh4URyI5fkcCvqtc%2Fyad9%2FA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=604800
cf-polished: origSize=1392
cf-ray: 6334bd60883d4e68-FRA
expires: Thu, 15 Apr 2021 17:20:29 GMT

GET
H2 200 youtube.png
sudaneseonline.com/files/social/ 1 KB
2 KB 10ms
10ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/youtube.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7717de7e2e218e956580963a667c5899e3ea5653cbc1569152330429f38542b5

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 213787
x-powered-by: PleskLin
content-disposition: inline; filename="youtube.webp"
content-length: 1122
cf-request-id: 08f4d4b06300004e681997f000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uSGY247rBw67%2FpO9wUKshwI16BhnQP65SSFmbxdArByyXBHxpSnjSHeN25T%2BQ8HwQ%2BMg5oHdfohx0zv%2Bn7o1P8XMZ3I%2FTMe92mIjMf0fN2nFma0fOF8euUU%2FTvceXDk%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=7708
accept-ranges: bytes
cf-ray: 6334bd6098534e68-FRA
expires: Fri, 18 Mar 2022 17:58:50 GMT

GET
H2 200 icon_in.png
sudaneseonline.com/files/social/ 31 KB
32 KB 12ms
10ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/icon_in.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 72a492fc88306b58b590d47f55feb08b11119d149db001980f20ad10846b21a2

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1497090
x-powered-by: PleskLin
content-disposition: inline; filename="icon_in.webp"
content-length: 31788
cf-request-id: 08f4d4b06800004e68fdb30000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wY4R5wf7gn%2BWPAsObX%2BM3vxVFVFMsLLk77s2Z3%2BJNTdwxpkGhrW2lhAJyqt7k00WHiGR8jmriPm3sPTO9zFeCs45UjlPzOLigv5T1YYNmjtFNYg2H4fpFAhV73yZfnc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=57664
accept-ranges: bytes
cf-ray: 6334bd60a8574e68-FRA
expires: Thu, 03 Mar 2022 21:30:27 GMT

GET
H2 200 pin.png
sudaneseonline.com/files/social/ 526 B
916 B 14ms
12ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/pin.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 72fea3fe50ffbc7bbf4648547ccf1a38ed660ec9971829aae72147845f44f81a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 206490
x-powered-by: PleskLin
content-disposition: inline; filename="pin.webp"
content-length: 526
cf-request-id: 08f4d4b06900004e6806366000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bu2xIvO1Nn1iZKzInYyEu%2F4Y8rs5QfPYn0%2F4%2FKBO7nVVpSxaPba3X92v%2B7tNmY0V3c%2FgGE9GRdkiUaaiA36gM4ulYko9h4Fesdk6WcpxFzPpHP4u%2FocIO5jz6gh%2B9FQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=7134
accept-ranges: bytes
cf-ray: 6334bd60a8584e68-FRA
expires: Fri, 18 Mar 2022 20:00:26 GMT

GET
H2 200 sudanese.gif
sudaneseonline.com/images/ 7 KB
7 KB 14ms
12ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/sudanese.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 03652ccf25e11afea2e0d5e0a443cbe2b7a201a567d1f9e83d152921b80ebcbb

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1489813
x-powered-by: PleskLin
content-disposition: inline; filename="sudanese.webp"
content-length: 7086
cf-request-id: 08f4d4b06900004e68f39d2000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GkcSBQPpGeJz5XMrTdsGiGsD4YzPIy%2Bb45Z1YNqY1g3jX%2FKjT0KFxt2RKz%2FUp4coe4%2BwiF2zfiKJXM2MQEQTo1wvdTzVSUUJ9G3Lp%2BmXk%2BWvXB8cejYcka%2Fw5%2Fwb2qY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=9641
accept-ranges: bytes
cf-ray: 6334bd60a8594e68-FRA
expires: Thu, 03 Mar 2022 23:31:44 GMT

GET
H2 200 asudanese.gif
sudaneseonline.com/images/ 6 KB
7 KB 14ms
12ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/asudanese.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 719a9c5b70a7847cc11a4cbec622308f61315c4e849d91e3f156fe5790487f76

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1322958
x-powered-by: PleskLin
content-disposition: inline; filename="asudanese.webp"
content-length: 6540
cf-request-id: 08f4d4b06900004e68df823000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1JwxWQ%2FrXyelvbxJ6qClXeGFMRxLf3tyvnZicRBiz1Kw0WAKReYldB0mRtPYmRcG%2BkscYzVeYU1cuH98jaUOouE1vE4%2Fe%2FML7%2B80lz3cRXkjDSPjTrYdbqGNOYIbcus%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=8535
accept-ranges: bytes
cf-ray: 6334bd60a85a4e68-FRA
expires: Sat, 05 Mar 2022 21:52:39 GMT

GET
H2 200 linkedin.png
sudaneseonline.com/files/social/ 488 B
914 B 16ms
15ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/linkedin.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8dfce04e20664e11e151528f4f1ba4bb9e75f62c322c67964c70a1abde8db31b

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 75717
x-powered-by: PleskLin
content-disposition: inline; filename="linkedin.webp"
content-length: 488
cf-request-id: 08f4d4b06900004e68388ce000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h%2BzlDEjccl9ayjbEpQmi1FmtrJOJQ00dmk17%2FqfhyoEJVGlijUZfKxINWNyQH480Oe5P875btuc8qiWaVJ69KI%2FbacQ4kVqzcx%2B%2FyWM9PioOl2UlT19Z6CxY%2FeJD92w%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=850
accept-ranges: bytes
cf-ray: 6334bd60a85b4e68-FRA
expires: Sun, 20 Mar 2022 08:20:00 GMT

GET
H2 200 chrome_twitter.png
sudaneseonline.com/files/social/ 392 B
921 B 11ms
11ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/chrome_twitter.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 547ac2b7bf734f40cc994c11bbe5643fb7ae0f86442b53694a73a2b7bc550b53

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 211591
x-powered-by: PleskLin
content-disposition: inline; filename="chrome_twitter.webp"
content-length: 392
cf-request-id: 08f4d4b06e00004e682895a000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Axsts1uAgxzEZnBRy87EDR9L%2B5Z5uS10TZNOyJNC48BfGlhMgm4ZfQI4nVJ2AgXZ%2FlXvAlckxzHQiIh1OtH5KoviH6mMiyKz1uLy5FwaA0R6uadg814YN4tKT3k4wcA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=6946
accept-ranges: bytes
cf-ray: 6334bd60b8674e68-FRA
expires: Fri, 18 Mar 2022 18:35:26 GMT

GET
H2 200 facebook.png
sudaneseonline.com/files/social/ 612 B
1 KB 15ms
14ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/facebook.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 797c26f036647914a3edb42b47186fef5dea31a6d548fa4bf94917c7e17735a2

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 211568
x-powered-by: PleskLin
content-disposition: inline; filename="facebook.webp"
content-length: 612
cf-request-id: 08f4d4b07700004e68cf956000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nYR%2B4fj2XiW84eSMgx5Ek%2BdY0CwNDR5hO4VKRicBTs%2FYStSCJDNpJDKTqvUB2%2FbIYTyNYj2ZLWesAwvRIhZWEplkJRnkFNLGwO96x47dQQGpYZbneEPlULBHwXqL%2Fo8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=7013
accept-ranges: bytes
cf-ray: 6334bd60b8734e68-FRA
expires: Fri, 18 Mar 2022 18:35:49 GMT

GET
H2 200 halibsudanese.jpg
sudaneseonline.com/db/avatars/ 2 KB
2 KB 12ms
11ms Image
image/jpeg 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/halibsudanese.jpg
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7be91ce97275c300ce632c8e46d84811da453937eb643aa48f63f723fef0153a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219005
x-powered-by: PleskLin
content-length: 1761
cf-request-id: 08f4d4b07700004e68ca19e000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oJ7ZGrHW6erjOiI%2BNfUiBXnOD7hmHHsISdIcjYrxmxSdhM4mDSdWDAY1HoO7NwORB2cn9hnVIFch1SXVlBGuJz1Uh0nFHFw%2FZdvHKsIUGXIP9pqlsoeaKoJuj7MCdJs%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 6334bd60b8744e68-FRA
expires: Fri, 18 Mar 2022 16:31:52 GMT

GET
H2 404 dot.gif
sudaneseonline.com/ 3 KB
3 KB 301ms
300ms Image
text/html 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/dot.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ed7d72de81ce28a49509b04006c99759ce51715d83f38fac7f58ee59313d028a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 28 Nov 2013 07:11:13 GMT
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w8MApQQxKqQgByOAxBXMkyDuKvanrIxMYwyvWOgdxzU3uBall1gQNSNMLe6SENqD0Oxc5fcuOpNKpStIM78ui5Vd1lQWsX%2FaoJtbQrjkid4jJVxGN%2B%2FjjeAAXU%2FxgyA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html
cache-control: max-age=172800
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6334bd60b8754e68-FRA
cf-request-id: 08f4d4b07700004e68eaad0000000001

GET
H2 200 page_13.gif
sudaneseonline.com/images/ 200 B
564 B 11ms
11ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_13.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c10af103c2513beba5a7397f609106745382adea54bd90b818fa6f4fe8781026

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 75717
x-powered-by: PleskLin
content-disposition: inline; filename="page_13.webp"
content-length: 200
cf-request-id: 08f4d4b07800004e68cc9e3000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R1atweDd6%2FYduNr2a2Vvh43lKIQMvxzs55J%2B7fJ%2BvStqvCdDw%2FlC6tDAzIY8Z2qrTHYwKRCCmWPjt8lAhsGVTv1%2FFjm%2Fg6ZcBMEwK%2BUD2xBtXcvAkq%2BybyqFYTPjrZc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=222
accept-ranges: bytes
cf-ray: 6334bd60b8764e68-FRA
expires: Sun, 20 Mar 2022 08:20:00 GMT

GET
H2 200 page_15.gif
sudaneseonline.com/images/ 126 B
626 B 13ms
13ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_15.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d15f56ad8410162f6486e3dddf17ace90b3b3dd10142d29a97d4f26a9b13f9b7

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 215124
x-powered-by: PleskLin
content-disposition: inline; filename="page_15.webp"
content-length: 126
cf-request-id: 08f4d4b07800004e68032c8000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2kVrdLZJHIjPZw0EQKizIEn0LO6g26blf1E8SUO1eGSlKI5S%2BXoLmzjxxyFX2M%2BbhbQi0Ff%2BxBevZvheQAchG6uHalQTlFVpm4rO3fX0Ya%2BAHCF%2FjHEhUUxD0bInuNo%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=169
accept-ranges: bytes
cf-ray: 6334bd60c8784e68-FRA
expires: Fri, 18 Mar 2022 17:36:33 GMT

GET
H2 200 page_17.gif
sudaneseonline.com/images/ 160 B
528 B 11ms
10ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_17.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b112d143d0b935fa4c67ee13a697324083dee7bb17b2ae39edee1753e7160db7

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 215124
x-powered-by: PleskLin
content-disposition: inline; filename="page_17.webp"
content-length: 160
cf-request-id: 08f4d4b07900004e68dd158000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rNrUYvJE4bFnkTBESEI%2FxfJZwUxPtCCvucGDwlrazIXq7l9VQAFUK5HpFJFivuo0cKgoS5kFj9P5bY0F88tte9lnGTITG9QblJp8w7h%2BhHWTeOoeKHa%2F7V4Cm468tbE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=189
accept-ranges: bytes
cf-ray: 6334bd60c87c4e68-FRA
expires: Fri, 18 Mar 2022 17:36:33 GMT

GET
H2 200 page_18.gif
sudaneseonline.com/images/ 894 B
1 KB 14ms
14ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_18.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1137d4c1e3478a9652bd6ca78e55ed48335bd330a209cd4ef45d1c54bf8d6c8d

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 390055
x-powered-by: PleskLin
content-disposition: inline; filename="page_18.webp"
content-length: 894
cf-request-id: 08f4d4b08300004e6835a3e000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nd1HENVXK08SDJDDp9IRsfwixt5ymk0FzrTxCI%2FfQgtm8uWjjZQopiApL6T1ii5SM7mtp821p3IJ2sWdPKLDXdLFFpwhEZMUZ7hxCEN55%2BNpF9IqlrAvrwXdIJWCHK8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=1388
accept-ranges: bytes
cf-ray: 6334bd60d8924e68-FRA
expires: Wed, 16 Mar 2022 17:01:02 GMT

GET
H2 200 page_67.gif
sudaneseonline.com/images/ 133 B
465 B 11ms
10ms Image
image/gif 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_67.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: dbf89db2d125549c513937d10e3af603d5aee8ec51bd14c318322c1dc2b97195

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219005
x-powered-by: PleskLin
content-length: 133
cf-request-id: 08f4d4b08300004e6821a16000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FNR1AqNvFQYl9TM3MkZnJ%2FvSdS47MpvR1q%2BhxPlLZ%2FaBrInhGvl8Ga%2FZMxQhfwsOJni5Ed5zZ%2FmV2WWgPq2Z4zqEIFc2veIv5BmMgi0I2BIvjnNzyK%2FI5I5bc1GhGjI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cache-control: public, max-age=2592000
cf-polished: origSize=141, status=webp_bigger
accept-ranges: bytes
cf-ray: 6334bd60d8934e68-FRA
expires: Fri, 18 Mar 2022 16:31:52 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 25ms
9ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
cf-request-id: 08f4d4b07800004a86e116b000000001
last-modified: Tue, 16 Mar 2021 22:16:23 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60512e37-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vvRKV7KGD8G1jzk7vUycPqJg%2FCqNZ2%2FcidIYNzpI5YuP%2Fpl4Ggs9Nk1a%2FgevMHhPHo%2BCdyb5%2BLBQmSjc1nh%2BaTYfNi%2BJGgbuEXe8sQBpYuT%2BR2LMV9VgYDg2EvPnStxI"}]}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6334bd60ce344a86-FRA
expires: Tue, 23 Mar 2021 05:21:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/cdn-cgi/apps/head/5FC2zOw_W9_dNWqSVD1R6XReqLM.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6812
date: Sun, 21 Mar 2021 03:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 21 Mar 2021 05:28:25 GMT

GET
H2 200 page_11.gif
sudaneseonline.com/images/ 65 B
424 B 11ms
10ms Image
image/gif 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_11.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2d0ed65db95ee9a4db6cfc439c2cfd35b8562cd082357fd24bd4ee7e903768cc

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 779208
x-powered-by: PleskLin
content-length: 65
cf-request-id: 08f4d4b08600004e681b231000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LR2TGLyC0BYtOHDeUtqoVsgOeCt7jyVDjbkOhq0tiTO3R6GysOtAeoRivK3EDaIsnRRHVIiz5sQYAO9m3prm8FcXB3MG5BSrA08SMKU3xdlri432c%2FeUk4I9ppgFNAA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cache-control: public, max-age=2592000
cf-polished: origSize=73, status=webp_bigger
accept-ranges: bytes
cf-ray: 6334bd60d89b4e68-FRA
expires: Sat, 12 Mar 2022 04:55:09 GMT

GET
H2 200 page_14.gif
sudaneseonline.com/images/ 112 B
485 B 11ms
10ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_14.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0ffb5e6a9625ae55529682bcb47bc148799f92f6c4b9aa7b959d0ecba3031b99

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2109173
x-powered-by: PleskLin
content-disposition: inline; filename="page_14.webp"
content-length: 112
cf-request-id: 08f4d4b08600004e68e9374000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fgid2AgyUhlG75w3thjuBwi%2FP0CM9a%2BXVd0Rv2CfRpFvHrNegAYWScfeIF97gfHx6Z0V6LVQwMaBwoX%2B%2BwzXi%2BrOlyoMd4uZsxDwtIQwn2FIBG7j22FpKS3bEqXYieY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=266
accept-ranges: bytes
cf-ray: 6334bd60d89c4e68-FRA
expires: Thu, 24 Feb 2022 19:29:04 GMT

GET
H2 200 page_16.gif
sudaneseonline.com/images/ 118 B
541 B 13ms
12ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_16.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: be3320dc4e3f9f68c6f001ac32d204b9d881de39e0895d6cfa094f2271b59b6a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 215124
x-powered-by: PleskLin
content-disposition: inline; filename="page_16.webp"
content-length: 118
cf-request-id: 08f4d4b08600004e68ee257000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1bAqsQkgKffuJIScAZXXSxo9rcjBBZrCkjzah8WTxDDA%2BE7oByfQeuvF%2F20VANQlEPIk2r5epsGr7vjhtds%2F4dSPdFK%2FZN4WyTCSvnG8fgcwxpYoIaKRkym8K0GOb2E%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=318
accept-ranges: bytes
cf-ray: 6334bd60d89d4e68-FRA
expires: Fri, 18 Mar 2022 17:36:33 GMT

GET
H2 200 page_36.gif
sudaneseonline.com/images/ 43 B
557 B 11ms
11ms Image
image/gif 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_36.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 724e999373acde2068adc1a148b9fce57faed54dae3dd9edf30345c26bdeaaea

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 347875
x-powered-by: PleskLin
content-length: 43
cf-request-id: 08f4d4b08e00004e68d5187000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CBurm8Z3PxFq2nUPgYkuM%2BQrLxZFYDptvDGg7WNRweRwurvXmE%2BiPLgugsmcaLRuOX0SD4yd7guZoXhhf7jsFVnxEN5VNs2dFyf5d4iS0ecs2XuAOVfPrPBIU5FnaQE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cache-control: public, max-age=2592000
cf-polished: origSize=51, status=webp_bigger
accept-ranges: bytes
cf-ray: 6334bd60e8a84e68-FRA
expires: Thu, 17 Mar 2022 04:44:02 GMT

GET
H2 200 page_65.gif
sudaneseonline.com/images/ 59 B
382 B 13ms
12ms Image
image/gif 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_65.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8568618df18202314a62419e94e30f4183c4878adb08066b1e76110173c16c1a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 75332
x-powered-by: PleskLin
content-length: 59
cf-request-id: 08f4d4b09200004e6810904000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VYIMpaXy3tbdX7Ol2LHe9Uk%2BJJkvqIA1DriiDa9tjWlCQXM8CilGmIsGoRTMkIiPR2N17FGGEXmh9ZPG%2Blph3jwnmBeeIonlRk7cVNmi3dNWKJ626A1hGf5xViynnvs%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cache-control: public, max-age=2592000
cf-polished: origSize=67, status=webp_bigger
accept-ranges: bytes
cf-ray: 6334bd60e8ac4e68-FRA
expires: Sun, 20 Mar 2022 08:26:24 GMT

GET
H2 200 page_69.gif
sudaneseonline.com/images/ 52 B
438 B 10ms
10ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_69.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d8535f1b381398d4053486b50f3b99b5b283f65adc65ed66c52fb74ad44f47a3

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 75332
x-powered-by: PleskLin
content-disposition: inline; filename="page_69.webp"
content-length: 52
cf-request-id: 08f4d4b09200004e68f12a1000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mILn5%2FdaVoy9cxyVpWu7sidATmol6ETgRKLqNxyaiPYmYDq1icIdyITK9oF1B8cC99g5yWVuyFJkF5OzHxqXOWd0C%2Fe%2B%2BemGFIxlfhnrMnSjXSOLe6rSf3nWe%2Fbw83U%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=70
accept-ranges: bytes
cf-ray: 6334bd60e8ae4e68-FRA
expires: Sun, 20 Mar 2022 08:26:24 GMT

GET
H2 200 urchin.js Show response
google-analytics.com/ 22 KB
7 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://google-analytics.com/urchin.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 280
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6847
expires: Sun, 04 Apr 2021 05:17:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 42ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

839b41dd475d143b31c479aa6e666b8deb648b293ee93e67071222960f2b75cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49857
x-xss-protection: 0
server: cafe
etag: 11991498641368206346
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 05:21:57 GMT

GET
H/1.1 200
OK a Show response
xslt.alexa.com/site_stats/js/s/ 151 B
622 B 186ms
59ms Script
binary/octet-stream 13.226.156.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xslt.alexa.com/site_stats/js/s/a?url=sudaneseonline.com
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-166.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd19302865a315df9a57552a585191f452efcbed7b0ab6b6569f4bebb764366e

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 03:08:45 GMT
Via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
Last-Modified: Fri, 27 Oct 2017 21:53:09 GMT
Server: AmazonS3
Age: 8025
ETag: "394d6f2c6c2041a2fbcdaad0e525aa7b"
X-Cache: Hit from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 151
X-Amz-Cf-Id: hjAapcRnW235zkFvaHkkgsK1_hez-dFpA2s6uCMp-OgtsJQXl0Gmcw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-115921305-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4dc53e865862cad7b6933239b719184774dbfe1b02d988f1a8cf94f8a39a2dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39100
x-xss-protection: 0
last-modified: Sun, 21 Mar 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Mar 2021 05:21:57 GMT

GET
H2 200 jquery-1.8.3.js Show response
code.jquery.com/ 260 KB
77 KB 26ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.8.3.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 756d7dfac4a35bb57543f677283d6c682e8d704e5350884b27325badd2b3c4a7

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-40f49"
vary: Accept-Encoding
x-hw: 1616304117.dop208.fr8.t,1616304117.cds217.fr8.hn,1616304117.cds225.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 78927

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
391 B 46ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=790675306&t=pageview&_s=1&dl=https%3A%2F%2Fsudaneseonline.com%2F&ul=en-us&de=UTF-8&dt=%D8%B3%D9%88%D8%AF%D8%A7%D9%86%D9%8A%D8%B2%D8%A7%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86%3ASudanese%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=331297975&gjid=189418864&cid=1911798496.1616304118&tid=UA-251719-1&_gid=1809223899.1616304118&_r=1&_slc=1&z=1374522673

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:21:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sudaneseonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 102ms
28ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-251719-1&cid=1911798496.1616304118&jid=331297975&gjid=189418864&_gid=1809223899.1616304118&_u=IEBAAEAAAAAAAC~&z=627167099

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 21 Mar 2021 05:21:58 GMT
content-type: text/plain
access-control-allow-origin: https://sudaneseonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 22ms
21ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-251719-1&cid=1911798496.1616304118&jid=331297975&_u=IEBAAEAAAAAAAC~&z=1319169216

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:21:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-251719-1&cid=1911798496.1616304118&jid=331297975&_u=IEBAAEAAAAAAAC~&z=1319169216

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:21:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ 226 KB
85 KB 55ms
42ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862665169833586&plah=sudaneseonline.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86501
x-xss-protection: 0
server: cafe
etag: 16342648926818324530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 05:21:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/ Frame 1988 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210316/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 20 Mar 2021 18:01:35 GMT
expires: Sat, 03 Apr 2021 18:01:35 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 40823
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 799
date: Sun, 21 Mar 2021 05:08:39 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sun, 21 Mar 2021 07:08:39 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9585e77708ec1c4787f5a94e897317930ca8808ee699f1fa1335dd64d9b7cb91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: dvn/LHEiV+xP8DKHJBH4wA==
cross-origin-resource-policy: cross-origin
expires: Sun, 21 Mar 2021 05:30:24 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1778
x-fb-rlafr: 0
x-fb-debug: 7ZWQkUiL/DbLj0BPYCbal7N4fyIyjAPdo4n2EhotEjzZO9ScBYF34bliADEfONhxOfVTXAhBDEq/ZhipvKCx2Q==
x-fb-trip-id: 2050670934
x-fb-content-md5: b53f84c343a7c9d4ee8fd636dd97bf63
date: Sun, 21 Mar 2021 05:21:58 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "3cf82d9fd62def8c4a74fb4f75ce2f13"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

839b41dd475d143b31c479aa6e666b8deb648b293ee93e67071222960f2b75cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49857
x-xss-protection: 0
server: cafe
etag: 11991498641368206346
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 05:21:58 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
49 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=790675306&t=pageview&_s=1&dl=https%3A%2F%2Fsudaneseonline.com%2F&ul=en-us&de=UTF-8&dt=%D8%B3%D9%88%D8%AF%D8%A7%D9%86%D9%8A%D8%B2%D8%A7%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86%3ASudanese%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUABAAAAAC~&jid=1969017267&gjid=1044008126&cid=1911798496.1616304118&tid=UA-115921305-1&_gid=1809223899.1616304118&_r=1&gtm=2ou3a0&z=1201211097

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:21:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sudaneseonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-115921305-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6813
date: Sun, 21 Mar 2021 03:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 21 Mar 2021 05:28:25 GMT

GET
H3-Q050

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1575776726&utmhn=sudaneseonline.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-251719-1&cid=1911798496.1616304118&jid=1198953867&_v=5.7.2&z=1575776726
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=1911798496.1616304118&jid=1198953867&_v=5.7.2&z=1575776726
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=1911798496.1616304118&jid=1198953867&_v=5.7.2&z=1575776726&slf_rd=1&random=173607105

42 B
483 B

45ms
29ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=1911798496.1616304118&jid=1198953867&_v=5.7.2&z=1575776726&slf_rd=1&random=173607105

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:21:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:21:58 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=1911798496.1616304118&jid=1198953867&_v=5.7.2&z=1575776726&slf_rd=1&random=173607105
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/sdb/ 16 KB
4 KB 337ms
337ms XHR
application/rss+xml 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=505
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d507009ab741bec8c32027ef538c8343cfa8cad56a63b66933f63f42ec864a0c

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vl6%2F%2FkGg0QL5EfDdmQREi%2BIDCUMjjYeZj9knqYCQi0ZSTiREKdf5dw9Gpu05TFcSawbTtPGnnhrHQaRfJfsffohqhBkJpB8RD%2B7njMo8a3Q7u2dR0YKcF72FCW0EdNw%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
cf-ray: 6334bd632a974e68-FRA
cf-request-id: 08f4d4b1f800004e6841a5a000000001
expires: Sun, 21 Mar 2021 05:21:59 GMT

GET
H2 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/sdb/ 14 KB
3 KB 309ms
309ms XHR
application/rss+xml 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=510
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f4bc87cc13c11d0187ff9e40d81c5f6d2bdcff9a199c605e0c162b6c6ca1faa8

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2mrqZ9EWL2wbRaw8jZVBNzvN0jdRkk0LQS1aTmhFQzFZ0HaBLphg%2FMxXBm4VuN3DUmDRgu9AW6eLlwF4dFWHPmhNPC3yS8f2vyVyNANAq%2BD9dUdQfUiQGZYosVgv2Fs%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
cf-ray: 6334bd632a994e68-FRA
cf-request-id: 08f4d4b1f900004e68df832000000001
expires: Sun, 21 Mar 2021 05:21:59 GMT

GET
H2 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/esdb/ 13 KB
3 KB 320ms
320ms XHR
application/rss+xml 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=10
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7adfd28e4d3f82986994929a83ff23a3ee91984f81adb7d1377b85bb78adcb44

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9bL2ZO%2B7fqysd3n2FwX5x%2B0NYag1tJg3um8e%2BL4COoGO5VQ%2FYOi4KnRwtINVQ5emhl9M014oPNdblIlZzisUzkG3A2v5FrgEtPVBBa2nCq1JUPbAiXp20%2FzpHoHpnkQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
cf-ray: 6334bd632a9a4e68-FRA
cf-request-id: 08f4d4b1f900004e683baae000000001
expires: Sun, 21 Mar 2021 05:21:59 GMT

GET
H2 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/sdb/ 16 KB
3 KB 294ms
294ms XHR
application/rss+xml 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=30
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 334fdebf1fccd5f5132b821a92ab6233fe14d6588b7dd823a9641e82337680b6

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F0s0q3qYbl9HpUZnUJawSHuAUbBBQrnvckIUyjvtb5jEC9KGEQl%2FU88msUPnknvlo9qBGsJiODMUw6JtvafVqDFpqeXfcebj9Hs2kZg8OxDWNOPPEj8euLm5Pm7QBL0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
cf-ray: 6334bd632a9d4e68-FRA
cf-request-id: 08f4d4b1f900004e681dbe8000000001
expires: Sun, 21 Mar 2021 05:21:59 GMT

GET
H2 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/esdb/ 13 KB
3 KB 320ms
320ms XHR
application/rss+xml 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=15
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ccac7e99aecc81b124c6c36628fc4bf4cd036a4eeefda0aeec23769e54d8232c

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t%2BQm%2FWZyRILXQRWPQNQ4LJQTB0oMibSmUqpIf1IF3G7ddAwsaU6aN4f5t2w438PleRbFkMoXe93utIwLJffZvI7Zn3rCuVhvImLKJq293kmsykJElrpaaQSw6HKKhC4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
cf-ray: 6334bd632a9e4e68-FRA
cf-request-id: 08f4d4b1fa00004e68d93f1000000001
expires: Sun, 21 Mar 2021 05:21:59 GMT

GET
H2 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/esdb/ 12 KB
3 KB 310ms
310ms XHR
application/rss+xml 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=12
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: aec1aadaaf76d0dc3ffc5078820f9efd4fa28d6396fb4d644dfa952005068f4f

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n%2FTl3dIQMEb643gPHhgkwRBmoevYwlTdYzhq%2FZkuyXemF1IgRKtBVKidrFS4Y8OQGlfaKqWSg7UtcTDygYOTLY%2FaLLiSWYmPfgm2MJFDM8rad3QLNbUJiwPBBzsfAWg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
cf-ray: 6334bd632aa04e68-FRA
cf-request-id: 08f4d4b1fd00004e683182c000000001
expires: Sun, 21 Mar 2021 05:21:59 GMT

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/ 35 B
383 B 20ms
20ms Image
image/gif 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=1.4&utmn=704351846&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D8%B3%D9%88%D8%AF%D8%A7%D9%86%D9%8A%D8%B2%D8%A7%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86%3ASudanese%20Online&utmhn=sudaneseonline.com&utmhid=790675306&utmr=-&utmp=/&utmac=UA-251719-1&utmcc=__utma%3D24067384.1911798496.1616304118.1616304118.1616304118.1%3B%2B__utmz%3D24067384.1616304118.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 02:36:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9926
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 190 KB
58 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=452ca4dd1bd5508ff283d200e2f13ee1&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a2ef7f79cbe1183b3c9f5e6ddf513cd4cc3742fefbb199d94b506f0fd78d0d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://sudaneseonline.com
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: uxT9eNCjppDYGrasgF13hA==
cross-origin-resource-policy: cross-origin
expires: Mon, 21 Mar 2022 04:45:39 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 58377
x-fb-rlafr: 0
x-fb-debug: GzubIGKSa+bBogpWPN+uvcuHtOA7atnsBbNF94Vokua2OrBivgy22/Sucu4cB0RSnIvyMK4Fh9lB5guBF1dSOg==
x-fb-trip-id: 917726464
x-fb-content-md5: 2f523e8b63b958e5a0515d52eeb85113
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 21 Mar 2021 05:21:58 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ab6b0558ab38d13506a19662e6b489cf"
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
645 B 165ms
59ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sudaneseonline.com&callback=_gfp_s_&client=ca-pub-9862665169833586

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862665169833586&plah=sudaneseonline.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

f80dc587886f79d919aedb1c49d206af66b57e5f4cc875054379f0e8fcc3ed8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 34ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sudaneseonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 33ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sudaneseonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F9C3 54 B
596 B 69ms
55ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&adk=1812271804&adf=3025194257&lmt=1616304118&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsudaneseonline.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616304118191&bpp=12&bdt=352&idt=113&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5317095380662&frm=20&pv=2&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=132

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&adk=1812271804&adf=3025194257&lmt=1616304118&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsudaneseonline.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616304118191&bpp=12&bdt=352&idt=113&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5317095380662&frm=20&pv=2&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=132
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 21 Mar 2021 05:21:58 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 21-Mar-2021 05:36:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:21:58 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 44ms
31ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

826d0fa047035b8ecee3dcdebcb9955ecc91f1c85bfb42aa1ba91d9c49175c71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6506
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 32ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:21:58 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B8F0 56 KB
20 KB 206ms
204ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1616304118&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118211&bpp=3&bdt=372&idt=121&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cO8VU9JSfE&p=https%3A//sudaneseonline.com&dtd=127

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d02e1c83de57abd45b1a6c3f382ca3679576d22ece985485b560b3257811ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1616304118&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118211&bpp=3&bdt=372&idt=121&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cO8VU9JSfE&p=https%3A//sudaneseonline.com&dtd=127
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 21 Mar 2021 05:21:58 GMT
server: cafe
content-length: 20759
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 21-Mar-2021 05:36:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:21:58 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 72FE 51 KB
20 KB 218ms
217ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118215&bpp=1&bdt=376&idt=136&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mZZ5sQDjbh&p=https%3A//sudaneseonline.com&dtd=140

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be6902f615f1fb5a9ada0bbf6ebe2c1e14fa085cb741f3e234bc07446cb6e12f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118215&bpp=1&bdt=376&idt=136&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mZZ5sQDjbh&p=https%3A//sudaneseonline.com&dtd=140
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 21 Mar 2021 05:21:58 GMT
server: cafe
content-length: 20311
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 21-Mar-2021 05:36:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:21:58 GMT
cache-control: private

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 47ms
34ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=653080081416030&input_token&origin=1&redirect_uri=https%3A%2F%2Fsudaneseonline.com%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=452ca4dd1bd5508ff283d200e2f13ee1&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: znAtjuPBKYACNENwOVSEf2+h5lbS73ES8vwzhcOv4WHlVrmirygSaE0kxaxStGqiRNuhHF0IyGwsrjCmEzZ30Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 21 Mar 2021 05:21:58 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sudaneseonline.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2AF5 84 KB
31 KB 478ms
477ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1616304118&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=378&idt=145&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Tm7qQN1eLK&p=https%3A//sudaneseonline.com&dtd=148

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26b07f904c703957e1dd48850a351d68c9a0dd73ce301033f072f89b3a6790ca

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3456726179506550991/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3456726179506550991/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM_tzIbSwO8CFUCFgwcd20YJKw&gqi=9tdWYMfqFtTJgQfY8I-AAw&layout=/sadbundle/%24csp%253Der3%24/3456726179506550991/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1616304118&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=378&idt=145&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Tm7qQN1eLK&p=https%3A//sudaneseonline.com&dtd=148
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3456726179506550991/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3456726179506550991/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM_tzIbSwO8CFUCFgwcd20YJKw&gqi=9tdWYMfqFtTJgQfY8I-AAw&layout=/sadbundle/%24csp%253Der3%24/3456726179506550991/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 21 Mar 2021 05:21:58 GMT
server: cafe
content-length: 31267
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 21-Mar-2021 05:36:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:21:58 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0327 50 KB
20 KB 585ms
584ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=377&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QMTK9ZkNCB&p=https%3A//sudaneseonline.com&dtd=158

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e3baebf07177d9749751087d746b3ba2456144b15eb5ae256e73b9444e08324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=377&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QMTK9ZkNCB&p=https%3A//sudaneseonline.com&dtd=158
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 21 Mar 2021 05:21:58 GMT
server: cafe
content-length: 20191
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 21-Mar-2021 05:36:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:21:58 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:21:58 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 42ms
27ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sudaneseonline.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
257 B 42ms
28ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sudaneseonline.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 961F 60 KB
21 KB 672ms
672ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118217&bpp=2&bdt=379&idt=161&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=uyoRyLsHac&p=https%3A//sudaneseonline.com&dtd=165

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fbcf5fa225b6bd00d77fdbbf99b40b5e31e278211b129a7aa9625c81852f169

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118217&bpp=2&bdt=379&idt=161&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=uyoRyLsHac&p=https%3A//sudaneseonline.com&dtd=165
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 21 Mar 2021 05:21:59 GMT
server: cafe
content-length: 21688
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 21-Mar-2021 05:36:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:21:59 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 936D 77 KB
23 KB 407ms
407ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=389&idt=191&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=dxoI7UVr0C&p=https%3A//sudaneseonline.com&dtd=194

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eacc511f0381e38a1687b46cd1d3548de2d66b575db1a3c95d4718fb3b23ed55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=389&idt=191&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=dxoI7UVr0C&p=https%3A//sudaneseonline.com&dtd=194
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 21 Mar 2021 05:21:58 GMT
server: cafe
content-length: 23714
x-xss-protection: 0
set-cookie: IDE=AHWqTUnHr_u6JFsET5HrdwB2JoBvueptHUecbmzqRowMG9OMAqwbsxCmJX3n-zrTBFc; expires=Fri, 15-Apr-2022 05:21:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:21:58 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9C8E 69 KB
23 KB 320ms
319ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=600&slotname=0328297630&adk=2265731008&adf=2802248822&pi=t.ma~as.0328297630&w=120&lmt=1616304118&psa=0&format=120x600&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=388&idt=205&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280%2C135x700&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=801&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&fsb=1&xpc=nYLMWdhuDJ&p=https%3A//sudaneseonline.com&dtd=207

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8375c595319cb9323cf9b4041537ecd1eb540023c816eff5c0f305962e999a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=600&slotname=0328297630&adk=2265731008&adf=2802248822&pi=t.ma~as.0328297630&w=120&lmt=1616304118&psa=0&format=120x600&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=388&idt=205&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280%2C135x700&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=801&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&fsb=1&xpc=nYLMWdhuDJ&p=https%3A//sudaneseonline.com&dtd=207
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 21 Mar 2021 05:21:58 GMT
server: cafe
content-length: 23376
x-xss-protection: 0
set-cookie: IDE=AHWqTUnXDwOLA9-31Otq1X71dthk4R3sMCkQm_sgqsjd_4fpj5sxcy7HAS6O4caVNhU; expires=Fri, 15-Apr-2022 05:21:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:21:58 GMT
cache-control: private

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 9C10 12 KB
5 KB 34ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sat, 20 Mar 2021 19:53:32 GMT
expires: Sun, 20 Mar 2022 19:53:32 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 34106
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C10 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 145018
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 13:05:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B8F0 6 KB
765 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1616304118&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118211&bpp=3&bdt=372&idt=121&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cO8VU9JSfE&p=https%3A//sudaneseonline.com&dtd=127

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Mar 2021 04:04:15 GMT
server: ESF
date: Sun, 21 Mar 2021 05:21:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Mar 2021 05:21:58 GMT

GET
H3-Q050 200 bgl_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/ Frame B8F0 5 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/bgl_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c506296ca312c789a1a1952e5c70ee8a40a80c4cbbef8169df8f996d97d3d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 22:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2553
x-xss-protection: 0
server: cafe
etag: 5036628006222996298
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 22:00:22 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame B8F0 2 KB
988 B 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 891
x-xss-protection: 0
server: cafe
etag: 8551179781376740118
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:13:47 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame B8F0 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:21:19 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame B8F0 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:15:33 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B8F0 117 KB
36 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:21:58 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame B8F0 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:07:27 GMT

GET
H2 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame B8F0 25 KB
11 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 21:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 285823
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Tue, 15 Jun 2021 21:58:15 GMT

GET
H2 200 937a15082c8364b7d235265dacc6a744.jpg
i.pinimg.com/originals/93/7a/15/ 32 KB
32 KB 48ms
29ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/93/7a/15/937a15082c8364b7d235265dacc6a744.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4130840cd3b4551d245f902798f99c85267091b851a6d4b389c35af04f9789f5

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "eb61072fc250ab1ed0329f2f37a0d177"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 16
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd6538fc96ce-FRA
content-length: 32862
cf-request-id: 08f4d4b345000096ceb7886000000001
server: cloudflare
origin-latency: 16

GET
H2 200 news1.png
sudaneseonline.com/uploadpic19/ 26 KB
27 KB 14ms
12ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic19/news1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f0c9e59fe4556a5ca7da317a52097784bbe634004d9f67c78b36d0b7f4656704

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 214942
x-powered-by: PleskLin
content-disposition: inline; filename="news1.webp"
content-length: 26968
cf-request-id: 08f4d4b33400004e6831836000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TE4h%2F8zt0VDj9lDuNPZBdj0iYixnIkfD5947%2BWEMg4saMiiNc7vWqJCZVUf5PGQyjld421N730D%2FY21Sv0QttJhkrI4M6ruJvmRc52x2N7tVIRt%2BNzK4NmNybJgLua8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=43107
accept-ranges: bytes
cf-ray: 6334bd652c2e4e68-FRA
expires: Fri, 18 Mar 2022 17:39:36 GMT

GET
H2 200 8f7bf6bbb47713546abc8af7a6a9f2a9.jpg
i.pinimg.com/originals/8f/7b/f6/ 1 MB
1 MB 90ms
72ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/8f/7b/f6/8f7bf6bbb47713546abc8af7a6a9f2a9.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 331acc20dae5667a603f25d217d1da5fdac46547422c81e74b16c3af90f9751a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "a756fefb30d00ce4d02a6f558b976b67"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 10
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd6538fe96ce-FRA
content-length: 1280732
cf-request-id: 08f4d4b346000096ce7d22e000000001
server: cloudflare
origin-latency: 10

GET
H2

200

41334f236622880aa58d85f9fba3155c.jpg
i.pinimg.com/736x/41/33/4f/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/736x/41/33/4f/41334f236622880aa58d85f9fba3155c.jpg
https://i.pinimg.com/736x/41/33/4f/41334f236622880aa58d85f9fba3155c.jpg

22 KB
22 KB

32ms
29ms

Image
image/jpeg

2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/41/33/4f/41334f236622880aa58d85f9fba3155c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e035d5e3d092548b462fd177a9c7dc6d57a8d8e2abda9e4821dbff185642699

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "300b30b54e4471c127c110074e779225"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 10
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65c92596ce-FRA
content-length: 22020
cf-request-id: 08f4d4b3a2000096ce94868000000001
server: cloudflare
origin-latency: 10

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
x-cdn: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8
location: https://i.pinimg.com/736x/41/33/4f/41334f236622880aa58d85f9fba3155c.jpg
cf-ray: 6334bd653b32beba-FRA
content-length: 0
cf-request-id: 08f4d4b34e0000beba481ed000000001
server: cloudflare

GET
H2 200 i_folder_announce_379821710.gif
sudaneseonline.com/files/ 2 KB
3 KB 13ms
12ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/i_folder_announce_379821710.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 489b9fb1fbacf1ba411b43325a90df87c0673880b48f7ebca8c5798edd311adc

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 214416
x-powered-by: PleskLin
content-disposition: inline; filename="i_folder_announce_379821710.webp"
content-length: 2412
cf-request-id: 08f4d4b33400004e6808bec000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jWJSOoymQXQgbbw8XZBQYXXEWspEi7InItlk%2F%2FJh49ew0szvJMCzGeV4cM%2BsMmwUE49uPqyfp9ILIbgvh7Q6CKICr8rvhwGP1oWw%2BBQsGK4NSTapPykikwolg%2FfPs9I%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=2603
accept-ranges: bytes
cf-ray: 6334bd652c304e68-FRA
expires: Fri, 18 Mar 2022 17:48:22 GMT

GET
H2

200

4sudanews_jpg10.jpg_500x400_841775616.jpg
sudaneseonline.com/db/avatars/
Redirect Chain

https://www.sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg
https://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg

1 KB
2 KB

13ms
13ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b9b22ee5c44be56ed8d9915f66fdc68649e6b6280facfc5416dec407f8362f4c

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 809204
x-powered-by: PleskLin
content-disposition: inline; filename="4sudanews_jpg10.webp"
content-length: 1290
cf-request-id: 08f4d4b38f00004e680e0c6000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BHfJ9F2lguWyXMMpJ3NNpj5tp4MgYpVcUx9h8zw2A5%2FMCS61jdkpT4qs6leVfND0beN4xH4mclK3nRbNsdH7EZrX0Z9xEsv%2FbcdUBGGsBLmWOaGkcj12MYMtk6VZ7uI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=1852
accept-ranges: bytes
cf-ray: 6334bd65bca24e68-FRA
expires: Fri, 11 Mar 2022 20:35:14 GMT

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 531
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gcm6Lgy%2F3QaxIbC%2Fi3%2B%2BT5cUFB8IG4cvDv5zD4YWQatYsDCEXmG7eLdxH1D%2FiYbWBGprls6nHuBx9IaoW7SZAfakYd5SF6kv9LhKWYRVE9NUL0tNpFC5GT%2FtZdX3lmTbHpni"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg
cache-control: max-age=172800
cf-ray: 6334bd652c314e68-FRA
cf-request-id: 08f4d4b33500004e68d7bff000000001

GET
H2 200 mohamed_nour_aoudou_566558160.jpg
sudaneseonline.com/files/daily-writer/ 12 KB
13 KB 11ms
10ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/mohamed_nour_aoudou_566558160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 68430414496d22c9b9ea0010992f5c56c62aa1cf814e74a440c8a11f04e9dd16

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 212810
x-powered-by: PleskLin
content-disposition: inline; filename="mohamed_nour_aoudou_566558160.webp"
content-length: 12668
cf-request-id: 08f4d4b33500004e681b24a000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EBXhf3Teku9yiWtT00nDAjV08rJmEtXIjA5zbU4Lz6OQMKDVzO3muWA%2FRyHakqoLwT5pFVzupBP3uWCQnWFjqLHoN%2F5h0gEDV1RHD2SmEFk49xGVokLpTbR5kP4LbPA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=32115
accept-ranges: bytes
cf-ray: 6334bd652c324e68-FRA
expires: Fri, 18 Mar 2022 18:15:08 GMT

GET
H2 200 press.png
sudaneseonline.com/uploadpic19/ 43 KB
43 KB 11ms
10ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic19/press.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7ddadf329de63774f1dedde0cd0a01a422b46a93daa2b36c138f659be3f1ac11

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 802607
x-powered-by: PleskLin
content-disposition: inline; filename="press.webp"
content-length: 43628
cf-request-id: 08f4d4b33b00004e6821a2c000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rWOYm9ftBVmjM7tzFevmHschlBLk1DBun5VlzRxqCBTrrfoJBeHDzpR1HATqKVtGtzmhmbWUS1tff9gYO6B4tgMnAC%2BQFmyp1P%2BAkS0AtPQQjIp3ysSMdqqfkvUeHYg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=62188
accept-ranges: bytes
cf-ray: 6334bd652c364e68-FRA
expires: Fri, 11 Mar 2022 22:25:11 GMT

GET
H2

200

sudansudansudansudansudansudansudansudansudan-sudansudansudansudansudan1.jpg
sudaneseonline.com/uploadpic15/sep/
Redirect Chain

https://www.sudaneseonline.com/uploadpic15/sep/sudansudansudansudansudansudansudansudansudan-sudansudansudansudansudan1.jpg
https://sudaneseonline.com/uploadpic15/sep/sudansudansudansudansudansudansudansudansudan-sudansudansudansudansudan1.jpg

17 KB
18 KB

13ms
9ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic15/sep/sudansudansudansudansudansudansudansudansudan-sudansudansudansudansudan1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a0b4fbbefd7eae3eb86600d6e00fcdc69258c39451e22ab05ebd200653311572

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 554250
x-powered-by: PleskLin
content-disposition: inline; filename="sudansudansudansudansudansudansudansudansudan-sudansudansudansudansudan1.webp"
content-length: 17504
cf-request-id: 08f4d4b3a000004e6808bef000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BtqLCKP4ubhoYYPHpuLlisRVDc%2FUH1wey0qDPXywr7dAF5Afu0oOvERpjIROJoZIF6U3SJrqrL87dF%2BbcSQXApGat8XBgWZnBmxsMa0XErAIoG9iAvY38PHGVYlvvcs%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=23483
accept-ranges: bytes
cf-ray: 6334bd65ccb74e68-FRA
expires: Mon, 14 Mar 2022 19:24:28 GMT

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 119
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mclW8%2FzWfMerJLTqMpkr0GDeYK8AyCaW%2FK8XB%2FgZ7%2BgYQ6OI%2BzfxK2Oqk342emisD0bk%2FAHtqd6aNsgu3MAH8dzAX5ieW2a%2FmfGZsfT9HbLXRKeb2UoctUTIwgdIkiaIjlH8"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic15/sep/sudansudansudansudansudansudansudansudansudan-sudansudansudansudansudan1.jpg
cache-control: max-age=172800
cf-ray: 6334bd653c404e68-FRA
cf-request-id: 08f4d4b34100004e68350e2000000001

GET
H2 200 p_185496fjg1.jpg
e.top4top.io/ 46 KB
46 KB 221ms
87ms Image
image/jpeg 195.154.113.34
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.top4top.io/p_185496fjg1.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.113.34 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-113-34.rev.poneytelecom.eu
Software: nginx /
Resource Hash: b8c0557cbdd0251dcad213bc5f4d2409ccbe9bce3da0d62db589208238f77f96

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-file-id: x36582964x
date: Sun, 21 Mar 2021 05:21:58 GMT
last-modified: Thu, 28 Jan 2021 03:52:13 GMT
server: nginx
etag: "601234ed-b731"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="ahmedmatar1.jpg"
accept-ranges: bytes
content-length: 46897
expires: Sun, 21 Mar 2021 07:21:58 GMT

GET
H2

200

adamb_cowboy1.JPG
sudaneseonline.com/uploadpic14/mar/
Redirect Chain

https://www.sudaneseonline.com/uploadpic14/mar/adamb_cowboy1.JPG
https://sudaneseonline.com/uploadpic14/mar/adamb_cowboy1.JPG

14 KB
14 KB

16ms
12ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic14/mar/adamb_cowboy1.JPG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4240475704d5c6560364fd97b581ab0a38024b705ec7c4e41e100c4ed8f97792

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 512456
x-powered-by: PleskLin
content-disposition: inline; filename="adamb_cowboy1.webp"
content-length: 13864
cf-request-id: 08f4d4b3a000004e68e938f000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qQO9iQJBlLHsfV%2FDvqi4B%2FqH2qt3xQ%2B1a4FAfyoUGTRelW1Y%2BmmECGaLlMwKvnXy8Ka5FcE3Er4mqcfYnNo%2BH7IX68BgVERv1hIQvQLy0KG9Pj679nuTtYlwgt8WLu8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: max-age=31536000
cf-polished: qual=85, origFmt=jpeg, origSize=25185
accept-ranges: bytes
cf-ray: 6334bd65ccbb4e68-FRA
expires: Tue, 15 Mar 2022 07:01:02 GMT

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 530
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=61gPB55j%2FCiyJYOpREhq97y4TkEvDYmMe%2FThW%2FxWfH0c6CISLuXc3Gf1y52FObXSsTb7fqB6CyDXk5Hyt9bRl7x1sk1LVnuaqbIIy5MgnGjgdjuusowBXOya%2FsZhGEYSNGzM"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic14/mar/adamb_cowboy1.JPG
cache-control: max-age=172800
cf-ray: 6334bd653c414e68-FRA
cf-request-id: 08f4d4b34200004e6824150000000001

GET

p_514yotp41.jpg
i.top4top.io/
Redirect Chain

https://c.top4top.net/p_514yotp41.jpg
https://c.top4top.io/p_514yotp41.jpg
https://i.top4top.io/p_514yotp41.jpg

0
0

GET
H2 200 qrcode-sudan-org.png
i.ibb.co/Yp86Zmx/ 9 KB
10 KB 173ms
55ms Image
image/png 146.59.152.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/Yp86Zmx/qrcode-sudan-org.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.59.152.166 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: c0621f56e27eaeb8da58aa598039a2c9adff987b864eb21745b3f7143b883a5c

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
last-modified: Wed, 17 Mar 2021 13:06:34 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 9572
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

01sudaneseonline.com_767499326.jpg
sudaneseonline.com/files/
Redirect Chain

https://www.sudaneseonline.com/files/01sudaneseonline.com_767499326.jpg
https://sudaneseonline.com/files/01sudaneseonline.com_767499326.jpg

8 KB
8 KB

17ms
13ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/01sudaneseonline.com_767499326.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8a1248f56a6e54ab10fb4860af9189cc5718e788c1fd66f66da17a5409e6191b

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 690672
x-powered-by: PleskLin
content-disposition: inline; filename="01sudaneseonline.webp"
content-length: 8072
cf-request-id: 08f4d4b3a000004e68d7802000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wNMd%2F9zdRcUPbl1gBbW%2FM1eAj1zKMZN4ncF75KVSh537URG4iBrvUXX8QkRdiQlKPhidgg%2Bqo3fNka8LOSTjHvYPCpuXLvLHu1jTC1Y%2Bhjew1n2OTD7wdtp3Yd711%2FE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=38764
accept-ranges: bytes
cf-ray: 6334bd65ccba4e68-FRA
expires: Sun, 13 Mar 2022 05:30:46 GMT

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 969
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WAXgHGgbPBtDte7GK54wS5qx0XTrzi4l6PklHJQhfb%2FxHiapkGv5gKtdYUGQn1AVbLcYkSmHuNe3jvhOz%2FnkM9x34aoPIRmtq6w2%2B4R0D2gKrRwBi%2FscI5Vv7ZtXYjZTDHTm"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/files/01sudaneseonline.com_767499326.jpg
cache-control: max-age=172800
cf-ray: 6334bd653c424e68-FRA
cf-request-id: 08f4d4b34300004e68d51a0000000001

GET
H2 200 Candacy1.jpg
i.postimg.cc/G22mXthT/ 81 KB
81 KB 183ms
59ms Image
image/jpeg 51.91.224.95
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/G22mXthT/Candacy1.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.91.224.95 , France, ASN16276 (OVH, FR),
Reverse DNS: i.postimg.cc
Software: nginx /
Resource Hash: fb066449432103954937cfee8ad798a7b096d0805dcd3fce09f6204f401bd245

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
last-modified: Sun, 26 Jul 2020 02:50:00 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 82784
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

sudan24.JPG
sudaneseonline.com/uploadpic15/sep/
Redirect Chain

https://www.sudaneseonline.com/uploadpic15/sep/sudan24.JPG
https://sudaneseonline.com/uploadpic15/sep/sudan24.JPG

28 KB
28 KB

11ms
10ms

Image
image/jpeg

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic15/sep/sudan24.JPG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c817682c0d0aefdd54577d609d58d18ada6340b5321d22fa56fbe46c895f6bef

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3617106
x-powered-by: PleskLin
content-length: 28195
cf-request-id: 08f4d4b48d00004e6810927000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gsh30s0LokQ5qSQCdFEWykqGG18a9FVoJUIKezfWB64mD0Q3isG6vXNs30l3lz9d0tb02lfU5RDe2AOw15jueqY%2BivtBcZm8h3SuO7VuiKVQu1JB7%2FT1NgyM5uZx0Kw%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=31536000
cf-polished: origSize=30436, status=webp_bigger
accept-ranges: bytes
cf-ray: 6334bd674e0b4e68-FRA
expires: Mon, 07 Feb 2022 08:36:52 GMT

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4lb%2FEWktl7fEarL%2FpJpEBkMMPjVnXWrfmE9o30xerLfIrD82RArf%2Bmyd%2B23L4EvOgZvRj629UyI4MaKgyJnaJHs1cQR1NSjS%2F7POmWPFxyP1vxyN6QnWkpPupX%2BZRjWzuU06"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic15/sep/sudan24.JPG
cache-control: max-age=172800
cf-ray: 6334bd653c434e68-FRA
cf-request-id: 08f4d4b34400004e68eaaea000000001

GET
H2 200 113148755.jpg
www13.0zz0.com/2021/03/18/20/ 67 KB
68 KB 30ms
12ms Image
image/jpeg 2606:4700:3033::ac43:9455
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www13.0zz0.com/2021/03/18/20/113148755.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:9455 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

937750ffdd41b5079218f0c49ea4c86157c646130ca635c067d245800194dc04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 392
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 69088
cf-request-id: 08f4d4b35500004e7fa71c9000000001
last-modified: Thu, 18 Mar 2021 17:26:33 GMT
server: cloudflare
etag: "10de0-5bdd2e698ff51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2f69UCK2XHoRo3M%2F1fUsJIhVyXt6zxsnhbyu3vjRWuaMVImn2ZZPAigOc6Wkbp%2FEtFzb2v6rWawfH0dPOcrkev%2Fwp3FtSh3kENQaYJERWZfnv5xpybOyvawjvw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6334bd6558964e7f-FRA

GET
H2 200 PAP_404.jpg
www.fotoknudsen.no/google-shopping/no/ 21 KB
21 KB 243ms
91ms Image
image/webp 143.204.209.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fotoknudsen.no/google-shopping/no/PAP_404.jpg?d=700x700
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-66.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65607d9ada7e71cd6e40bd2a4a1c8a4be8f1912641cbdf07b1905d514a1cf892

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:42:58 GMT
via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
age: 146340
x-cache: Hit from cloudfront
content-length: 21278
x-amz-id-2: Zk/xkniEjLLHZh9OXFHHVWKymzezyAR8p8v0ESXqSIsxvE7E4s4fkdyPu7BE2n2RL3Rwc0jDVD4=
last-modified: Tue, 08 Oct 2019 16:34:49 GMT
server: AmazonS3
etag: "4fdd6135553462adee69ad98eef1c344"
x-amz-request-id: XWXZKF92RWJ090PG
cache-control: max-age=86400
x-amz-version-id: null
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/webp
x-amz-cf-id: l4EYYf3QGfbKIgy5Udv59dAkCsmub6oaq_9Ks7XvVxkszRBvOky5Kg==

GET
H/1.1 200
OK PHOTO-2021-03-04-06-32-26.jpg.ca3faa1409091633d16b16da777e83a3.jpg
www.sudanesesongs.net/uploads/monthly_2021_03/ 69 KB
69 KB 792ms
201ms Image
image/jpeg 66.7.219.146
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sudanesesongs.net/uploads/monthly_2021_03/PHOTO-2021-03-04-06-32-26.jpg.ca3faa1409091633d16b16da777e83a3.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.7.219.146 Portland, United States, ASN33182 (DIMENOC, US),
Reverse DNS: server2.sudanesesongs.net
Software: Apache /
Resource Hash: fedf6c31f0488f1fb72d46208830a8e4a92f0c519e0cbd92e9ac20a1f8619e5a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:21:59 GMT
Last-Modified: Thu, 04 Mar 2021 13:06:10 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 70930
Content-Type: image/jpeg

GET
H2 200 1235431_519882864764087_1850835521_n.jpg
sudaneseonline.com/db/avatars/ 31 KB
31 KB 10ms
10ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/1235431_519882864764087_1850835521_n.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 25014d25c6a1108834a61fe0b0197ff78574e162146a711ec425f30a968c87b8

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1497656
x-powered-by: PleskLin
content-disposition: inline; filename="1235431_519882864764087_1850835521_n.webp"
content-length: 31524
cf-request-id: 08f4d4b36800004e68ca1b8000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XQ%2BpL3c4r%2Bhg459YsjOFs%2BWarVQrpDNsuDHXgkbJCACKWOx1WG8cevvDwhau4U8Fuqvgb%2FUTL2PQQvYyK99fkjOmaT1vhmjVRPO1cSIeDhXUcCXcZtgEKuY3D9ATCAE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=65737
accept-ranges: bytes
cf-ray: 6334bd657c6e4e68-FRA
expires: Thu, 03 Mar 2022 21:21:02 GMT

GET
H2 200 NRst8TqQ_400x400.jpg
pbs.twimg.com/profile_images/1198562165675962368/ 33 KB
34 KB 54ms
14ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1198562165675962368/NRst8TqQ_400x400.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BB3) /

Resource Hash

e10dba2b62a403e299ad9ab9cf4d137389e7db2d016d7aaec2f25b78884942cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
x-content-type-options: nosniff
age: 230309
x-cache: HIT
content-length: 34031
x-response-time: 115
surrogate-key: profile_images profile_images/bucket/6 profile_images/1198562165675962368
last-modified: Sun, 24 Nov 2019 11:19:03 GMT
server: ECS (amb/6BB3)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ec6e686516c540f9542617a6af749535
accept-ranges: bytes

GET
H2 200 DAN-8729a.jpg
i.postimg.cc/Xv7NF3sh/ 65 KB
65 KB 134ms
59ms Image
image/jpeg 51.91.224.95
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/Xv7NF3sh/DAN-8729a.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.91.224.95 , France, ASN16276 (OVH, FR),
Reverse DNS: i.postimg.cc
Software: nginx /
Resource Hash: d088fdea337c0464e5c88c421e2245ab56a40e513fddd84978312ff6c6f2ec29

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
last-modified: Sun, 25 Aug 2019 11:44:19 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 66639
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK up4net-Image-_10e0b.jpg
up4net.com/uploads/ 99 KB
99 KB 163ms
52ms Image
image/jpeg 178.162.150.43
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://up4net.com/uploads/up4net-Image-_10e0b.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.162.150.43 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: Apache /
Resource Hash: d3bc545309b36fa9412d3bd21c78732babbb8e308f0dec2511479f8938de6f9f

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 21 Mar 2021 05:21:58 GMT
Last-Modified: Sun, 26 Jul 2020 13:39:24 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 101267

GET
H2 404 484768910.jpg
www6.0zz0.com/2015/03/03/05/ 0
0 62ms
50ms Image
text/html 2606:4700:3033::ac43:9455
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www6.0zz0.com/2015/03/03/05/484768910.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9455 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 Mohammed-Issa-Dodo.jpg
sudan-uprisings.org/wp-content/uploads/2019/06/ 39 KB
40 KB 213ms
64ms Image
image/jpeg 107.6.185.250
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudan-uprisings.org/wp-content/uploads/2019/06/Mohammed-Issa-Dodo.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.6.185.250 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: am1.fcomet.com
Software: Apache /
Resource Hash: f980381a6d7c3219c534917bbfc5d57c5c79ee22551ae2684a4a7608475b2e6a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:57 GMT
last-modified: Tue, 11 Jun 2019 08:12:12 GMT
server: Apache
accept-ranges: bytes
content-length: 40437
content-type: image/jpeg

GET
H2 200 images.jpeg
sudaneseonline.com/db/avatars/ 12 KB
13 KB 13ms
12ms Image
image/jpeg 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/images.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 667bf5c1af491ae038eaa4c45bdd041d86e53ccc27bb929f593ba7b60cf20615

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1137397
x-powered-by: PleskLin
content-length: 12752
cf-request-id: 08f4d4b3b500004e68cc9ff000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xoXlQn2s73nit67Vruw25Y0hoB5QGs57VxIO3et%2FzSbMPkQccknx%2BzVd6pKMg9%2FL7%2FaEt7FM7RP%2B2Y22H2VqamPRRD80mAysKKdywD8f0VtsaCOcUlynRL9efCuQbTQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-polished: origSize=13092, status=webp_bigger
accept-ranges: bytes
cf-ray: 6334bd65ecee4e68-FRA
expires: Tue, 08 Mar 2022 01:25:21 GMT

GET
H2 200 d38af4a1fa19289e76462fe3bd5a1a6f.jpg
i.pinimg.com/564x/d3/8a/f4/ 28 KB
29 KB 26ms
23ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/564x/d3/8a/f4/d38af4a1fa19289e76462fe3bd5a1a6f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c02ddc028251ce8b5aaf959bc6e90d6944467212439f5bf283dbbd99292c815f

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "96c05b4c1c11aa1721f7c84f3c2a267d"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 10
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65490096ce-FRA
content-length: 29038
cf-request-id: 08f4d4b34a000096ce7f95b000000001
server: cloudflare
origin-latency: 10

GET
H2

200

00000asudaneseonline.jpg
sudaneseonline.com/db/avatars/
Redirect Chain

https://www.sudaneseonline.com/db/avatars/00000asudaneseonline.jpg
https://sudaneseonline.com/db/avatars/00000asudaneseonline.jpg

13 KB
13 KB

19ms
15ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/00000asudaneseonline.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 372d04f407947fdd808207dde54cf389d2535f566ea1b0cbd6dea35faf41e80c

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 77057
x-powered-by: PleskLin
content-disposition: inline; filename="00000asudaneseonline.webp"
content-length: 12846
cf-request-id: 08f4d4b3a100004e6835a57000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zVwERIEnnwDpBiqvoG1XX2W3YJ8araZ0lz8j%2BrBpQnoUrv3JatIUXJ7IR4a6RhdxFRtDx0AqQWZNBzrj22U9%2BG%2FXtC8unq70o4f3ufHHRdoeM9yBGmWlR7It%2FK%2FivVA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=48686
accept-ranges: bytes
cf-ray: 6334bd65ccbf4e68-FRA
expires: Sun, 20 Mar 2022 07:57:41 GMT

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 479
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l76tGM4nwnGkVrtIk%2Buh38Gon27cTRWJjBTd5RxOQqUpIY5txK5KhkDrDKBrisf896FXDtckqxaEdDzHonrC50RkcvfGaMO6zl%2B4qo8Qmw%2F86jMzSPQgaD5n1CUfv53kwdFM"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/db/avatars/00000asudaneseonline.jpg
cache-control: max-age=172800
cf-ray: 6334bd654c4e4e68-FRA
cf-request-id: 08f4d4b34a00004e68388e8000000001

GET
H2

200

Darfur_Destroyed.jpg
1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/
Redirect Chain

https://bp1.blogger.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg
https://1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg

22 KB
22 KB

27ms
6ms

Image
image/jpeg

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d470ab3f2efb2271564c86298b3139480369a7d8b85cc117631ae5714605d93a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 01:24:16 GMT
x-content-type-options: nosniff
age: 14262
content-disposition: inline;filename="Darfur_Destroyed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22596
x-xss-protection: 0
server: fife
etag: "v45"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 21 Mar 2021 04:26:45 GMT

Redirect headers

date: Sat, 20 Mar 2021 07:31:21 GMT
x-content-type-options: nosniff
server: fife
age: 78637
location: https://1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg
vary: Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 297
x-xss-protection: 0
expires: Mon, 19 Apr 2021 07:31:21 GMT

GET
H2 200 shawgo.jpg
sudaneseonline.com/db/avatars/ 57 KB
57 KB 12ms
11ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/shawgo.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cf5f8602ddd688b3192c614d2ec643678944be422c98f2b7370423283ffa93e1

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2096578
x-powered-by: PleskLin
content-disposition: inline; filename="shawgo.webp"
content-length: 58382
cf-request-id: 08f4d4b3c700004e68f39ef000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mqGXuHJh9SheqbYWtFXYB6ak2IBNTG%2F0Rv6ts0Bijl%2FiSjR2lIPc3HYiPd5yET1ww9oXWhcGlspvGfI2b2%2B9IUYD1kBYiRd3SERWMmOmWdoRm%2B3xZzFt0kPwWO0BucY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=262818
accept-ranges: bytes
cf-ray: 6334bd660d064e68-FRA
expires: Thu, 24 Feb 2022 22:59:00 GMT

GET
H2

404

sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg
sudaneseonline.com/uploadpic11/june/
Redirect Chain

https://www.sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg
https://sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg

3 KB
3 KB

275ms
272ms

Image
text/html

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ed7d72de81ce28a49509b04006c99759ce51715d83f38fac7f58ee59313d028a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 28 Nov 2013 07:11:13 GMT
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3WhJ8OYiZnnnzmXTzsWWZXcXk2GuZHzZDBQO%2FP1gKmwMGKM9tCj%2BHCjUcY2QtjPCLlW%2Bx2AQTvaheesecfxfmuFZzQur7iz%2BMPiWtjIbEagEnbf%2BrO3n%2BAQNzZeyA0E%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html
cache-control: max-age=172800
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6334bd65ccc14e68-FRA
cf-request-id: 08f4d4b3a100004e68ee272000000001

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 351
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9nBTWN%2FNoN04lzQXDTX4wMt%2FY5SsVtXDba1w3%2FJ2fje2KcTc%2BCQ6YL489SMLKn6WFWiqY80GZcvmc0T0USWko42UrYnKRKh1CnQvOowom3cNpsBNWhg0Ow0F8THlaCaqX4vB"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg
cache-control: max-age=172800
cf-ray: 6334bd654c4f4e68-FRA
cf-request-id: 08f4d4b34b00004e68d2b67000000001

GET 1016333_488823897867823_1875840390_nsudan1sudan.jpg
http//www.sudaneseonline.com/uploadpic14/mar/ 0
0

GET
H2 200 mosafir.jpg
sudaneseonline.com/uploadpic16/may/ 2 KB
3 KB 13ms
13ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic16/may/mosafir.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 56583d7365641d0274d83f874ccdc02fd4524a491f481ef968c962c10c61d3b4

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 214416
x-powered-by: PleskLin
content-disposition: inline; filename="mosafir.webp"
content-length: 2432
cf-request-id: 08f4d4b3d500004e68d51a5000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W0kaNVHPC86aRM%2BVx3S57h7QWjbwImtlja3I6dJfskiXa1FLE60wSCmTbQbvQ%2FHL7va3M9Ra21UFHCEDSupJknbV%2FvYA0NECblSt9w2hy4tZtxqKK8NcxkGvNAgld7I%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=3709
accept-ranges: bytes
cf-ray: 6334bd662d244e68-FRA
expires: Fri, 18 Mar 2022 17:48:22 GMT

GET
H2

200

mamanadwa.jpg
sudaneseonline.com/uploadpic10/May/
Redirect Chain

https://www.sudaneseonline.com/uploadpic10/May/mamanadwa.jpg
https://sudaneseonline.com/uploadpic10/May/mamanadwa.jpg

20 KB
20 KB

15ms
11ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic10/May/mamanadwa.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 992388fbeff91f69ece1f2af28b26cd013db8135f58d8d05b96c9aecdc62a731

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 70642
x-powered-by: PleskLin
content-disposition: inline; filename="mamanadwa.webp"
content-length: 20326
cf-request-id: 08f4d4b3a100004e68faa8e000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=igWGI0f8yExN%2FtvXFxDOpyCIfNBTy5BLWn478ImVjI7lBxCXxYkVNYQKe4KGHnCP%2FtoHRBKDIKr0UXHfQZZi0r%2FqdzelAMrouCJvkRrb5gO6l3ePpuWQimDhrXKNa14%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=45668
accept-ranges: bytes
cf-ray: 6334bd65ccc04e68-FRA
expires: Sun, 20 Mar 2022 09:44:36 GMT

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 351
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mfs%2BGkOwUiHmrrc2lCNk50ubS9v%2BGvfgH%2BgDx5MpPhqONLedFsC6wdCHy6HTlvGP6LfHf5DD82b45TWOuKn4KSFcBKlQOLWXnxGn3dC8VDMkr1H1Nva0e0iGP6mdVbZDdarP"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic10/May/mamanadwa.jpg
cache-control: max-age=172800
cf-ray: 6334bd654c504e68-FRA
cf-request-id: 08f4d4b34b00004e68dd172000000001

GET
H2

200

drawings_il_340x270.375184795_gkx2_766470924.jpg
sudaneseonline.com/db/avatars/
Redirect Chain

https://www.sudaneseonline.com/db/avatars/drawings_il_340x270.375184795_gkx2_766470924.jpg
https://sudaneseonline.com/db/avatars/drawings_il_340x270.375184795_gkx2_766470924.jpg

2 KB
3 KB

16ms
12ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/drawings_il_340x270.375184795_gkx2_766470924.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 341c395990c70eca9478ceddb6012b07c34db8cdc0e937583df1421101a89e19

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 218859
x-powered-by: PleskLin
content-disposition: inline; filename="drawings_il_340x270.webp"
content-length: 2428
cf-request-id: 08f4d4b3a200004e682d8f5000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eHNRpJ0KEzMVzNgpCwEbtUoM2rJKolDoVZrtPWn5AuEra%2BtTmJbIUrdPYbdzW8wZvvwc6taWUsaIqc64bokpJ7c58bZ1euNhwSSdBOT1uP%2FkdqbxlMR9vCCv0QsYFhg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=2854
accept-ranges: bytes
cf-ray: 6334bd65ccc24e68-FRA
expires: Fri, 18 Mar 2022 16:34:19 GMT

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 351
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LKWjbZpcKyvLqDpenxL0jMPuY5pcw2qlogQMdZkb9D1ZLwDsLIlvg6roYVbL%2F8tHIoTZMx4z25eBrk8x0TmWGPpsHv67Rkqy34IoTiLZK2MY8IrkY192PMLlM0ttBirtuL4C"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/db/avatars/drawings_il_340x270.375184795_gkx2_766470924.jpg
cache-control: max-age=172800
cf-ray: 6334bd654c524e68-FRA
cf-request-id: 08f4d4b34b00004e683e1eb000000001

GET
H2 200 00Latest_News_808188640.jpg
sudaneseonline.com/english/files/ 10 KB
11 KB 15ms
14ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/english/files/00Latest_News_808188640.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a2c0e0a1bf8b3c57bd4825c24dbea2cb72bb0bf3127fc88970a982e5d7d6eebb

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 214515
x-powered-by: PleskLin
content-disposition: inline; filename="00Latest_News_808188640.webp"
content-length: 10702
cf-request-id: 08f4d4b38500004e68d93fe000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vp0rQ3oJ%2FfK8GUe6odE76RNCZ2bdrcmfb2SOqMgIth29vdgAySFJIfylPSrvOmaJZpfR5ZLwH3uiLwfRjeISYTV0c1CXiXYTmhpqkk9B6PIibqaoroU2C%2FxU91av5fc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=17618
accept-ranges: bytes
cf-ray: 6334bd65ac904e68-FRA
expires: Fri, 18 Mar 2022 17:46:42 GMT

GET
H2

200

1nur_131441372.jpg
sudaneseonline.com/english/files/cover/
Redirect Chain

https://www.sudaneseonline.com/english/files/cover/1nur_131441372.jpg
https://sudaneseonline.com/english/files/cover/1nur_131441372.jpg

12 KB
12 KB

10ms
10ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/english/files/cover/1nur_131441372.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 06b683609a410f8c005dd4b27a0a660b5304d31b0e5614b95ea3ae02cd1b8072

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 76585
x-powered-by: PleskLin
content-disposition: inline; filename="1nur_131441372.webp"
content-length: 12164
cf-request-id: 08f4d4b3f100004e68cca01000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Bj7e0FVPsUgVvtzLHue09n96FDHLQ5JSw%2FgjPYB3fKETwXe6poWouMzdQzecnPIVWOA7%2BgQd0j3iIPYkXQuhGZQDlqsCcEWtQcGezBHLpnJjeG01Mhjjum0I6apY1dc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=35440
accept-ranges: bytes
cf-ray: 6334bd664d494e68-FRA
expires: Sun, 20 Mar 2022 08:05:33 GMT

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 351
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FACLV6v6%2Bri9qmy4w3V1pCu0B0KVhZDy0g1g67DNdopj3xMKPK8L4jhmZiLlsoOb7g9mdBBQcYFxeTYwCFSezCMOcjC5WQI%2FC%2Bup53J91OmDTPRS98cZ2SGSuyeRVfKZhBdQ"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/english/files/cover/1nur_131441372.jpg
cache-control: max-age=172800
cf-ray: 6334bd65ac924e68-FRA
cf-request-id: 08f4d4b38500004e6821a2f000000001

GET
H2

200

ICC-Logo.jpg
sudaneseonline.com/uploadpic14/nov/
Redirect Chain

https://www.sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg
https://sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg

18 KB
18 KB

11ms
10ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8d3d5252c5c8636e3a85a58e8a925714c7cb17c8da2563ed39d2824d33833993

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 75332
x-powered-by: PleskLin
content-disposition: inline; filename="ICC-Logo.webp"
content-length: 18476
cf-request-id: 08f4d4b3f000004e682d8f8000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IY3Vn%2FRQcSAc1%2F93L1YECgbQLaL1%2BINOGh%2FCIMMj4u1d1XTVvJYUBxbGgsiJ2AIu%2FF1jOFjkzmWX40Mw9JEHdVsl4Fq5y9EWZ30S8Gius62fKJ3iorSh6DUBqOjwjpQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=32696
accept-ranges: bytes
cf-ray: 6334bd664d484e68-FRA
expires: Sun, 20 Mar 2022 08:26:26 GMT

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 351
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AytPJ2tST%2FdSMUBXTNBmy05PtWHmIu26a70GYcIncTJv7%2BtYqBDSapVHf0yAEV45fzcbRyiJGx5Do2jWdkLgxdzD4FC2Hq5TSYhBs40S47ZO4hli%2BQxm6LhDU1NGQnViN93l"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg
cache-control: max-age=172800
cf-ray: 6334bd65ac934e68-FRA
cf-request-id: 08f4d4b38600004e68faa8c000000001

GET
H2

200

766efe683cde3ebb0b9b5cbc7b3fed71.jpg
i.pinimg.com/564x/76/6e/fe/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg
https://i.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg

12 KB
12 KB

27ms
27ms

Image
image/jpeg

2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34bf4ec3eca0adc00a246b829f90f947845d914d89cfa0a0d6de663628449a67

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "0d941b7ba11d2da3dba6ca4aaaab872d"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 16
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd66492e96ce-FRA
content-length: 11878
cf-request-id: 08f4d4b3f1000096ce9db24000000001
server: cloudflare
origin-latency: 16

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
x-cdn: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8
location: https://i.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg
cf-ray: 6334bd65ab3cbeba-FRA
content-length: 0
cf-request-id: 08f4d4b3870000beba57376000000001
server: cloudflare

GET
H2 200 00Press_Releases_743165196.jpg
sudaneseonline.com/english/files/ 12 KB
12 KB 14ms
14ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/english/files/00Press_Releases_743165196.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c1005580aa64ecc161e55963e34a2a829a95a3446b9ab0a66d2b51d35413f203

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1238588
x-powered-by: PleskLin
content-disposition: inline; filename="00Press_Releases_743165196.webp"
content-length: 12100
cf-request-id: 08f4d4b38600004e68ee271000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SlAMQ1oGfd8Fagz87E18EA7%2FX%2FJR%2BBeK0jPK57ouO2IiE61tRg2MItFc%2FtG5yvHyVI8U396CHB9KfzG4nJVkAoZ5VZzgJtOuwpTeW4rewZjg3AnKK9CgJW2ovkDlI%2BM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=18775
accept-ranges: bytes
cf-ray: 6334bd65ac944e68-FRA
expires: Sun, 06 Mar 2022 21:18:50 GMT

GET
H2

200

dr.mahmoudasuleiman.jpg
sudaneseonline.com/uploadpic14/mar/
Redirect Chain

https://www.sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg
https://sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg

7 KB
7 KB

13ms
13ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2961b3db2b46da7335a7b966b4503e9c698b31721b54d65ce1b93c5662447624

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 213455
x-powered-by: PleskLin
content-disposition: inline; filename="dr.webp"
content-length: 7212
cf-request-id: 08f4d4b3f300004e6835a5c000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fuvyj%2Fn6SxtbjAyGIEm5cVeBP%2FKexspQ0wApWmdm7E3VNYo4h5RpY8iAPBOPgIznfPjyUTtC59M53HMy%2BR%2B59Qr3ZeUIOoRRV%2Ff7hy1Sj88zsa%2BhhgRloLXVxbjNLzE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=17935
accept-ranges: bytes
cf-ray: 6334bd665d4c4e68-FRA
expires: Fri, 18 Mar 2022 18:04:23 GMT

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 126
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ORqrASHSuaDBCgQvoaKcaxvCpro0nzM%2FEQNSvW%2FbmiOKlvwiLouIKvLkXScIoMlJEpg0NHSZtFl8kkNcMja9H8QkNgxFxfxkjDXA2ML1TyyWzhy%2BD3EarBknX%2F9HzPNA8uOi"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg
cache-control: max-age=172800
cf-ray: 6334bd65ac9a4e68-FRA
cf-request-id: 08f4d4b38c00004e68f5aee000000001

GET
H2 200 072a72eb5eb1fe3fb7d44bb9d8f5b148.jpg
i.pinimg.com/originals/07/2a/72/ 22 KB
23 KB 31ms
30ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/07/2a/72/072a72eb5eb1fe3fb7d44bb9d8f5b148.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f695180a0fbf6c666bb6dd71063a0199a666258364646e51593926e23d52bbef

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "21be6c9f78c24e51e5f98099adcdbb9f"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 11
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65a90f96ce-FRA
content-length: 22936
cf-request-id: 08f4d4b38d000096ceb322c000000001
server: cloudflare
origin-latency: 11

GET
H2 200 77cddd7de3020989785169be95dccfe2.jpg
i.pinimg.com/originals/77/cd/dd/ 222 KB
222 KB 41ms
38ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/77/cd/dd/77cddd7de3020989785169be95dccfe2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b86a5d34de3ccf02a5d9b86bf2357f2c8bda612eb44cb4990f5326bae68b3893

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "54e13abf17f78f182ec2f8b313c7c0cf"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 20
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65a91096ce-FRA
content-length: 227316
cf-request-id: 08f4d4b38d000096ce8c962000000001
server: cloudflare
origin-latency: 20

GET
H2 200 8207d2559f1099a95f1fc9bd10e4826b.jpg
i.pinimg.com/originals/82/07/d2/ 329 KB
330 KB 114ms
112ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/82/07/d2/8207d2559f1099a95f1fc9bd10e4826b.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d536ac86bd42f483358b267bc5daf5cd150bb8c774c37b3b3c66b5d7dc6f0342

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "a12f3b09f8fa9d8302b29cdeba3298cb"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 99
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65b91196ce-FRA
content-length: 337393
cf-request-id: 08f4d4b38e000096ce8fa3c000000001
server: cloudflare
origin-latency: 99

GET
H2

200

idris1.jpg
sudaneseonline.com/uploadpic14/mar/
Redirect Chain

https://www.sudaneseonline.com/uploadpic14/mar/idris1.jpg
https://sudaneseonline.com/uploadpic14/mar/idris1.jpg

18 KB
18 KB

10ms
10ms

Image
image/jpeg

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic14/mar/idris1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b985c9d61d3616f8cb9ae78e1658946c7f395b30d86c18af9e8f4acd137592c8

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 218859
x-powered-by: PleskLin
content-length: 18317
cf-request-id: 08f4d4b3f400004e68ca1bd000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hhE1NnfNKz8D7%2Fz2u8N6%2FaacnkYYe2Sp4a3xFD9eW0M7jZB%2FLLf8fGxelORta9cvF2%2FQ6H26tZUEC6N3FRiTksod5wh8lBcWWsucX1vPLMthZyxaPe%2FCEwHOS57gsj0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-polished: origSize=19094, status=webp_bigger
accept-ranges: bytes
cf-ray: 6334bd665d4d4e68-FRA
expires: Fri, 18 Mar 2022 16:34:19 GMT

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 351
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uwaEn9NalHh6froq8aLWn9ZqP6wUrO1syKMHOC5wUM4jWgKmYaTILQFefqfr53QPS5fZKUQnC2H8PfSLPnnJpD2WML7WRG9KGbtqucAGm51YSLk8OJI%2FAWuchJvPiRUCwBK7"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic14/mar/idris1.jpg
cache-control: max-age=172800
cf-ray: 6334bd65bc9d4e68-FRA
cf-request-id: 08f4d4b38e00004e6824152000000001

GET
H2 200 6049937f1e9542bb11fe778f28786d39.jpg
i.pinimg.com/originals/60/49/93/ 17 KB
17 KB 20ms
18ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/60/49/93/6049937f1e9542bb11fe778f28786d39.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b18ed6ca4c98d8ef4e32f9bc82778ee7f52d3d645acff62107d7ead99036a3de

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "85de7027e49c3f3d67b7f871e9f5e630"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 6
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65b91296ce-FRA
content-length: 17284
cf-request-id: 08f4d4b38e000096ceb7887000000001
server: cloudflare
origin-latency: 6

GET
H2

200

Salim_Dekin_948126226.jpg
sudaneseonline.com/files/daily-writer/
Redirect Chain

https://www.sudaneseonline.com/files/daily-writer/Salim_Dekin_948126226.jpg
https://sudaneseonline.com/files/daily-writer/Salim_Dekin_948126226.jpg

8 KB
8 KB

10ms
10ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/Salim_Dekin_948126226.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a153f3819c758754117e2a2c953c2003ecf1bc55ef9c8d0db6ba8969215ce1c6

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1493799
x-powered-by: PleskLin
content-disposition: inline; filename="Salim_Dekin_948126226.webp"
content-length: 7760
cf-request-id: 08f4d4b3f300004e68cf976000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZEbmaf5ZOmUfWeFjgN79HwBN3fBzDK0cK56fNbogXTRMlPH6yD4DmObp1nS3K04FSg1GMPbibwbF4Zqx1DaagnEt4jNLdT00rwVQ8SYkMQgUosIq%2Fi6SfEc9e%2B6O2uw%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=23898
accept-ranges: bytes
cf-ray: 6334bd665d4b4e68-FRA
expires: Thu, 03 Mar 2022 22:25:19 GMT

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 351
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8KoZsDgmG2XinUiQAqlCjdQJff8NoPvj3yGDcl%2Bb2XoFMCfZ0i63exO8vznExirlgTY7RLHzNmvDagRQ%2FVP85ZCZR5C3uH99xXq95Apwu7yCbwtBgSbI7STwJlKpU92NAqaw"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/files/daily-writer/Salim_Dekin_948126226.jpg
cache-control: max-age=172800
cf-ray: 6334bd65bc9f4e68-FRA
cf-request-id: 08f4d4b38e00004e68eaaed000000001

GET
H2 200 1bfe522ed5ae55dd4611a81eb230989e.png
i.pinimg.com/originals/1b/fe/52/ 202 KB
202 KB 38ms
36ms Image
image/png 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/1b/fe/52/1bfe522ed5ae55dd4611a81eb230989e.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8f6622cfbd9872f2fd15939125bf8c707180c7a1f3b885a0710eb0ac6cb18fd

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "163ff35b33678da78d85d1f8d4ecf0d2"
x-cdn: cloudflare
edge-start: 21
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65b91396ce-FRA
content-length: 206836
cf-request-id: 08f4d4b38f000096ce82981000000001
server: cloudflare
origin-latency: 21

GET
H2 200 karti.jpg
sudaneseonline.com/uploadpic16/may/ 12 KB
12 KB 13ms
11ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic16/may/karti.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5a9fd7b21dc6a10ecd891500b275827227ded1bc4da401d19806c1c432c6d2d5

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 217694
x-powered-by: PleskLin
content-disposition: inline; filename="karti.webp"
content-length: 12062
cf-request-id: 08f4d4b38e00004e68c7032000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rva2X5nOHhQH61yrOv0qXTxS3FQdF4e%2BwWxW5WUf1nGZCAfBYkKEeFICEh95SVP9Y7c1TivswfRlS%2FLzeT6ToWybA4QFTh6I1vs2xo4t9QMyMLwsAPUH7Q8nekChpYg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=55773
accept-ranges: bytes
cf-ray: 6334bd65bca04e68-FRA
expires: Fri, 18 Mar 2022 16:53:44 GMT

GET
H2 200 7cd63ddcc9cb27bb4a82277fa21ec192.jpg
i.pinimg.com/originals/7c/d6/3d/ 15 KB
15 KB 33ms
32ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/7c/d6/3d/7cd63ddcc9cb27bb4a82277fa21ec192.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7359ac53adc88dae2f28ff7a0e9156dcb2d088c6b434d0c2946e9c5ec7a1dce

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "00f6850a5b04d6b300c84c9ebcfe669d"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 14
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65b91496ce-FRA
content-length: 15460
cf-request-id: 08f4d4b38f000096ce7d22f000000001
server: cloudflare
origin-latency: 14

GET
H2

200

97b6d0e6ea884632c0772aefbc4cd594.jpg
i.pinimg.com/originals/97/b6/d0/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/originals/97/b6/d0/97b6d0e6ea884632c0772aefbc4cd594.jpg
https://i.pinimg.com/originals/97/b6/d0/97b6d0e6ea884632c0772aefbc4cd594.jpg

26 KB
26 KB

20ms
19ms

Image
image/jpeg

2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/97/b6/d0/97b6d0e6ea884632c0772aefbc4cd594.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f6e6582296b1d29ca0bc18449883ee26d4791a204a2d8a4aa3396465209e5aa

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "270e6df56703418776a441367d7c296f"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 8
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd66593196ce-FRA
content-length: 26939
cf-request-id: 08f4d4b3f7000096cea7864000000001
server: cloudflare
origin-latency: 8

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
x-cdn: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8
location: https://i.pinimg.com/originals/97/b6/d0/97b6d0e6ea884632c0772aefbc4cd594.jpg
cf-ray: 6334bd65cb41beba-FRA
content-length: 0
cf-request-id: 08f4d4b39d0000beba1a10d000000001
server: cloudflare

GET
H2 200 764677a60bdfbdc24d361db3d7dec9df.jpg
i.pinimg.com/originals/76/46/77/ 399 KB
399 KB 113ms
104ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/76/46/77/764677a60bdfbdc24d361db3d7dec9df.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 733a90c78ebe6072cb5bff90bf028b9cba6e50d0570686265a30589570edb925

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "4b959f8e8b2412020e29ce9d74889856"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 93
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65c91696ce-FRA
content-length: 408328
cf-request-id: 08f4d4b39d000096ce9aae2000000001
server: cloudflare
origin-latency: 93

GET
H2

200

e26b7ebb6bdfa8fd1f2ccff54674a2ae.jpg
i.pinimg.com/originals/e2/6b/7e/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/originals/e2/6b/7e/e26b7ebb6bdfa8fd1f2ccff54674a2ae.jpg
https://i.pinimg.com/originals/e2/6b/7e/e26b7ebb6bdfa8fd1f2ccff54674a2ae.jpg

21 KB
22 KB

23ms
23ms

Image
image/jpeg

2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/e2/6b/7e/e26b7ebb6bdfa8fd1f2ccff54674a2ae.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4176501e296715eea36093ef15dd2774c199f2b2ec57231dc6a3425c3aee6d1

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "614bb5e6dfc93c9000bcde7ca567e973"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 8
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd66593096ce-FRA
content-length: 21843
cf-request-id: 08f4d4b3f7000096ce8f0c6000000001
server: cloudflare
origin-latency: 8

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
x-cdn: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8
location: https://i.pinimg.com/originals/e2/6b/7e/e26b7ebb6bdfa8fd1f2ccff54674a2ae.jpg
cf-ray: 6334bd65cb42beba-FRA
content-length: 0
cf-request-id: 08f4d4b39d0000beba51a5d000000001
server: cloudflare

GET
H2 200 nuraldin_Madani_618166527.jpg
sudaneseonline.com/files/daily-writer/ 11 KB
12 KB 11ms
11ms Image
image/jpeg 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/nuraldin_Madani_618166527.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0b8f2c815b29a22692ff010e8185dabd533fd50b99222fed22917577a26aac02

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 927351
x-powered-by: PleskLin
content-length: 11550
cf-request-id: 08f4d4b3bd00004e68d51a4000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6zKA6RBlTw0NijuD%2FVdhhmNdQarcszcZ9D0rbGO714m0IBPazgfvoiwZSeMOBgt%2FXmj7DsfnXHCpZ4NxM1wpQysaWrqxu1mIz9sXrQxqTRzchKeNYK%2BA1Yz20xaqH%2F4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-polished: degrade=85, origSize=15710, status=webp_bigger
accept-ranges: bytes
cf-ray: 6334bd65fcf54e68-FRA
expires: Thu, 10 Mar 2022 11:46:07 GMT

GET
H2 200 5dbb8d181bf54ff972ce4c65b4b740e0.jpg
i.pinimg.com/originals/5d/bb/8d/ 10 KB
10 KB 50ms
41ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/5d/bb/8d/5dbb8d181bf54ff972ce4c65b4b740e0.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d2cca8826edf60c734bd15b702a303778194e5faf93e4c4123924e252596691

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "9720cdb4819acc5592324c40ccb119bd"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 13
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65c91796ce-FRA
content-length: 10571
cf-request-id: 08f4d4b39e000096ceac9d8000000001
server: cloudflare
origin-latency: 13

GET
H2 200 c320c643ed0eb07c020d00b3808c3515.jpg
i.pinimg.com/originals/c3/20/c6/ 186 KB
186 KB 112ms
104ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/c3/20/c6/c320c643ed0eb07c020d00b3808c3515.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a101b45e2d75716f73ac665eadedacaef83267360581922837dece7aa1b9ba3f

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "3bc00f17e5ee77d9dbbab982b0540e6a"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 90
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65c91896ce-FRA
content-length: 190616
cf-request-id: 08f4d4b39e000096ceaf12b000000001
server: cloudflare
origin-latency: 90

GET
H2 200 f707db3ae6b3ca8fbbb8b5fa1602017d.jpg
i.pinimg.com/originals/f7/07/db/ 79 KB
80 KB 32ms
23ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/f7/07/db/f707db3ae6b3ca8fbbb8b5fa1602017d.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccd589c6f3c28f9ab95307472950b234952f43985cbcd75ced28d8f5ba06d42a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "bc33d1db3a3ba61c6260c0c86e04f7d8"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 7
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65c91996ce-FRA
content-length: 81366
cf-request-id: 08f4d4b39f000096ce9db22000000001
server: cloudflare
origin-latency: 7

GET
H2

200

siri_gadora_194927617.jpg
sudaneseonline.com/files/daily-writer/
Redirect Chain

https://www.sudaneseonline.com/files/daily-writer/siri_gadora_194927617.jpg
https://sudaneseonline.com/files/daily-writer/siri_gadora_194927617.jpg

10 KB
11 KB

12ms
11ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/siri_gadora_194927617.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cc8818d80104cdb8dffba62d276afcc8372799de2d76199c55c3c718f826b73e

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 765967
x-powered-by: PleskLin
content-disposition: inline; filename="siri_gadora_194927617.webp"
content-length: 10400
cf-request-id: 08f4d4b3fd00004e6810921000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2t4KS7fjS2AS2wMPw%2BPmeBHWitEtfMqGMalNcuvhFQdiiykQ5sWU6SC%2FI44mykPzYfalr15zVQTQKgv9k2D%2F8F1sEa9%2B7N8u1UJ3ahh9%2FM%2BK4NIIqmf6521di61hPH0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=28209
accept-ranges: bytes
cf-ray: 6334bd666d594e68-FRA
expires: Sat, 12 Mar 2022 08:35:51 GMT

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 351
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sEC8S8a8f5%2Fh5zoZOdPDANLhyUNj8luwDwXxSQXfp5wTyLyt65Qsu1ckD2LUbwNWlw0FN0U2SILKKxfo8brtFXWt%2FdlNpOYWZTZvee9KDjCQ%2FFhIZ7wKwpu11jhOeIOqbveA"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/files/daily-writer/siri_gadora_194927617.jpg
cache-control: max-age=172800
cf-ray: 6334bd65ccb34e68-FRA
cf-request-id: 08f4d4b39f00004e68e697f000000001

GET
H2 200 osman.jpg
sudaneseonline.com/uploadpic15/sep/ 25 KB
25 KB 10ms
10ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic15/sep/osman.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ab339415eeafac91119b9fbe8a77f452a4dfb34cc933b223d850335f4d6c299b

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 23544
x-powered-by: PleskLin
content-disposition: inline; filename="osman.webp"
content-length: 25516
cf-request-id: 08f4d4b3d500004e68eaaf0000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LGs0y%2FQvhaAz1gC1y4JGWjQcBsavPjUHQJjIzTimHLr1FoZDV4rqGsacyMVWtEYgsZTJcqN63xdl58RS6FYQtKwUu9kJD550pm3OhxEoQpARg6hu6TgspwJgzqy3LrA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=57452
accept-ranges: bytes
cf-ray: 6334bd662d254e68-FRA
expires: Sun, 20 Mar 2022 22:49:34 GMT

GET
H2

200

27f1805796a7f4c7e7f9d8c9a7fd1b4c.jpg
i.pinimg.com/736x/27/f1/80/
Redirect Chain

https://media-cache-ec0.pinimg.com/736x/27/f1/80/27f1805796a7f4c7e7f9d8c9a7fd1b4c.jpg
https://i.pinimg.com/736x/27/f1/80/27f1805796a7f4c7e7f9d8c9a7fd1b4c.jpg

14 KB
15 KB

26ms
26ms

Image
image/jpeg

2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/27/f1/80/27f1805796a7f4c7e7f9d8c9a7fd1b4c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5659cc94e2a89b0e6ed7384c1c1b66d6662fc2f15a6ad37de8e4c3da25182e14

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "c5705e9fad1eb73fdd58e013f03eacc3"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 15
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd66e94096ce-FRA
content-length: 14786
cf-request-id: 08f4d4b454000096ce9aae5000000001
server: cloudflare
origin-latency: 15

Redirect headers

location: https://i.pinimg.com/736x/27/f1/80/27f1805796a7f4c7e7f9d8c9a7fd1b4c.jpg
x-cdn: akamai
content-length: 0
vary: Origin

GET
H2 200 MY-PHOTO.jpg
i.postimg.cc/j5VBw98q/ 10 KB
11 KB 126ms
126ms Image
image/jpeg 51.91.224.95
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/j5VBw98q/MY-PHOTO.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.91.224.95 , France, ASN16276 (OVH, FR),
Reverse DNS: i.postimg.cc
Software: nginx /
Resource Hash: 1c4f1a9488c3f6301aae3a559e40d8155d6a3dd59b8931212193647d6d715033

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
last-modified: Mon, 03 Jun 2019 13:57:14 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 10625
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

mouafaq_950019901.jpg
sudaneseonline.com/arabic/files/daily-writer/
Redirect Chain

https://www.sudaneseonline.com/arabic/files/daily-writer/mouafaq_950019901.jpg
https://sudaneseonline.com/arabic/files/daily-writer/mouafaq_950019901.jpg

5 KB
5 KB

11ms
10ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/arabic/files/daily-writer/mouafaq_950019901.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 22cab56fd61d2a50a4558e9cf5b185fc108da9fa321fc2be0ed9499b0742d571

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:59 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 208232
x-powered-by: PleskLin
content-disposition: inline; filename="mouafaq_950019901.webp"
content-length: 4888
cf-request-id: 08f4d4b52a00004e6828985000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yaPnF4G2VxSF%2BMD3%2FUBMEYFUYS0VNKRSU0tzzk7n%2BZDWM%2BX5euz3Ddv4lfweGHYIEGs%2Bk%2FIqpsKom5AqGp2pDjHhIbMO6bHHyDhYMNbEvykaZa%2FgSRzi0C1oYOHaOEw%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=5276
accept-ranges: bytes
cf-ray: 6334bd684ede4e68-FRA
expires: Fri, 18 Mar 2022 19:31:27 GMT

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NQnD90WwZ6%2Bq%2BQ1cjLMWJ5ZafvGobNlQuyLbl0zXxv0hrUNs6mNt2uS22bwUdwg4x1xM9e%2B9Yu3z2tPeDjYqWT5mKJymi%2FnitV%2FEo8nlhxzsFRZDelcPPl4He5CxhUAD%2Ftv0"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/arabic/files/daily-writer/mouafaq_950019901.jpg
cache-control: max-age=172800
cf-ray: 6334bd65ccb44e68-FRA
cf-request-id: 08f4d4b39f00004e6800366000000001

GET
H2 200 000nothing_476480549_754956420.jpg
sudaneseonline.com/db/avatars/ 672 B
1 KB 13ms
12ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: eaafcf858dacd31ee94ea267b50975065796ba5aec12e2cc0d87d744e83a247f

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 804520
x-powered-by: PleskLin
content-disposition: inline; filename="000nothing_476480549_754956420.webp"
content-length: 672
cf-request-id: 08f4d4b3e300004e680036a000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WqhmPKNPd8Vuw0lEXVrPoDgpFB4phgXAaedcOJkTBnH7itGiR36EkDE1HVjAlyQ8V%2BI8WfSkeXrsLGxITbpEdUDmLEvj4jEyjnG%2FRwaiU6jg4W7uA%2FKwwBYU67pwKI8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=1551
accept-ranges: bytes
cf-ray: 6334bd663d394e68-FRA
expires: Fri, 11 Mar 2022 21:53:18 GMT

GET
H2 200 9fa5b332f1169e451edab660ea456b89.png
i.pinimg.com/originals/9f/a5/b3/ 323 KB
324 KB 33ms
24ms Image
image/png 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/9f/a5/b3/9fa5b332f1169e451edab660ea456b89.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb2196aad794bd3bf5603f20bfdaad85a6b871b63ca69bed33b0a5f4ba046f96

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "b1d404c3c2278f5fb7b07699ca4809df"
x-cdn: cloudflare
edge-start: 12
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65c91a96ce-FRA
content-length: 330887
cf-request-id: 08f4d4b39f000096ceaa1e4000000001
server: cloudflare
origin-latency: 12

GET
H2 200 fad9855abbed48c07170ded3fd1e1d04.jpg
i.pinimg.com/originals/fa/d9/85/ 40 KB
40 KB 45ms
37ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/fa/d9/85/fad9855abbed48c07170ded3fd1e1d04.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99b75fba3d0cf1748306e627173e3a473b42d55a3705a01ed8aeab605df597eb

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "7fbe7640bcc8ce6e2420e14b8fbfe065"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 12
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65c91b96ce-FRA
content-length: 41040
cf-request-id: 08f4d4b3a0000096ce8f0c4000000001
server: cloudflare
origin-latency: 12

GET
H2 200 e37d57009df4f1cd809d1dbbb5898cbc.jpg
i.pinimg.com/originals/e3/7d/57/ 43 KB
43 KB 34ms
26ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/e3/7d/57/e37d57009df4f1cd809d1dbbb5898cbc.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 104fb306a0d86629e0ca0a63261b35c8a60b8f52ddd8cfb9271875c26bc16b33

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "be47407add55e1b8d63d9bc465e4247d"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 11
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65c91d96ce-FRA
content-length: 44308
cf-request-id: 08f4d4b3a0000096cea7862000000001
server: cloudflare
origin-latency: 11

GET
H2

200

80c3dce5efbc748d66aacdda6fe6996f.jpg
i.pinimg.com/736x/80/c3/dc/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/736x/80/c3/dc/80c3dce5efbc748d66aacdda6fe6996f.jpg
https://i.pinimg.com/736x/80/c3/dc/80c3dce5efbc748d66aacdda6fe6996f.jpg

64 KB
64 KB

32ms
32ms

Image
image/jpeg

2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/80/c3/dc/80c3dce5efbc748d66aacdda6fe6996f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4de7b51725d4bb70235fb155bc24eec9d215d5693a3b6f6774ac1d19bb2ca024

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "da3d9aefeb9eaff0ca2fef3947874296"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 10
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd66593296ce-FRA
content-length: 65760
cf-request-id: 08f4d4b3fa000096cea2bd1000000001
server: cloudflare
origin-latency: 10

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
x-cdn: cloudflare
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8
location: https://i.pinimg.com/736x/80/c3/dc/80c3dce5efbc748d66aacdda6fe6996f.jpg
cf-ray: 6334bd65cb43beba-FRA
content-length: 0
cf-request-id: 08f4d4b3a00000beba22b46000000001
server: cloudflare

GET
H2

200

Ahmed_Elyas_202175910.jpg
sudaneseonline.com/files/daily-writer/
Redirect Chain

https://www.sudaneseonline.com/files/daily-writer/Ahmed_Elyas_202175910.jpg
https://sudaneseonline.com/files/daily-writer/Ahmed_Elyas_202175910.jpg

11 KB
12 KB

13ms
12ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/Ahmed_Elyas_202175910.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b752bc919ef9928041a6a2422b1202aec19d64fa971c35c4c048e9279fe06aa2

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 91815
x-powered-by: PleskLin
content-disposition: inline; filename="Ahmed_Elyas_202175910.webp"
content-length: 11436
cf-request-id: 08f4d4b3f800004e6827b05000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ekrLiEbalcBboHF1S%2FU%2FBeDKBu5Ls6BdDxoW7zumZW4Nv5HSbvNnT6V7IYbtoRWb%2Fe4GC4od5WxIg32yWBiMYdCifIxPdTOzO6qhSOkeyFQovvsOHkNMQYdi2ZiV2e0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=30339
accept-ranges: bytes
cf-ray: 6334bd665d524e68-FRA
expires: Sun, 20 Mar 2022 03:51:43 GMT

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 351
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GEIO1CmzxVFpJb5%2FPK3HQuUAejn2B8jPw57j0eFq%2BFeYKaep%2BPr9vLDdbu7pj%2FoI%2FD3evJDUdJThcGhVMJdIKICGbGFVVlci33tblW%2BNBEN%2B%2FEQgBqw%2B0n7HkyfNTQLD5I53"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/files/daily-writer/Ahmed_Elyas_202175910.jpg
cache-control: max-age=172800
cf-ray: 6334bd65ccb54e68-FRA
cf-request-id: 08f4d4b39f00004e6813ac5000000001

GET
H2 200 5c0649d3137347182b121b9cf61d19fb.jpg
i.pinimg.com/originals/5c/06/49/ 18 KB
18 KB 31ms
24ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/5c/06/49/5c0649d3137347182b121b9cf61d19fb.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3592e59fdcfc66f50296e83effb5d068bfc81df7671421aa90a73d1fa2358f4

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "e0a8e612007afd8a5a5493c80644cd0d"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 6
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65c91e96ce-FRA
content-length: 18649
cf-request-id: 08f4d4b3a0000096ceabb10000000001
server: cloudflare
origin-latency: 6

GET
H2 200 a036bc4ce9daeafaa9ee984673df40d7.jpg
i.pinimg.com/originals/a0/36/bc/ 25 KB
25 KB 30ms
23ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/a0/36/bc/a036bc4ce9daeafaa9ee984673df40d7.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c00666874404c226c8385dd9b2a6b09ec253613b8f1b6ea998dd4d1166a52e8

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "ce03d5158cf9bbb72119dfc57aff063a"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 6
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65c91f96ce-FRA
content-length: 25529
cf-request-id: 08f4d4b3a1000096ce900ac000000001
server: cloudflare
origin-latency: 6

GET
H2

200

000nothing_476480549_754956420.jpg
sudaneseonline.com/db/avatars/
Redirect Chain

https://www.sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg
https://sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg

672 B
1 KB

11ms
10ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: eaafcf858dacd31ee94ea267b50975065796ba5aec12e2cc0d87d744e83a247f

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 804520
x-powered-by: PleskLin
content-disposition: inline; filename="000nothing_476480549_754956420.webp"
content-length: 672
cf-request-id: 08f4d4b3f700004e68eaaf1000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ikuZwBO%2FclNaWqRNqMeodB1MwvV%2BVplHcfBDdjNZZUKay1WO%2B3vFixMXEooMCFIHPu4sx5CuA9kSzWMfyQPCTnwZKj6b46smnhcatqzI2wj55d4J0ricFfSkhhIe1v4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=1551
accept-ranges: bytes
cf-ray: 6334bd665d514e68-FRA
expires: Fri, 11 Mar 2022 21:53:18 GMT

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 351
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JvVkecvkQRQhn%2FdzMmfdliLAE7%2FfsEIwN6WL9bCB4GMDLnXLr51X5GSRdvF7hQnmWGWiTgS9pIsDQ1SUPaQBQcob3owtfEOpeY7uuNlBMXcIUNTEUl4A5dnTdnNbCoERCSRD"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg
cache-control: max-age=172800
cf-ray: 6334bd65ccb64e68-FRA
cf-request-id: 08f4d4b3a000004e6831839000000001

GET
H2

200

tawfiq_elhaj_588208489.jpg
sudaneseonline.com/files/daily-writer/
Redirect Chain

https://www.sudaneseonline.com/files/daily-writer/tawfiq_elhaj_588208489.jpg
https://sudaneseonline.com/files/daily-writer/tawfiq_elhaj_588208489.jpg

9 KB
9 KB

10ms
10ms

Image
image/jpeg

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/tawfiq_elhaj_588208489.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cafa40766e60fd1f2f8d3a0980b4c7b3c1bcc2d6e890dce0b472dd97c2a242dd

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 50389
x-powered-by: PleskLin
content-length: 8908
cf-request-id: 08f4d4b3f900004e68f12c2000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e2NWNxBGxsYD%2FyrTgMlPwBAp9vieA%2F%2B43wj74Ck5W17pMm6dWA62wWK1gw%2B%2FsR9rK2y628%2BPqQd55RxNXb2qg%2Fwu1f2BY9WDLC%2F0AJMxcRPeMw%2B9LXFfBL7Uyi8lajU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-polished: degrade=85, origSize=13290, status=webp_bigger
accept-ranges: bytes
cf-ray: 6334bd665d554e68-FRA
expires: Sun, 20 Mar 2022 15:22:09 GMT

Redirect headers

date: Sun, 21 Mar 2021 05:21:58 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 351
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WMO68Vf4IsHaGMrOxBU01XT%2FQxtLrKn%2FVPxn9%2FaNVybu9MF93M2oUUvjNE808fNn6yK480NziPWt5DQZbkmXjRC44MQacc3vhUYgftNvVg5Fg8mmFpsVlAfTbmVEjsWJhCb6"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/files/daily-writer/tawfiq_elhaj_588208489.jpg
cache-control: max-age=172800
cf-ray: 6334bd65ccbc4e68-FRA
cf-request-id: 08f4d4b3a100004e68c53bc000000001

GET
H2 200 cc9982a53a9075eec898dae90a67ddd7.jpg
i.pinimg.com/originals/cc/99/82/ 6 KB
6 KB 32ms
26ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/cc/99/82/cc9982a53a9075eec898dae90a67ddd7.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2f1ac4dc6f88d3f682cd230ae351f3ea1f65b2bbfdfc63d76c9c3804f52d204

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "971cc1a6a348c06fce326784cbdd3cb5"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 7
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65c92096ce-FRA
content-length: 5725
cf-request-id: 08f4d4b3a1000096ce972b2000000001
server: cloudflare
origin-latency: 7

GET
H2 200 89cc36df3bb4102e6dc2c0605e2e1117.png
i.pinimg.com/originals/89/cc/36/ 740 KB
741 KB 35ms
29ms Image
image/png 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/89/cc/36/89cc36df3bb4102e6dc2c0605e2e1117.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 129f664efb252ca71f2a2392cf26eac3b1a6ad556d1ebb2a0a90f73b3d9db4a7

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "2e22ffe0f09c17b751cbccef22bace20"
x-cdn: cloudflare
edge-start: 15
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65c92196ce-FRA
content-length: 757378
cf-request-id: 08f4d4b3a1000096ceb8237000000001
server: cloudflare
origin-latency: 15

GET
H2 200 d49f9589d6601dffdf647d79af8ee9e8.png
i.pinimg.com/originals/d4/9f/95/ 95 KB
95 KB 125ms
119ms Image
image/png 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/d4/9f/95/d49f9589d6601dffdf647d79af8ee9e8.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac0e8d13ec5f276feada45b806b85af037f734e0ee5a8aa7ce4b9e1e9110d5fc

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "887b46dd348b773cbc3cce0411f0ae66"
x-cdn: cloudflare
edge-start: 104
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65c92296ce-FRA
content-length: 97168
cf-request-id: 08f4d4b3a1000096ce8932a000000001
server: cloudflare
origin-latency: 104

GET
H2 200 9accb412ec815131ccaab7b18da6a40d.jpg
i.pinimg.com/originals/9a/cc/b4/ 33 KB
33 KB 28ms
22ms Image
image/jpeg 2606:4700::6812:fb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/9a/cc/b4/9accb412ec815131ccaab7b18da6a40d.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:fb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6deb65415de62e377fd7878fa40fa8f4cb16a52b2ccedbacb4cf0e576b2fd3ac

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
etag: "ff6666c949e8d160774a42e6b54b3b43"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 9
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 6334bd65c92496ce-FRA
content-length: 33849
cf-request-id: 08f4d4b3a2000096ceb73cb000000001
server: cloudflare
origin-latency: 9

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8150645089713385091/ Frame B8F0 8 KB
8 KB 8ms
8ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8150645089713385091/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67e21fbbac1cd476ed1e5d1a487481cb6535c5a8748f2df4647b49842eb49f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 06:55:24 GMT
x-content-type-options: nosniff
age: 80794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7750
x-xss-protection: 0
last-modified: Wed, 18 Sep 2019 15:30:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 06:55:24 GMT

GET
DATA 200
OK truncated
/ Frame B8F0 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame B8F0 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFhc29tdWYKTHFpL23wPeubiQBM3kp-Vh3tqRv60MgOq4wukXEAEgioHAA2CViriCyAegAbbl6fICyAEJqQJ5I_1pDvmzPqgDAcgDywSqBMwBT9CYa8ufU4_nWrB0GQq0Md9i9WuPZS9qBOgtKttT3XTuH0kKef-ToTAx0yf6vvLWWBjeZWWXjP97W2jE1aJQXa6FXbdPHAvbu_KPN1Xim7otYMtF1kTo6FMUpH1IhxQGcXVCu_q6hyG0DQyN-PLzUWNHnvCeFhKylAorGIHmWaB9HHlEyzFVh9AhIkJrkYwnsMd5imkZBmwCzYpURJ1clvX-TXeZUHGsYFAWRBoTzFY9oOENjk0V2snenPdIC8SRm4vDaAdz8ARh67A8wAS80bDvqQKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHspqWjQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ0KsG0ggJCIDhgBAQARgfgAoByAsB2BMNiBQCshcaChgIABIUcHViLTk4NjI2NjUxNjk4MzM1ODY&sigh=rEc3d1zAOKo&template_id=484&tpd=AGWhJmsGjpWHrbbtPhjnRw4Y8infP9Cvvo0XXsugVV-esf2KJA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1616304118&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118211&bpp=3&bdt=372&idt=121&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cO8VU9JSfE&p=https%3A//sudaneseonline.com&dtd=127
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 21 Mar 2021 05:21:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:21:58 GMT

GET
DATA 200
OK truncated
/ Frame B8F0 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a0a05b6141f12a66e7ffb53c25f00335fdefe12cf912e84f8ee3b3329a66e44

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 7733752073647652173
tpc.googlesyndication.com/simgad/ Frame 72FE 36 KB
36 KB 7ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7733752073647652173?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk-nD_5YWbhtSTEL-Co--nD3zJIgg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118215&bpp=1&bdt=376&idt=136&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mZZ5sQDjbh&p=https%3A//sudaneseonline.com&dtd=140

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

994eeb07030e43e421ed56a492e5e22ea1c7bdf1c349d6ac29b861b055ec8c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 11:28:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 13:11:09 GMT
server: sffe
age: 64429
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37012
x-xss-protection: 0
expires: Sun, 20 Mar 2022 11:28:09 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 72FE 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:21:19 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 72FE 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:15:33 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 72FE 117 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:21:58 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 72FE 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:07:27 GMT

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 72FE 25 KB
11 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

329059d559fdef07b7854e9550433cf721a2301c3279b96d5c04f32477fbb63b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 22:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10816
x-xss-protection: 0
server: cafe
etag: 5325187549321947876
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 22:00:29 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 72FE 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClL1p9tdWYL3YFpGy3gOzirbgDcWVwddektfs66YJjNP2mP4OEAEgioHAA2CViriCyAegAe64jv8DyAECqAMByAPJBKoEuwFP0ErAsOzP6g37Uc7Z74SCbpx7q7N84dEKMVptG9K_CCov1vYWieIjeQMY7giH56HJKpQZkvadmS_poOabgtpD4LDcq2NJCZ77G1eCW4ZjFVFdkeiVyG4aqgeq_7fv1Qu7KCn6gDRh2Xd3AoYzzzM9_f6FdbksF9nNlbWAoEAE5F1bylZGWYCIZT-iAWwijWDuJ4rfM34yL5juC6mqea7Jpf_8n4YQ643XCPySwn28rRUFqxuosm4QrRuawASjiO6PFJIFBAgEGAGSBQQIBRgEoAYCgAf6xnGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQy_cG0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTk4NjI2NjUxNjk4MzM1ODY&sigh=VInh-BGqLek&tpd=AGWhJmt15jr4_CFcUuelY6fuC9v8gSdXxNddedVaEmvNSmsvvg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118215&bpp=1&bdt=376&idt=136&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mZZ5sQDjbh&p=https%3A//sudaneseonline.com&dtd=140
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 21 Mar 2021 05:21:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame B8F0 15 KB
16 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 293367
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:52:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame B8F0 15 KB
16 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 22:41:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:55 GMT
server: sffe
age: 283208
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15784
x-xss-protection: 0
expires: Thu, 17 Mar 2022 22:41:50 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 9C8E 6 KB
1 KB 42ms
28ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=600&slotname=0328297630&adk=2265731008&adf=2802248822&pi=t.ma~as.0328297630&w=120&lmt=1616304118&psa=0&format=120x600&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=388&idt=205&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280%2C135x700&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=801&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&fsb=1&xpc=nYLMWdhuDJ&p=https%3A//sudaneseonline.com&dtd=207

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Mar 2021 04:29:58 GMT
server: ESF
date: Sun, 21 Mar 2021 05:21:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Mar 2021 05:21:59 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C330 143 B
220 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118215&bpp=1&bdt=376&idt=136&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mZZ5sQDjbh&p=https%3A//sudaneseonline.com&dtd=140
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnHr_u6JFsET5HrdwB2JoBvueptHUecbmzqRowMG9OMAqwbsxCmJX3n-zrTBFc; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118215&bpp=1&bdt=376&idt=136&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=mZZ5sQDjbh&p=https%3A//sudaneseonline.com&dtd=140

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 21 Mar 2021 04:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2433
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 72FE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26e6f2f8bea5b5de77e5b3c1637059999b9eb060adff849c97254300ab59f5e8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 9C8E 2 KB
923 B 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 891
x-xss-protection: 0
server: cafe
etag: 8551179781376740118
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:13:47 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 9C8E 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:21:19 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 9C8E 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:15:33 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C8E 117 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:21:59 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 9C8E 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:07:27 GMT

GET
H3-Q050 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame 9C8E 25 KB
11 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 21:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 285824
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Tue, 15 Jun 2021 21:58:15 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1D1E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 145019
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 13:05:00 GMT

GET
H3-Q050 200 2076313506083323656
tpc.googlesyndication.com/simgad/5002870513157124232/ Frame 9C8E 27 KB
27 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5002870513157124232/2076313506083323656

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48b8a624af7cbb313c257893fc5f1fe5f110849fa665e651d579f1a05578b14f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:45:44 GMT
x-content-type-options: nosniff
age: 41775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27380
x-xss-protection: 0
last-modified: Mon, 11 Jan 2021 18:35:42 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 17:45:44 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8725699450960621135/ Frame 9C8E 2 KB
2 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8725699450960621135/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f440dd82f4295f634642fc0b0f5d717ca602e48fc73ca77d5c49055648674f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 17:42:30 GMT
x-content-type-options: nosniff
age: 41969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1781
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 15:11:44 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 17:42:30 GMT

GET
DATA 200
OK truncated
/ Frame 9C8E 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 936D 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=389&idt=191&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=dxoI7UVr0C&p=https%3A//sudaneseonline.com&dtd=194

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 891
x-xss-protection: 0
server: cafe
etag: 8551179781376740118
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:13:47 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 936D 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=389&idt=191&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=dxoI7UVr0C&p=https%3A//sudaneseonline.com&dtd=194

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:21:19 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 936D 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=389&idt=191&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=dxoI7UVr0C&p=https%3A//sudaneseonline.com&dtd=194

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:15:33 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 936D 117 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=389&idt=191&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=dxoI7UVr0C&p=https%3A//sudaneseonline.com&dtd=194

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:21:59 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 936D 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=389&idt=191&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=dxoI7UVr0C&p=https%3A//sudaneseonline.com&dtd=194

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:07:27 GMT

GET
H3-Q050 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame 936D 25 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=389&idt=191&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=dxoI7UVr0C&p=https%3A//sudaneseonline.com&dtd=194

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 21:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 285824
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Tue, 15 Jun 2021 21:58:15 GMT

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3456726179506550991/ Frame 784E 252 KB
136 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3456726179506550991/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1616304118&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=378&idt=145&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Tm7qQN1eLK&p=https%3A//sudaneseonline.com&dtd=148

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c487b79d80067ceb085def66fc7cd22e5c31ae0a35432b5c33b1a7300081e748

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/3456726179506550991/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sat, 20 Mar 2021 09:29:09 GMT
expires: Sun, 20 Mar 2022 09:29:09 GMT
last-modified: Thu, 04 Feb 2021 20:29:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 137531
age: 71570
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2AF5 0
0 23ms
23ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzQP09tdWYM-aF8CKjuwP242l2AKf-c3hYdz0iaiPDam_woSKGxABIIqBwANglYq4gsgHoAH02syZA8gBCakCeSP9aQ75sz6oAwHIA0iqBM8BT9BF4Dn3G4wZ6vUkD3Weknwz1E9kHYZlC7XHv6QzztuNLVlCl5QkXqogM19CqZ_ZIGdc4xAP9mmFxazMLiIEbm1vNUS-QQbbZuvIogr4xKU4bgAjAfTLeM5gAgoHadIcS4V3_volSp-DN3DbpKcYiL0Jxf-2_T5mzziYscX7SzTQoPCcWbbALONLjHa4oBpr32SHuMNH2C2odOOL5p1E7rp6ssr5mwJ6T23ettkA_1brkS0AbJP9e5Z9cc39EKOmYiPyWc6JdRMm7h43UT69wAT9_r-IiQOSBQQIBBgBkgUECAUYBKAGLoAH9KSzZqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDVkz7SCAkIgOGAEBABGB-ACgHICwHYEwyyFxoKGAgAEhRwdWItOTg2MjY2NTE2OTgzMzU4Ng&sigh=1AbCX0Nza0g&template_id=419&tpd=AGWhJmupR6h5wrUUA9cTjUWL76EyABsiKphjMpCBlYcYJ8f7ug

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1616304118&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=378&idt=145&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Tm7qQN1eLK&p=https%3A//sudaneseonline.com&dtd=148
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 21 Mar 2021 05:21:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 2AF5 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:21:19 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 2AF5 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:15:33 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2AF5 117 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:21:59 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 2AF5 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:07:27 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9C8E 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAC-x9tdWYO3FG8v83wOD35K4Bcuypd5hha6s0uwM3dkeEAEgioHAA2CViriCyAegAdLyscwCyAEJqQJ5I_1pDvmzPqgDAcgDywSqBMoBT9CE9slE__HJr54a6Zv7RhgwQ1V79IFye3fhcsnLHMZeQIEvjwKrYs1U3WMXXINSzyi1vDhLvFv-CCIG1ixvTpOyB_JHceRtOXi6UqWlqcr_bMIO6un7C7FZOdKv3ubOhTcJo28SKrIYCCncjOoPaa8Yky-XWDI1KqkvLQF1TzToKnndU3DJqlqfvyUQltyUFVsRg-fv_hGFoyM2L673r3EbKrpjwgvHx_esTHgUjlfFqx2yWUU9Bx7X6vNsLNfOuDGj43jcZs7exsAEqPneycUDkgUECAQYAZIFBAgFGASgBi6AB5aNzrMBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEODIBNIICQiA4YAQEAEYH4AKAcgLAdgTDYgUA7IXGgoYCAASFHB1Yi05ODYyNjY1MTY5ODMzNTg2&sigh=9kSApEh-hzQ&template_id=484&tpd=AGWhJmvO-Pa0bRdY8RSpvW3DS711uXSvCaIu84nlndutrJyz9Q

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=600&slotname=0328297630&adk=2265731008&adf=2802248822&pi=t.ma~as.0328297630&w=120&lmt=1616304118&psa=0&format=120x600&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=388&idt=205&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280%2C135x700&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=801&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&fsb=1&xpc=nYLMWdhuDJ&p=https%3A//sudaneseonline.com&dtd=207
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 21 Mar 2021 05:21:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 936D 22 KB
23 KB 26ms
5ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSiZtBM4U4SrBYzJYTezi5B74FxyOdeBf12Zazqm3ooI0TV6XUyfAFhY_N4LA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=389&idt=191&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=dxoI7UVr0C&p=https%3A//sudaneseonline.com&dtd=194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a92fc3c2c45327dcd52f395f32d6aceb73229f675ee436ac94ff37e11f5b2a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 16:34:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 29 Jan 2021 09:01:55 GMT
server: sffe
age: 132464
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23020
x-xss-protection: 0
expires: Sat, 19 Mar 2022 16:34:15 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 936D 16 KB
16 KB 26ms
6ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRtBb_hOEdKVSiG86y2fyfHiXRMNPMdbaJ3sZ5JGLEhRBrzIyeuNYEatMf-ZW8&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=389&idt=191&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=dxoI7UVr0C&p=https%3A//sudaneseonline.com&dtd=194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96fe046b96fb066751aab1b28228a166d22e2958585bd5642f685380f8427a19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:34:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Feb 2019 15:38:29 GMT
server: sffe
age: 470822
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16143
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:34:57 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 936D 24 KB
24 KB 26ms
6ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTXJKdCgQ4eC1a9AxYsA1zuiAfUpgprfijr50p8cKHrS2iclLzeBTrvvhr_dA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=389&idt=191&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=dxoI7UVr0C&p=https%3A//sudaneseonline.com&dtd=194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c3e42da31a2417c2c8506ccba86d0c6c01a0054bed41f14ddd0768d6b7bc66b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:06:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 09:43:56 GMT
server: sffe
age: 220555
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24511
x-xss-protection: 0
expires: Fri, 18 Mar 2022 16:06:04 GMT

GET
H3-Q050

200

1942932766610285941
tpc.googlesyndication.com/simgad/ Frame 936D
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrk9-MlgEQsAkYrAIyCCwXq2pyxb1C
https://tpc.googlesyndication.com/simgad/1942932766610285941

55 KB
56 KB

7ms
7ms

Image
image/jpeg

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1942932766610285941

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=389&idt=191&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=dxoI7UVr0C&p=https%3A//sudaneseonline.com&dtd=194

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a9c46b460322b2155969271c410d0ccf132d1c2d15f8d46d0f93994ecedc448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 05:57:11 GMT
x-content-type-options: nosniff
age: 257088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56808
x-xss-protection: 0
last-modified: Wed, 19 Dec 2018 14:57:26 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 05:57:11 GMT

Redirect headers

timing-allow-origin: *
date: Sat, 20 Mar 2021 20:23:31 GMT
x-content-type-options: nosniff
server: cafe
age: 32308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/1942932766610285941
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Apr 2021 20:23:31 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 936D 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Chz1a9tdWYIPmGoHm3wOq4zjvz8PTYYvAzeesDJ_EgbaVHRABIIqBwANglYq4gsgHoAH_9P2ZA8gBCakCeSP9aQ75sz6oAwHIA8sEqgS9AU_Qqciy676rFJxLVEQ6PzVjLCv0asH7PWQG9r19AILAKjAkpf8YzVPvSxlQaVFOje9Oz-A3P0mwPa9YzxWRxVYxE3O0xVwEasWT-4a-szPn1Q1Zgh6xx3OxCAYKI7QCLhGxg7WxViBzJABl3hRV28qqP0AJBcWQXlOWFWrXtCbVsgkxnf9IxS9HNq4yajjV7lda9nEnJvgsoNADT2xLAc5y23AbuUyDYz4bpjD1Eg_upd0oBXYnOj6T9yoM2MAE1LrA17MDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_yRlzaoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEL3xJdIICQiA4YAQEAEYH4AKAcgLAdgTDIgUBtAVAYAXAbIXGgoYCAASFHB1Yi05ODYyNjY1MTY5ODMzNTg2&sigh=iY52knlXO1k&template_id=494&tpd=AGWhJmv47FcWhuhwv2fRhWuUgZuzcwEPJgF7AZ9A31Cri-K4Sw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=389&idt=191&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=dxoI7UVr0C&p=https%3A//sudaneseonline.com&dtd=194

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=389&idt=191&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=dxoI7UVr0C&p=https%3A//sudaneseonline.com&dtd=194
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 21 Mar 2021 05:21:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 961F 4 KB
640 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118217&bpp=2&bdt=379&idt=161&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=uyoRyLsHac&p=https%3A//sudaneseonline.com&dtd=165

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4df0547b55f54db46b6551ea0eb3380f65ea77748d4bec005867b8369c2a397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Mar 2021 04:32:11 GMT
server: ESF
date: Sun, 21 Mar 2021 05:21:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Mar 2021 05:21:59 GMT

GET
H3-Q050 200 9117738245999863151
tpc.googlesyndication.com/daca_images/simgad/ Frame 0327 30 KB
30 KB 7ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9117738245999863151

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=377&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QMTK9ZkNCB&p=https%3A//sudaneseonline.com&dtd=158

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36d3e8c3daef3bd2add3be4078ea1ae50b058c7ed9576fa91c68a25aa36ce8ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 18:08:27 GMT
x-content-type-options: nosniff
age: 40412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30608
x-xss-protection: 0
last-modified: Fri, 29 Jun 2018 06:38:26 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 18:08:27 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 0327 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=377&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QMTK9ZkNCB&p=https%3A//sudaneseonline.com&dtd=158

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:21:19 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 0327 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=377&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QMTK9ZkNCB&p=https%3A//sudaneseonline.com&dtd=158

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:15:33 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0327 117 KB
36 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=377&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QMTK9ZkNCB&p=https%3A//sudaneseonline.com&dtd=158

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:21:59 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 0327 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=377&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QMTK9ZkNCB&p=https%3A//sudaneseonline.com&dtd=158

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:07:27 GMT

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 0327 25 KB
11 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=377&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QMTK9ZkNCB&p=https%3A//sudaneseonline.com&dtd=158

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

329059d559fdef07b7854e9550433cf721a2301c3279b96d5c04f32477fbb63b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 22:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10816
x-xss-protection: 0
server: cafe
etag: 5325187549321947876
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Apr 2021 22:00:29 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0327 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2TdA9tdWYJ3pF5mP3gOx85a4BcWVwdde25W6zfsCxtfVvtcOEAEgioHAA2CViriCyAegAe64jv8DyAECqAMByAPJBKoEwQFP0NIg48gKuLI_FakThZ5Ze6p-rQOKrQQJj9o2pmxWmVlpyKurI74W3DZfXV3-Pdg-f2Z5_m05cjLFx1NX2NQfnPUKRUPb5xglDacf5PZBVJtaInk6a4Lf4tX0YD1q3FyCJOluA80jsD3QTLqgW5LzCkWFcamH-B7H_lZbzshuCU5Gk14SwmH-iYLFzY4NogmHI13ksSr3URuHFWjEwE6AkRfyYBVM9la4aBMf-q5uUZCrK91M3zkSS-c4IDjhpIO4wASjiO6PFJIFBAgEGAGSBQQIBRgEoAYCgAf6xnGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQleQJ0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTk4NjI2NjUxNjk4MzM1ODY&sigh=_0K0-BfOhBQ&tpd=AGWhJmtj0u5oZElG3AnpzBGV3W8bxnGxZwMTq_KTANH3zeqolg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=377&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QMTK9ZkNCB&p=https%3A//sudaneseonline.com&dtd=158

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=377&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QMTK9ZkNCB&p=https%3A//sudaneseonline.com&dtd=158
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 21 Mar 2021 05:21:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9C8E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a935a0b97236338ee820d8a4a71a8317867056d86af91242529ef4263cc11cd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 15ms
15ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=3268741885671131&bg=!XV6lXhrNAAbUo7L91KM7ACkAdvg8WrqJWpkHDD28TkbZxlZLmxxDR1lFeklCq4pjxyB6kTGywtdTAAIAAAFrUgAAAMtoAQcKAPcqbBCE9C07qnuNsD7g14kPb30BMZ2V2vdn00HdFxBnuv6lXenmXokpj63d21ns50sOyqbxJYhUl3vbrz9JfuW7obrA6QyUJhjukYY7tzo5bRztvDkuWcmX32AbxhET-zq3mJuQ397UoL0sOZOeF_0zl1jFza8PTql-ln5Lu_zvmppLwEElYx461O9JCkY8WjbssV91wewyrAk-n6dELijx3CgX0wupHY7bAZMcnqWaNvoR3HDSoxkA75OP-UWJqWvEQyfkoovzMvtWb7EjKvLEwky8LgczS2lcaVkRVj-O-V91QLAqtlQgmzpNnjroDqbmH2Y8t6K4mQHfmsXu7TZEmM3-eNfFtnybsfE-K0PYLWYa94UpDc_9sbZYNFANUlzZXrsMsL0RzVODo7bT-OGYmpX5QDCR-XWLMZ_O6bVs1rMviyUrLyNaiqdkCL2rESgaMr__kkxR2TauBTZPuFNWCOqiIAD8WMvNwHRBBAygANKXiwYctf7uhqlBKSb0zDVP2r44u8NQf50Vl018ZNAjNWTDGoskFn9mbw91Q3ROoG1JV5mbv7SZQNvtap-WgcSHVCRMKTKRhquPz1Q6BHaft_fKUKJTejsND6OzFcmVCkiSdHro49HP770YTvJ27KDlIZtKaWE-ErzZr7XoXgrJuSwjVfxcAMuNrtNl3u6IJD_rj5jvKcCvUdoEJAC1qPTaX2EQHXZ2oZSsYYEygKfZ--GAa6oBMM4iTSH3BN2yli24ABDNmvpXgdoMrf0D-B-4E9XXOIpfu13rOi_BjUGTEm9UO0xk2JL-Jqg-rz31_0AZhoCWvpKMeJR6VPAoXA2LFYSIjLmYxObYIHeNMPwdryLcX40diy404gK5DkXB3pUSCmurZE_OXYlcbD3F4VvnXuhkAaiR_277gDUQbJ0Q1bdg9sR5LrTjdimxwxOQouOzQ87ckMi3h1J1d15k8ZBo3wuP5yiIEcQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:21:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C474 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1616304118&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=378&idt=145&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Tm7qQN1eLK&p=https%3A//sudaneseonline.com&dtd=148
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnHr_u6JFsET5HrdwB2JoBvueptHUecbmzqRowMG9OMAqwbsxCmJX3n-zrTBFc; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1616304118&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=378&idt=145&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Tm7qQN1eLK&p=https%3A//sudaneseonline.com&dtd=148

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 21 Mar 2021 04:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2433
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 961F 2 KB
988 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 891
x-xss-protection: 0
server: cafe
etag: 8551179781376740118
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:13:47 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 961F 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:21:19 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 961F 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:15:33 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 961F 117 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Sun, 21 Mar 2021 05:21:59 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 961F 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 05:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 05:07:27 GMT

GET
H3-Q050 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame 961F 25 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 21:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 285824
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Tue, 15 Jun 2021 21:58:15 GMT

GET
DATA 200
OK truncated
/ Frame 936D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05bff6a94c7efd88b356be2406a521ad6e14aafae2178b145734c470c2111dae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2AF5 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 448b601d6f035e2c025b1588123ce000b646b2cfeb064e29f0b23f96fab7e123

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 2076313506083323656
tpc.googlesyndication.com/simgad/4448011439515058198/ Frame 961F 34 KB
34 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4448011439515058198/2076313506083323656

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34440f458a799123d3acdfcb114d5b4f3e83b43a88c59c0a191175f8fc13c71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 05:22:37 GMT
x-content-type-options: nosniff
age: 172762
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34734
x-xss-protection: 0
last-modified: Mon, 25 Jan 2021 11:41:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 05:22:37 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1153412327273386305/ Frame 961F 2 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1153412327273386305/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

114b49d5d6157f7b17d9c1ddbc534359e9b98135ff32ed17ddd9dad170c0ed22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 10:19:22 GMT
x-content-type-options: nosniff
age: 241357
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2554
x-xss-protection: 0
last-modified: Thu, 06 Aug 2020 05:54:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 10:19:22 GMT

GET
DATA 200
OK truncated
/ Frame 961F 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 9C8E 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 469812
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:51:47 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 9C8E 15 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 293368
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:52:31 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 9C8E 15 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 22:41:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:55 GMT
server: sffe
age: 283209
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15784
x-xss-protection: 0
expires: Thu, 17 Mar 2022 22:41:50 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 961F 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CC8759tdWYPmlGNDv3wOEpK-QAbfozPJh6fLeqpANgKmA7JACEAEgioHAA2CViriCyAegAdWcp6ECyAEJqQJ5I_1pDvmzPqgDAcgDywSqBMoBT9BfXYWvI9McTy_s7ReXKw25rgVKfi0HwOHG2J6OaAlw7KOCBRxd58UyaJUq1wxTYKdIve2SHhWjdl_90eJzLMAtNCKY6VXMbJU9rcjXSoHIhQx_LNppRUvY6s2hU00qMK0hMYd4WwvLp-mYVRYmriHAnKRrTp73kFkj6lNOZGQalHZ9VA2G-1IlKyFS98DSR2r49qocH7s2pzpIvlsInCxeXeKg9cESa1nN2wXU6YxwJM02Fn87vyb2euGmE9B0ffXe_Gm3FTrM5MAE2Lqly74DkgUECAQYAZIFBAgFGASgBi6AB5Pj2N4BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELmyBtIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi05ODYyNjY1MTY5ODMzNTg2&sigh=dOdPpPK8XG8&template_id=484&tpd=AGWhJmtcOcbC_f_fyWWRdWMF5SQTgULc3hSzqDGIuPcfMuFLYw

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118217&bpp=2&bdt=379&idt=161&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=uyoRyLsHac&p=https%3A//sudaneseonline.com&dtd=165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 21 Mar 2021 05:21:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9716 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=377&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QMTK9ZkNCB&p=https%3A//sudaneseonline.com&dtd=158

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=377&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QMTK9ZkNCB&p=https%3A//sudaneseonline.com&dtd=158
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnHr_u6JFsET5HrdwB2JoBvueptHUecbmzqRowMG9OMAqwbsxCmJX3n-zrTBFc; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=377&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QMTK9ZkNCB&p=https%3A//sudaneseonline.com&dtd=158

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 21 Mar 2021 04:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2433
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0327 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17862a40a0d559ccf6d0e0dd06850a0488b93e218c4e1fa9fbbf2913a5188a84

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 784E 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3456726179506550991/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1957
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 22 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 784E 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3456726179506550991/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 21 Mar 2021 13:07:30 GMT

GET
DATA 200
OK truncated
/ Frame 961F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 502a9f53191418423a95c6823ab7f0758ed0a2c86b612e80bcaf7d43cce3ed5c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AFA 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=389&idt=191&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=dxoI7UVr0C&p=https%3A//sudaneseonline.com&dtd=194

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 145019
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 13:05:00 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 936D 54 KB
21 KB 550ms
48ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1616304118&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118227&bpp=1&bdt=389&idt=191&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=dxoI7UVr0C&p=https%3A//sudaneseonline.com&dtd=194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

3477e8fe3b7becd59943c9497c9a6cdcb7768f59f5c0bba0bcf981c923b25c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 04:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1423
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20897
x-xss-protection: 0
server: cafe
etag: 7857869394883405340
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 05:58:17 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame C546 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 145019
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 13:05:00 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 9C8E 54 KB
20 KB 569ms
81ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

3477e8fe3b7becd59943c9497c9a6cdcb7768f59f5c0bba0bcf981c923b25c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 04:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1423
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20897
x-xss-protection: 0
server: cafe
etag: 7857869394883405340
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 21 Mar 2021 05:58:17 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C330
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
156 B

14ms
14ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnHr_u6JFsET5HrdwB2JoBvueptHUecbmzqRowMG9OMAqwbsxCmJX3n-zrTBFc; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 21 Mar 2021 05:22:00 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 21-Mar-2021 06:22:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:22:00 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 21 Mar 2021 05:22:00 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3024 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 145019
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 13:05:00 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 961F 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 469812
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:51:47 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 961F 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 293368
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:52:31 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F9E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 145019
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 13:05:00 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C474
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

14ms
14ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnHr_u6JFsET5HrdwB2JoBvueptHUecbmzqRowMG9OMAqwbsxCmJX3n-zrTBFc; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 21 Mar 2021 05:22:00 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 21-Mar-2021 06:22:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:22:00 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 21 Mar 2021 05:22:00 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 72FE 42 B
155 B 16ms
15ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlNhYmd9t446tLyjfJGKMtuhBPN7E4CnIgp-EILrfuq_1R6HFtacFgXFYMtyGtvBBjK61eekxou6nr-dtMdw-M8ChWHyF8uvliZ7Hqz6U9mJFHUPU0VbbCDUNTvw&sai=AMfl-YRMOZcOSS-KbWpf9ksDDpg933aC4rqky6wWrLWsBVFn3jM1cSIw-7YdkhuMK-5Eqh03yrxilw2yKLPE&sig=Cg0ArKJSzHx6u0trPn7sEAE&id=osdim&mcvt=1000&p=111,10,617,145&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3758595536&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616304118356&dlt=235&rpt=53&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:22:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B8F0 42 B
66 B 16ms
15ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdxbq96tGqsrCQCPlqGoaWEHCeVabOHHQhLw3YcutA9zxm42W6k77310VCYPkLhkDAIeckTPth0pXHie99XHnLlOws5J3xHIieWwZdI1gMGDx_3xZcc6tR2ebcDQ&sai=AMfl-YTbk8yU9l4bnQ5qNA2lwmZEQidIu_dIj3s6u0Qn2lc6tAVAX9bXxYYUkE4JIaA3eC70CAqor31g16gI&sig=Cg0ArKJSzD0AD8XlnLZsEAE&id=osdim&mcvt=1003&p=0,586,60,1054&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2256891426&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616304118340&dlt=212&rpt=61&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:22:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 784E 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c2744fe747215e6a27c0eddb2b548eba36d35c5baa0a8b856ccf56a5c31d2ec

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 784E 24 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cef87f050e4bcb239ba55f306073a122767e0e9183cef65b324352674ef381f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 784E 843 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8f0c88ed1f811308a51a043c12b8208f7dca3f30cccebb701f7b623bf8980f6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 784E 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccf362270f55814120b056e10ad90c85288a54f8aacb297641a23d412e0423e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 784E 21 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46b665aec587754215aca2c2e84218bef73ed2bb059fed084caef1df300a0008

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 784E 32 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc8904cf494c040131cf5c61ed0ee8b3af200a356ea113a3e54a4d7c798159d3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 784E 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06e4108ed045249eeec3ffd0b0520922f0b46eaf1d5a54db1bf9dc549ff7dc80

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 784E 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1aeceef378724433f1a66549d593a39a79cf997c78cbde925187be550d58ee68

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 784E 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00f24d35adc5a60b6457d6b9ccd31e654cf3f8f8c76b4cc668be2a46834d1fce

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 784E 23 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c80da8eb6e9150d66697643e8d59db022fd32060461f75d428bf63687c5b38de

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 784E 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6f6facd55ab986290b7cdd3aa2a8acfcc6f7edf53bf37689cf51f33dc54bcec

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 784E 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8a74579fb64e402c0bf5ff5ab4c91a522f812ce8c082588e95e08d21eecc45b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 784E 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93145f73267d49fb0755c373ac2ce47a9e39866da0bf529443810b769d8d6b68

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 784E 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2eebf35211143c8364122917c63490e1f22a4ca895a8e50e1f3ab840943cbcec

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9716
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

14ms
14ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=377&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QMTK9ZkNCB&p=https%3A//sudaneseonline.com&dtd=158

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnHr_u6JFsET5HrdwB2JoBvueptHUecbmzqRowMG9OMAqwbsxCmJX3n-zrTBFc; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 21 Mar 2021 05:22:00 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 21-Mar-2021 06:22:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 21 Mar 2021 05:22:00 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 21 Mar 2021 05:22:00 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame B966 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1616304118&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1616304118216&bpp=1&bdt=377&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=5317095380662&frm=20&pv=1&ga_vid=1911798496.1616304118&ga_sid=1616304118&ga_hid=790675306&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060288%2C44735931%2C44739387&oid=3&pvsid=3268741885671131&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=QMTK9ZkNCB&p=https%3A//sudaneseonline.com&dtd=158

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 145020
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 13:05:00 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 784E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 13:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 145020
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 13:05:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 936D 0
331 B 506ms
186ms Other
image/gif 2607:f8b0:4012:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kmipqp3d&ctx=2&gqid=9tdWYJOoGs2F7gO5x6-oDA&qqid=CIO50IbSwO8CFQHzdwodqjEOAA&met.4=fb.k3~lb.pg~ol.tz~bdt.-g8~bpp.-5e~idt.-4~dtd.-1~dt.-5f&met.3=739.pg~740.t0_1~555.ti~556.ti_1~738.ts~749.tt_6~734.v4~736.vc~740.wj~740.wj~740.wj~740.xj~735.xo_1~740.xw~734.yg~740.ym~740.11e~740.14a~740.175~740.1a0~740.1k9~113.1kk_5~112.1kj_7&met.1=1.kmipqniu~6.0~7.0~8.0~9.0~10.0~12.2~13.bc~14.bd~15.cz~16.pg~17.pg~18.ph~19.tn~20.tn~21.tz~22.n6~23.ol&met.7=CAUQCBgBMJkDOLcIaAFwmAN4yboBgAGiuQGIAbjqBLABAbgBAw~CBwQChgBINIFKNIFMNkFOAdo0wVw2QV43QiAAfsGiAGADLABAbgBAw~CBwQChgBINIFKNIFMNoFOAho0wVw2QV4rTiAAdA3iAHiiQGwAQG4AQM~CBwQChgBINYFKNYFMN0FOAho1wVw3QV4swqAAZcKiAHRE7ABAbgBAw~CCoQChgBINYFKNYFMOoFOBQ~CBwQChgBINYFKNYFMN8FOAho1wVw3gV4xC-AAecuiAGta7ABAbgBAw~CBsQChgBINcFKNcFMN8FOAg~CBsQAhgBIIAGKIAGMKAGOCA~CBsQAhgBIIAGKIAGMJ8GOCA~CBsQAhgBIIAGKIAGMKAGOCA~CAQQAhgBIIAGKOkGMPEGOHFo6QZw8AZ4zL8DgAHouwOIAei7A5ABgAaYAYcGsAEBuAED~CCEQBBgBIL0GKL0GMM4GOBFovgZwzgZ4FbABAbgBAw~CCgQChgBIK8JKK8JMPcNOMgEQLAJSLEJULEJWKUNYM0JaKYNcNYNeM6nAYABoaMBiAGbrwOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:80b::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:22:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2AF5 42 B
66 B 16ms
15ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7weXGK_u4wMpeK2HXvdU7AVKUI4czsK8MXfz-35kFsn8NEsLGonODV99M_pMMjkNbSEHwPA9wToXMQfyH93Ai4qpVgZ2oUYPHGnLIE74pfeVfq6J5wsts76IGyQ&sai=AMfl-YQplMeVojT4cjKdyYjsXl0dF-F5rq7YesLRESlZuUHiXqS6rK4DToaO-_sShx2e8UghJfk_V7xNionZ&sig=Cg0ArKJSzFgWj5q5Q9IjEAE&id=osdim&mcvt=1012&p=111,348,361,1318&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1230168666&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1616304118366&dlt=527&rpt=45&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:22:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9C8E 0
54 B 503ms
186ms Other
image/gif 2607:f8b0:4012:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kmipqp3l&ctx=2&gqid=9tdWYPSIG5uZx_AP9eyS2As&qqid=CO2Y0YbSwO8CFUv-dwodg68EVw&met.4=fb.ie~lb.nu~ol.vb~bdt.-gk~bpp.-5r~idt.-3~dtd.-1~dt.-5s&met.3=739.nu~555.sj~556.sj_1~740.sn_1~740.tp~740.tq~740.tq~738.v6~749.v6_4~740.x6~736.x9~735.xl_1~740.y9~740.111~740.13x~740.16s~740.19o~740.1jw~113.1ke_3~112.1ke_3&met.1=1.kmipqnj7~6.0~7.0~8.0~9.0~10.0~12.1~13.8w~14.8x~15.bi~16.nu~17.nu~18.nu~19.v2~20.v2~21.vb~22.mo~23.mo&met.7=CAUQCBgBMMECOOcIaAFwwAJ4zbgBgAHQtgGIAfGnBLABAbgBAw~CBIQBxgBIL8EKL8EMOoEOCtAwARIwARQwARY4QRgwARozQRw6QR40wiAAYIFiAH-LqoBFAoSUm9ib3RvOjMwMCw0MDAsNzAwsAEBuAED~CBwQChgBIJYFKJYFMJ0FOAdolgVwnAV4mweAAfsGiAGADLABAbgBAw~CBwQChgBIJYFKJYFMJ4FOAholgVwnQV47zeAAdA3iAHiiQGwAQG4AQM~CBwQChgBIJoFKJoFMKIFOAdonAVwoQV4uAqAAZcKiAHRE7ABAbgBAw~CCoQChgBIJsFKJsFMK8FOBQ~CBwQChgBIJsFKJsFMKIFOAdonAVwogV4iS-AAecuiAGta7ABAbgBAw~CBsQChgBIJsFKJsFML8FOCQ~CBcQAhgBILYFKLYFML0FOAhotgVwvQV4ytgBgAH01QGIAfTVAbABAbgBAw~CBcQAhgBILYFKLYFML0FOAdotgVwvAV46A6AAfUNiAH1DbABAbgBAw~CCEQBBgBINcFKNcFMOcFOBFo1wVw5wV4FbABAbgBAw~CBMQAhgBIPoHKPoHMIAIOAZo-gdwgAh44HuAAfh6iAH4eqoBDAoGcm9ib3RvEBQYArABAbgBAw~CBMQAhgBIPwHKPwHMIMIOAZo_Qdwggh4sHyAAch7iAHIe6oBDAoGcm9ib3RvEBQYArABAbgBAw~CBMQAhgBIP0HKP0HMIQIOAdo_Qdwgwh4kHyAAah7iAGoe6oBDAoGcm9ib3RvEBQYArABAbgBAw~CCgQChgBILEJKLEJMPkNOMgEaJkNcOoNeOajAYABoaMBiAGbrwOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:80b::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:22:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 936D 42 B
66 B 19ms
19ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQp8TgK4RKWjjjHnCQxcqsaqHSWWFROnyrHW8Jcy8HMlFk57fIZ3t-lTBKg1kEQm7pCnmyRhVfKNiAplRjOQLEA5M1LtRWTXES0QX50WKWaFRvE79peBok2owG9g&sai=AMfl-YRS3DHOz22QcqOF4dLHhXJF4Ql2aDn-J95QX9XA76or_Ye57ozBmiEoLhgGQ1Gj5uockqb1lyh_0x8H__aA-SjeFOYL8YjAdSI&sig=Cg0ArKJSzNhtE7CdJ1oGEAE&cid=CAASF-Ro1sdsDriJY5iQV3ts2Gc3sVm0Bl_U&id=osdim&mcvt=1009&p=101,1460,801,1595&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=90918906&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616304118423&dlt=466&rpt=2&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:22:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9C8E 42 B
66 B 21ms
21ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXoyPHPdp2EcbQLLhXCNNCVDXJQQNqsufaWhU3J1bvpeIEY3dxRHKaaZP9WRsXW1H4lxUNan-HpEFGU5N7QfGFlbr81iUZ0ChgqJLRRrXiS7dSvAjRKh8LdsiD9tCv-LnZXSwQiIU7h0H9LhbQS11J&sai=AMfl-YSk2Vdr6s1jT2Tp4Jx-jBgSGBBX797rX5hfE_MoLLuZNsoxE8EIukJpQ9434CPqJcuVKMgja7DUoty8u-sRV_u7t9Yp7IPCjrU&sig=Cg0ArKJSzMtsMWOrBzOsEAE&cid=CAASF-Row_xhoJg-HcrGZn76ocMbKGuhwKgN&id=osdim&mcvt=1002&p=801,1460,1401,1580&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=0.67&if=1&app=0&itpl=22&adk=2265731008&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616304118436&dlt=413&rpt=2&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:22:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 784E 0
121 B 14ms
14ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=1293.0000&a1=https&f1=layout_html&s1=0&d1=15.0000&i=496557039007&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F3456726179506550991%2Findex.html&gqi=9tdWYMfqFtTJgQfY8I-AAw&qqi=CM_tzIbSwO8CFUCFgwcd20YJKw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Mar 2021 05:22:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i.top4top.io
URL: https://i.top4top.io/p_514yotp41.jpg

Domain: http
URL: https://http//www.sudaneseonline.com/uploadpic14/mar/1016333_488823897867823_1875840390_nsudan1sudan.jpg

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sudaneseonline.com/	1970-01-19 16:58:24	Name: _gat Value: 1
.sudaneseonline.com/	1970-01-20 10:29:36	Name: _ga Value: GA1.2.1911798496.1616304118
.sudaneseonline.com/	1970-01-19 16:59:50	Name: _gid Value: GA1.2.1809223899.1616304118
.sudaneseonline.com/	1970-01-19 17:41:36	Name: __cfduid Value: dc26b7353ad3d6a912521d2b831b46f4a1616304117

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=505
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=510
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=10
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=30
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=15
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=12

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
adservice.google.com
adservice.google.de
ajax.cloudflare.com
bp1.blogger.com
code.jquery.com
connect.facebook.net
csi.gstatic.com
e.top4top.io
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
google-analytics.com
googleads.g.doubleclick.net
http
i.ibb.co
i.pinimg.com
i.postimg.cc
i.top4top.io
media-cache-ec0.pinimg.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
s-media-cache-ak0.pinimg.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
stats.g.doubleclick.net
sudan-uprisings.org
sudaneseonline.com
tpc.googlesyndication.com
up4net.com
www.facebook.com
www.fotoknudsen.no
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.sudaneseonline.com
www.sudanesesongs.net
www13.0zz0.com
www6.0zz0.com
xslt.alexa.com
http
i.top4top.io
107.6.185.250
13.226.156.166
142.250.186.34
143.204.209.66
146.59.152.166
178.162.150.43
195.154.113.34
2001:4de0:ac18::1:a:1a
2606:2800:134:fa2:1627:1fe:edb:1665
2606:4700:20::681a:b2e
2606:4700:20::ac43:4b3e
2606:4700:3033::ac43:9455
2606:4700::6810:a823
2606:4700::6812:fb0
2607:f8b0:4012:80b::2003
2a00:1450:4001:801::2002
2a00:1450:4001:801::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::200e
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:400c:c0a::9d
2a00:1450:400d:804::200e
2a02:26f0:7100:1ac::1931
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
51.91.224.95
66.7.219.146
00f24d35adc5a60b6457d6b9ccd31e654cf3f8f8c76b4cc668be2a46834d1fce
03652ccf25e11afea2e0d5e0a443cbe2b7a201a567d1f9e83d152921b80ebcbb
05bff6a94c7efd88b356be2406a521ad6e14aafae2178b145734c470c2111dae
06b683609a410f8c005dd4b27a0a660b5304d31b0e5614b95ea3ae02cd1b8072
06e4108ed045249eeec3ffd0b0520922f0b46eaf1d5a54db1bf9dc549ff7dc80
0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd
0b8f2c815b29a22692ff010e8185dabd533fd50b99222fed22917577a26aac02
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f440dd82f4295f634642fc0b0f5d717ca602e48fc73ca77d5c49055648674f9
0f6e6582296b1d29ca0bc18449883ee26d4791a204a2d8a4aa3396465209e5aa
0fbcf5fa225b6bd00d77fdbbf99b40b5e31e278211b129a7aa9625c81852f169
0ffb5e6a9625ae55529682bcb47bc148799f92f6c4b9aa7b959d0ecba3031b99
104fb306a0d86629e0ca0a63261b35c8a60b8f52ddd8cfb9271875c26bc16b33
1137d4c1e3478a9652bd6ca78e55ed48335bd330a209cd4ef45d1c54bf8d6c8d
114b49d5d6157f7b17d9c1ddbc534359e9b98135ff32ed17ddd9dad170c0ed22
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
129f664efb252ca71f2a2392cf26eac3b1a6ad556d1ebb2a0a90f73b3d9db4a7
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
17862a40a0d559ccf6d0e0dd06850a0488b93e218c4e1fa9fbbf2913a5188a84
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18a0f425e7929f0e35040c31fa34d0ac3584eea98b70d632a2da71554b827583
1aeceef378724433f1a66549d593a39a79cf997c78cbde925187be550d58ee68
1c00666874404c226c8385dd9b2a6b09ec253613b8f1b6ea998dd4d1166a52e8
1c4f1a9488c3f6301aae3a559e40d8155d6a3dd59b8931212193647d6d715033
1e3baebf07177d9749751087d746b3ba2456144b15eb5ae256e73b9444e08324
22cab56fd61d2a50a4558e9cf5b185fc108da9fa321fc2be0ed9499b0742d571
25014d25c6a1108834a61fe0b0197ff78574e162146a711ec425f30a968c87b8
26b07f904c703957e1dd48850a351d68c9a0dd73ce301033f072f89b3a6790ca
26e6f2f8bea5b5de77e5b3c1637059999b9eb060adff849c97254300ab59f5e8
2961b3db2b46da7335a7b966b4503e9c698b31721b54d65ce1b93c5662447624
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2c2744fe747215e6a27c0eddb2b548eba36d35c5baa0a8b856ccf56a5c31d2ec
2d0ed65db95ee9a4db6cfc439c2cfd35b8562cd082357fd24bd4ee7e903768cc
2eebf35211143c8364122917c63490e1f22a4ca895a8e50e1f3ab840943cbcec
329059d559fdef07b7854e9550433cf721a2301c3279b96d5c04f32477fbb63b
331acc20dae5667a603f25d217d1da5fdac46547422c81e74b16c3af90f9751a
334fdebf1fccd5f5132b821a92ab6233fe14d6588b7dd823a9641e82337680b6
341c395990c70eca9478ceddb6012b07c34db8cdc0e937583df1421101a89e19
34440f458a799123d3acdfcb114d5b4f3e83b43a88c59c0a191175f8fc13c71e
3477e8fe3b7becd59943c9497c9a6cdcb7768f59f5c0bba0bcf981c923b25c6b
34bf4ec3eca0adc00a246b829f90f947845d914d89cfa0a0d6de663628449a67
36d3e8c3daef3bd2add3be4078ea1ae50b058c7ed9576fa91c68a25aa36ce8ad
372d04f407947fdd808207dde54cf389d2535f566ea1b0cbd6dea35faf41e80c
3e035d5e3d092548b462fd177a9c7dc6d57a8d8e2abda9e4821dbff185642699
4130840cd3b4551d245f902798f99c85267091b851a6d4b389c35af04f9789f5
4240475704d5c6560364fd97b581ab0a38024b705ec7c4e41e100c4ed8f97792
448b601d6f035e2c025b1588123ce000b646b2cfeb064e29f0b23f96fab7e123
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
46b665aec587754215aca2c2e84218bef73ed2bb059fed084caef1df300a0008
489b9fb1fbacf1ba411b43325a90df87c0673880b48f7ebca8c5798edd311adc
48b8a624af7cbb313c257893fc5f1fe5f110849fa665e651d579f1a05578b14f
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a92fc3c2c45327dcd52f395f32d6aceb73229f675ee436ac94ff37e11f5b2a8
4de7b51725d4bb70235fb155bc24eec9d215d5693a3b6f6774ac1d19bb2ca024
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
502a9f53191418423a95c6823ab7f0758ed0a2c86b612e80bcaf7d43cce3ed5c
547ac2b7bf734f40cc994c11bbe5643fb7ae0f86442b53694a73a2b7bc550b53
553184002d49f3197d581f56de0f8ab37d66f0ae73c3f3faa363ac26c56b02e0
56583d7365641d0274d83f874ccdc02fd4524a491f481ef968c962c10c61d3b4
5659cc94e2a89b0e6ed7384c1c1b66d6662fc2f15a6ad37de8e4c3da25182e14
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
5a0a05b6141f12a66e7ffb53c25f00335fdefe12cf912e84f8ee3b3329a66e44
5a9fd7b21dc6a10ecd891500b275827227ded1bc4da401d19806c1c432c6d2d5
5d2cca8826edf60c734bd15b702a303778194e5faf93e4c4123924e252596691
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
65607d9ada7e71cd6e40bd2a4a1c8a4be8f1912641cbdf07b1905d514a1cf892
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
667bf5c1af491ae038eaa4c45bdd041d86e53ccc27bb929f593ba7b60cf20615
67e21fbbac1cd476ed1e5d1a487481cb6535c5a8748f2df4647b49842eb49f41
68430414496d22c9b9ea0010992f5c56c62aa1cf814e74a440c8a11f04e9dd16
6a9c46b460322b2155969271c410d0ccf132d1c2d15f8d46d0f93994ecedc448
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c506296ca312c789a1a1952e5c70ee8a40a80c4cbbef8169df8f996d97d3d37
6cef87f050e4bcb239ba55f306073a122767e0e9183cef65b324352674ef381f
6d02e1c83de57abd45b1a6c3f382ca3679576d22ece985485b560b3257811ae9
6deb65415de62e377fd7878fa40fa8f4cb16a52b2ccedbacb4cf0e576b2fd3ac
719a9c5b70a7847cc11a4cbec622308f61315c4e849d91e3f156fe5790487f76
724e999373acde2068adc1a148b9fce57faed54dae3dd9edf30345c26bdeaaea
72a492fc88306b58b590d47f55feb08b11119d149db001980f20ad10846b21a2
72fea3fe50ffbc7bbf4648547ccf1a38ed660ec9971829aae72147845f44f81a
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
733a90c78ebe6072cb5bff90bf028b9cba6e50d0570686265a30589570edb925
74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf
756d7dfac4a35bb57543f677283d6c682e8d704e5350884b27325badd2b3c4a7
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
7717de7e2e218e956580963a667c5899e3ea5653cbc1569152330429f38542b5
797c26f036647914a3edb42b47186fef5dea31a6d548fa4bf94917c7e17735a2
7adfd28e4d3f82986994929a83ff23a3ee91984f81adb7d1377b85bb78adcb44
7be91ce97275c300ce632c8e46d84811da453937eb643aa48f63f723fef0153a
7ddadf329de63774f1dedde0cd0a01a422b46a93daa2b36c138f659be3f1ac11
825c53dfafd552da507d2fec0b33fc102155787f668b801115dffe243460daa4
826d0fa047035b8ecee3dcdebcb9955ecc91f1c85bfb42aa1ba91d9c49175c71
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839b41dd475d143b31c479aa6e666b8deb648b293ee93e67071222960f2b75cc
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8568618df18202314a62419e94e30f4183c4878adb08066b1e76110173c16c1a
8a1248f56a6e54ab10fb4860af9189cc5718e788c1fd66f66da17a5409e6191b
8d3d5252c5c8636e3a85a58e8a925714c7cb17c8da2563ed39d2824d33833993
8dfce04e20664e11e151528f4f1ba4bb9e75f62c322c67964c70a1abde8db31b
93145f73267d49fb0755c373ac2ce47a9e39866da0bf529443810b769d8d6b68
937750ffdd41b5079218f0c49ea4c86157c646130ca635c067d245800194dc04
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
9585e77708ec1c4787f5a94e897317930ca8808ee699f1fa1335dd64d9b7cb91
96fe046b96fb066751aab1b28228a166d22e2958585bd5642f685380f8427a19
992388fbeff91f69ece1f2af28b26cd013db8135f58d8d05b96c9aecdc62a731
994eeb07030e43e421ed56a492e5e22ea1c7bdf1c349d6ac29b861b055ec8c0c
99b75fba3d0cf1748306e627173e3a473b42d55a3705a01ed8aeab605df597eb
9a935a0b97236338ee820d8a4a71a8317867056d86af91242529ef4263cc11cd
9c3e42da31a2417c2c8506ccba86d0c6c01a0054bed41f14ddd0768d6b7bc66b
a0b4fbbefd7eae3eb86600d6e00fcdc69258c39451e22ab05ebd200653311572
a101b45e2d75716f73ac665eadedacaef83267360581922837dece7aa1b9ba3f
a153f3819c758754117e2a2c953c2003ecf1bc55ef9c8d0db6ba8969215ce1c6
a2c0e0a1bf8b3c57bd4825c24dbea2cb72bb0bf3127fc88970a982e5d7d6eebb
a2ef7f79cbe1183b3c9f5e6ddf513cd4cc3742fefbb199d94b506f0fd78d0d3a
a4176501e296715eea36093ef15dd2774c199f2b2ec57231dc6a3425c3aee6d1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab339415eeafac91119b9fbe8a77f452a4dfb34cc933b223d850335f4d6c299b
ac0e8d13ec5f276feada45b806b85af037f734e0ee5a8aa7ce4b9e1e9110d5fc
aec1aadaaf76d0dc3ffc5078820f9efd4fa28d6396fb4d644dfa952005068f4f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b112d143d0b935fa4c67ee13a697324083dee7bb17b2ae39edee1753e7160db7
b18ed6ca4c98d8ef4e32f9bc82778ee7f52d3d645acff62107d7ead99036a3de
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b6f6facd55ab986290b7cdd3aa2a8acfcc6f7edf53bf37689cf51f33dc54bcec
b752bc919ef9928041a6a2422b1202aec19d64fa971c35c4c048e9279fe06aa2
b86a5d34de3ccf02a5d9b86bf2357f2c8bda612eb44cb4990f5326bae68b3893
b8c0557cbdd0251dcad213bc5f4d2409ccbe9bce3da0d62db589208238f77f96
b985c9d61d3616f8cb9ae78e1658946c7f395b30d86c18af9e8f4acd137592c8
b9b22ee5c44be56ed8d9915f66fdc68649e6b6280facfc5416dec407f8362f4c
bc8904cf494c040131cf5c61ed0ee8b3af200a356ea113a3e54a4d7c798159d3
be3320dc4e3f9f68c6f001ac32d204b9d881de39e0895d6cfa094f2271b59b6a
be6902f615f1fb5a9ada0bbf6ebe2c1e14fa085cb741f3e234bc07446cb6e12f
c02ddc028251ce8b5aaf959bc6e90d6944467212439f5bf283dbbd99292c815f
c0621f56e27eaeb8da58aa598039a2c9adff987b864eb21745b3f7143b883a5c
c1005580aa64ecc161e55963e34a2a829a95a3446b9ab0a66d2b51d35413f203
c10af103c2513beba5a7397f609106745382adea54bd90b818fa6f4fe8781026
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c487b79d80067ceb085def66fc7cd22e5c31ae0a35432b5c33b1a7300081e748
c7359ac53adc88dae2f28ff7a0e9156dcb2d088c6b434d0c2946e9c5ec7a1dce
c80da8eb6e9150d66697643e8d59db022fd32060461f75d428bf63687c5b38de
c817682c0d0aefdd54577d609d58d18ada6340b5321d22fa56fbe46c895f6bef
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
cafa40766e60fd1f2f8d3a0980b4c7b3c1bcc2d6e890dce0b472dd97c2a242dd
cb2196aad794bd3bf5603f20bfdaad85a6b871b63ca69bed33b0a5f4ba046f96
cc8818d80104cdb8dffba62d276afcc8372799de2d76199c55c3c718f826b73e
ccac7e99aecc81b124c6c36628fc4bf4cd036a4eeefda0aeec23769e54d8232c
ccd589c6f3c28f9ab95307472950b234952f43985cbcd75ced28d8f5ba06d42a
ccf362270f55814120b056e10ad90c85288a54f8aacb297641a23d412e0423e5
cd19302865a315df9a57552a585191f452efcbed7b0ab6b6569f4bebb764366e
cf5f8602ddd688b3192c614d2ec643678944be422c98f2b7370423283ffa93e1
d088fdea337c0464e5c88c421e2245ab56a40e513fddd84978312ff6c6f2ec29
d15f56ad8410162f6486e3dddf17ace90b3b3dd10142d29a97d4f26a9b13f9b7
d3bc545309b36fa9412d3bd21c78732babbb8e308f0dec2511479f8938de6f9f
d470ab3f2efb2271564c86298b3139480369a7d8b85cc117631ae5714605d93a
d4dc53e865862cad7b6933239b719184774dbfe1b02d988f1a8cf94f8a39a2dd
d507009ab741bec8c32027ef538c8343cfa8cad56a63b66933f63f42ec864a0c
d536ac86bd42f483358b267bc5daf5cd150bb8c774c37b3b3c66b5d7dc6f0342
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d8535f1b381398d4053486b50f3b99b5b283f65adc65ed66c52fb74ad44f47a3
d8f6622cfbd9872f2fd15939125bf8c707180c7a1f3b885a0710eb0ac6cb18fd
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dbf89db2d125549c513937d10e3af603d5aee8ec51bd14c318322c1dc2b97195
e10dba2b62a403e299ad9ab9cf4d137389e7db2d016d7aaec2f25b78884942cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0
e8a74579fb64e402c0bf5ff5ab4c91a522f812ce8c082588e95e08d21eecc45b
e8f0c88ed1f811308a51a043c12b8208f7dca3f30cccebb701f7b623bf8980f6
eaafcf858dacd31ee94ea267b50975065796ba5aec12e2cc0d87d744e83a247f
eacc511f0381e38a1687b46cd1d3548de2d66b575db1a3c95d4718fb3b23ed55
ed7d72de81ce28a49509b04006c99759ce51715d83f38fac7f58ee59313d028a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c9e59fe4556a5ca7da317a52097784bbe634004d9f67c78b36d0b7f4656704
f2f1ac4dc6f88d3f682cd230ae351f3ea1f65b2bbfdfc63d76c9c3804f52d204
f3592e59fdcfc66f50296e83effb5d068bfc81df7671421aa90a73d1fa2358f4
f4bc87cc13c11d0187ff9e40d81c5f6d2bdcff9a199c605e0c162b6c6ca1faa8
f4df0547b55f54db46b6551ea0eb3380f65ea77748d4bec005867b8369c2a397
f695180a0fbf6c666bb6dd71063a0199a666258364646e51593926e23d52bbef
f80dc587886f79d919aedb1c49d206af66b57e5f4cc875054379f0e8fcc3ed8f
f8375c595319cb9323cf9b4041537ecd1eb540023c816eff5c0f305962e999a6
f980381a6d7c3219c534917bbfc5d57c5c79ee22551ae2684a4a7608475b2e6a
fb066449432103954937cfee8ad798a7b096d0805dcd3fce09f6204f401bd245
fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583
fedf6c31f0488f1fb72d46208830a8e4a92f0c519e0cbd92e9ac20a1f8619e5a

sudaneseonline.com Open in urlscan Pro 2606:4700:20::681a:b2e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

240 Requests

99 %HTTPS

78 %IPv6

29 Domains

46 Subdomains

39 IPs

6 Countries

7084 kBTransfer

9500 kBSize

4 Cookies

7 Outgoing links

Page URL History

Redirected requests

240 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 24 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sudaneseonline.com Open in urlscan Pro
2606:4700:20::681a:b2e Public Scan

Screenshot
Live screenshot

Full Image

240
Requests

99 %
HTTPS

78 %
IPv6

29
Domains

46
Subdomains

39
IPs

6
Countries

7084 kB
Transfer

9500 kB
Size

4
Cookies

240 HTTP transactions
24 data transactions