sudaneseonline.com Open in urlscan Pro
2606:4700:20::681a:b2e Public Scan

URL:
https://sudaneseonline.com/
Submission: On April 02 via manual (April 2nd 2021, 3:59:27 am UTC) from JP

Summary HTTP 255 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 34 IPs in 5 countries across 30 domains to perform 255 HTTP transactions. The main IP is 2606:4700:20::681a:b2e, located in United States and belongs to CLOUDFLARENET, US. The main domain is sudaneseonline.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 17th 2020. Valid for: a year.

This is the only time sudaneseonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19 83	2606:4700:20:... 2606:4700:20::681a:b2e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	65.9.98.23 65.9.98.23	16509 (AMAZON-02) (AMAZON-02)
1 4	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
7 9	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
69	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6815:1d27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	5.135.83.165 5.135.83.165	16276 (OVH) (OVH)
1	146.59.152.166 146.59.152.166	16276 (OVH) (OVH)
1	66.7.219.146 66.7.219.146	33182 (DIMENOC) (DIMENOC)
30	2a02:26f0:6c0... 2a02:26f0:6c00:294::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	51.158.146.105 51.158.146.105	12876 (Online SAS) (Online SAS)
1	2606:4700:303... 2606:4700:3036::ac43:df38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	163.172.24.234 163.172.24.234	12876 (Online SAS) (Online SAS)
2 2	195.154.113.3 195.154.113.3	12876 (Online SAS) (Online SAS)
1	163.172.59.20 163.172.59.20	12876 (Online SAS) (Online SAS)
1 1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	163.172.219.20 163.172.219.20	12876 (Online SAS) (Online SAS)
5 5	2a02:26f0:6c0... 2a02:26f0:6c00:2ac::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::3e	15169 (GOOGLE) (GOOGLE)
255	34

83 2606:4700:20::681a:b2e (United States) 19 redirects

ASN13335 (CLOUDFLARENET, US)

sudaneseonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sudaneseonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.98.23 (United States)

ASN16509 (AMAZON-02, US)

xslt.alexa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 7 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:1d27 (United States)

ASN13335 (CLOUDFLARENET, US)

www13.0zz0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.135.83.165 (France)

ASN16276 (OVH, FR)
PTR: i.postimg.cc

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.152.166 (France)

ASN16276 (OVH, FR)
PTR: i.ibb.co

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.7.219.146 (Portland, United States)

ASN33182 (DIMENOC, US)
PTR: server2.sudanesesongs.net

www.sudanesesongs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a02:26f0:6c00:294::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.146.105 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-146-105.rev.poneytelecom.eu

d.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:df38 (United States)

ASN13335 (CLOUDFLARENET, US)

a7sas.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.172.24.234 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-24-234.rev.poneytelecom.eu

g.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.154.113.3 (Ivry-sur-Seine, France) 2 redirects

ASN12876 (Online SAS, FR)
PTR: 195-154-113-3.rev.poneytelecom.eu

c.top4top.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.172.59.20 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-59-20.rev.poneytelecom.eu

i.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

bp1.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.172.219.20 (Amsterdam, Netherlands)

ASN12876 (Online SAS, FR)
PTR: 163-172-219-20.rev.poneytelecom.eu

a.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:2ac::1931 (Frankfurt am Main, Germany) 5 redirects

ASN20940 (AKAMAI-ASN1, NL)

s-media-cache-ak0.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::3e (United States)

ASN15169 (GOOGLE, US)

p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-287818-i1-v6exp3-ds.metric.ipv6test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-287818-i2-v6exp3-ds.metric.ipv6test.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
85	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	889 KB
83	sudaneseonline.com 19 redirects sudaneseonline.com www.sudaneseonline.com	674 KB
35	pinimg.com 5 redirects i.pinimg.com s-media-cache-ak0.pinimg.com	3 MB
30	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	154 KB
11	google.com 7 redirects www.google.com adservice.google.com	1 KB
8	google-analytics.com 1 redirects www.google-analytics.com google-analytics.com ssl.google-analytics.com	63 KB
7	googletagservices.com www.googletagservices.com	243 KB
5	top4top.io 1 redirects d.top4top.io g.top4top.io c.top4top.io i.top4top.io a.top4top.io	221 KB
4	google.de www.google.de adservice.google.de	506 B
2	gstatic.com p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-if-v6exp3-v4.metric.gstatic.com	4 KB
2	facebook.net connect.facebook.net	60 KB
1	ipv6test.net p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-287818-i2-v6exp3-ds.metric.ipv6test.net	410 B
1	ipv6test.com p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-287818-i1-v6exp3-ds.metric.ipv6test.com	410 B
1	2mdn.net s0.2mdn.net	48 KB
1	wikimedia.org upload.wikimedia.org	67 KB
1	blogspot.com 1.bp.blogspot.com	22 KB
1	blogger.com 1 redirects bp1.blogger.com	407 B
1	top4top.net 1 redirects c.top4top.net	87 B
1	a7sas.net a7sas.net	48 KB
1	sudanesesongs.net www.sudanesesongs.net	69 KB
1	ibb.co i.ibb.co	10 KB
1	postimg.cc i.postimg.cc	81 KB
1	0zz0.com www13.0zz0.com	68 KB
1	facebook.com www.facebook.com
1	googleadservices.com partner.googleadservices.com	266 B
1	jquery.com code.jquery.com	77 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	alexa.com xslt.alexa.com	623 B
1	cloudflare.com ajax.cloudflare.com	5 KB
0	Failed function sub() { [native code] }. Failed
255	30

	Domain	Requested by
69	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net sudaneseonline.com
64	sudaneseonline.com	sudaneseonline.com code.jquery.com
30	i.pinimg.com
28	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net sudaneseonline.com www.googletagservices.com
19	www.sudaneseonline.com	19 redirects
16	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	www.google.com	7 redirects sudaneseonline.com googleads.g.doubleclick.net
7	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	s-media-cache-ak0.pinimg.com	5 redirects
4	www.google-analytics.com	sudaneseonline.com www.google-analytics.com www.googletagmanager.com
3	ssl.google-analytics.com	1 redirects sudaneseonline.com
2	p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-if-v6exp3-v4.metric.gstatic.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	connect.facebook.net	sudaneseonline.com connect.facebook.net
2	www.google.de	sudaneseonline.com
2	stats.g.doubleclick.net	1 redirects www.google-analytics.com
1	p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-287818-i2-v6exp3-ds.metric.ipv6test.net
1	p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-287818-i1-v6exp3-ds.metric.ipv6test.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	upload.wikimedia.org
1	a.top4top.io
1	1.bp.blogspot.com
1	bp1.blogger.com	1 redirects
1	i.top4top.io
1	c.top4top.io	1 redirects
1	c.top4top.net	1 redirects
1	g.top4top.io
1	a7sas.net
1	d.top4top.io
1	www.sudanesesongs.net
1	i.ibb.co
1	i.postimg.cc
1	www13.0zz0.com
1	www.facebook.com	connect.facebook.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	code.jquery.com	ajax.cloudflare.com
1	www.googletagmanager.com	ajax.cloudflare.com
1	xslt.alexa.com	ajax.cloudflare.com
1	google-analytics.com	ajax.cloudflare.com
1	ajax.cloudflare.com	sudaneseonline.com
0	http Failed
255	42

This site contains links to these domains. Also see Links.

Domain
youtube.com
instagram.com
pinterest.com
www.linkedin.com
twitter.com
facebook.com
plus.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
postimg.cc R3	`2021-03-25` - `2021-06-23`	3 months	crt.sh
ibb.co R3	`2021-02-02` - `2021-05-03`	3 months	crt.sh
www.sudanesesongs.net Go Daddy Secure Certificate Authority - G2	`2020-04-22` - `2022-06-22`	2 years	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
top4top.io R3	`2021-01-24` - `2021-04-24`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.wikipedia.org DigiCert SHA2 High Assurance Server CA	`2020-11-09` - `2021-11-16`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.metric.ipv6test.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.metric.ipv6test.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://sudaneseonline.com/
Frame ID: D3DF997A0F72FEF1E671BF67C23F3FA6
Requests: 137 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210331/r20190131/zrt_lookup.html
Frame ID: 47653B098968C06793B5D2B2B9E684F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&adk=1812271804&adf=3025194257&lmt=1617335938&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsudaneseonline.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617335938098&bpp=9&bdt=315&idt=88&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3040851601086&frm=20&pv=2&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104
Frame ID: 8DC33B4E64C77FDD38DF69A2A0CC7A31
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1617335938&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938113&bpp=3&bdt=330&idt=94&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JkgphflQZO&p=https%3A//sudaneseonline.com&dtd=99
Frame ID: 398DE99BF524B85314170A0ED7C4EC18
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938116&bpp=1&bdt=333&idt=105&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sXL8UIMnJk&p=https%3A//sudaneseonline.com&dtd=111
Frame ID: F20A1CD2D4780D515201D36B11E946F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1617335938&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938117&bpp=1&bdt=334&idt=119&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9mxMa4oAvZ&p=https%3A//sudaneseonline.com&dtd=123
Frame ID: A17CEF271603DB265A5D2AA4867FFE14
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=130&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ry2gytiTGQ&p=https%3A//sudaneseonline.com&dtd=134
Frame ID: AFE2B3263ABDF81DEE902769069EE47B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=162&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kPdwBrooGd&p=https%3A//sudaneseonline.com&dtd=165
Frame ID: 6CDE55D5A84E92B419AED8A1AC1D9F5F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938125&bpp=1&bdt=342&idt=164&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ICg3oZKcQa&p=https%3A//sudaneseonline.com&dtd=166
Frame ID: D036BC2F89ADF7A6FF9ECD4A98D354EC
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=600&slotname=0328297630&adk=2265731008&adf=2802248822&pi=t.ma~as.0328297630&w=120&lmt=1617335938&psa=0&format=120x600&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938126&bpp=1&bdt=343&idt=171&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280%2C135x700&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=801&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Tch5lUAUb3&p=https%3A//sudaneseonline.com&dtd=173
Frame ID: 6050BF0994C43CFE7BA1D244F2C490A5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 435E5F4B87EBD684A99B5DC76BFDF9A6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 12648336A34610FF6E9193B429F88A34
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js
Frame ID: AF081F0366A12F6F0AEF418EAEC806AF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/index.html
Frame ID: 67DA143CAE3EEC5800C19524E7517A7F
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CPIacgpZmYK7mDsWnx_APya6g8Arb-t_PYZbdi9mxDcWBhoyYExABIIqBwANglQKgAdLCkLECyAEJqQLx9Vf5JsOzPqgDAcgDSKoE5QFP0K2t9r2kTJq_PTAikdUqM9mA-3ZhR--psaLA4ljtEPkc5NfTuBp5TAkYzN_e64L0vqWDwcrQOe1_L6Ar6FHxnkg0SCSBsbZX8b8GzMayyGaMYb7sdmk-M-WnQcSQY7YxDCNHlWsM5kt9zUTuXFC_MZt4tXJCb4OASnsCYCo98kyAP-zzvT142M6z8M6n4LIrwXp0vhwrI4zDtzYryrOoI5ADvZdw8o7_iFWcq3_WE4UbZkefPkwr8moRDPcD698YvK5aOgtRX3QAKr1C0BMxQheVA9Fod6W3MbKWzf9kOm7JSQuZwATRw-_RqgOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHlr3vzgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQhuoG0ggJCIDhgBAQARgfgAoByAsB2BMLshcaChgIABIUcHViLTk4NjI2NjUxNjk4MzM1ODY&sigh=plOE0BxYGzE&template_id=419&tpd=AGWhJms5cozGy75EVCiVEs7DSvStesupZpn0h20GTXNcjutdlA
Frame ID: F150D1EC52F496B4060F693B5B7116A2
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html
Frame ID: 7237CBBD2BDA801929BB460C11AB0124
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: F2F1B980993337425360E7A1AC77AA48
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 2BCAD490E384ADE8E320275F73970324
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: AB7CABD3EBF36AA9160F206CD1A3360A
Requests: 2 HTTP requests in this frame

Frame: https://p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 1EE76A2F62945A632B6C3B0835826724
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: F9C7DC98154CE85A85C166E2FFCD5B70
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 7618DECA5CE8C544E9E9314BADF76BBA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js
Frame ID: FF1BDC88E902ACA1D77D9282FC6237F4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js
Frame ID: 95BF508E6477A118BA5F3079AF165E44
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js
Frame ID: EC7E8BDB70934F577BD5E636C20A452A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

255
Requests

99 %
HTTPS

69 %
IPv6

30
Domains

42
Subdomains

34
IPs

5
Countries

6207 kB
Transfer

8496 kB
Size

14
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://youtube.com/sudaneseonline/videos

Search URL Search Domain Scan URL

URL: https://instagram.com/sudaneseonline
Title:

Search URL Search Domain Scan URL

URL: https://pinterest.com/sudaneseonline/pins/
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/sudaneseonline

Search URL Search Domain Scan URL

URL: https://twitter.com/sudaneseonline1

Search URL Search Domain Scan URL

URL: https://facebook.com/sudaneseonline
Title:

Search URL Search Domain Scan URL

URL: https://plus.google.com/+SudaneseOnline
Title: Google+

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1289399876&utmhn=sudaneseonline.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D8%B3%D9%88%D8%AF%D8%A7%D9%86%D9%8A%D8%B2%D8%A7%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86%3ASudanese%20Online&utmhid=1163485917&utmr=-&utmp=%2F&utmht=1617335938160&utmac=UA-251719-1&utmcc=__utma%3D24067384.113016707.1617335938.1617335938.1617335938.1%3B%2B__utmz%3D24067384.1617335938.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=57625809&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-251719-1&cid=113016707.1617335938&jid=57625809&_v=5.7.2&z=1289399876 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=113016707.1617335938&jid=57625809&_v=5.7.2&z=1289399876 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=113016707.1617335938&jid=57625809&_v=5.7.2&z=1289399876&slf_rd=1&random=831048810

Request Chain 78

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 83

https://www.sudaneseonline.com/uploadpic14/mar/adamb_cowboy1.JPG HTTP 301
https://sudaneseonline.com/uploadpic14/mar/adamb_cowboy1.JPG

Request Chain 87

https://www.sudaneseonline.com/uploadpic/jan09upload/sudansudansudansudansudansudansudan29.jpg HTTP 301
https://sudaneseonline.com/uploadpic/jan09upload/sudansudansudansudansudansudansudan29.jpg

Request Chain 93

https://c.top4top.net/p_514yotp41.jpg HTTP 301
https://c.top4top.io/p_514yotp41.jpg HTTP 302
https://i.top4top.io/p_514yotp41.jpg

Request Chain 94

https://www.sudaneseonline.com/uploadpic14/nov/1459671_10152082883814328_1950176262_n.jpg HTTP 301
https://sudaneseonline.com/uploadpic14/nov/1459671_10152082883814328_1950176262_n.jpg

Request Chain 96

https://www.sudaneseonline.com/db/avatars/00000asudaneseonline.jpg HTTP 301
https://sudaneseonline.com/db/avatars/00000asudaneseonline.jpg

Request Chain 97

https://bp1.blogger.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg HTTP 301
https://1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg

Request Chain 100

https://www.sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg HTTP 301
https://sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg

Request Chain 103

https://www.sudaneseonline.com/uploadpic10/May/mamanadwa.jpg HTTP 301
https://sudaneseonline.com/uploadpic10/May/mamanadwa.jpg

Request Chain 104

https://www.sudaneseonline.com/db/avatars/drawings_il_340x270.375184795_gkx2_766470924.jpg HTTP 301
https://sudaneseonline.com/db/avatars/drawings_il_340x270.375184795_gkx2_766470924.jpg

Request Chain 107

https://www.sudaneseonline.com/english/files/cover/1nur_131441372.jpg HTTP 301
https://sudaneseonline.com/english/files/cover/1nur_131441372.jpg

Request Chain 108

https://www.sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg HTTP 301
https://sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg

Request Chain 109

https://s-media-cache-ak0.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg HTTP 301
https://i.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg

Request Chain 116

https://www.sudaneseonline.com/arabic/files/cover/green_khaliel_483586634.jpg HTTP 301
https://sudaneseonline.com/arabic/files/cover/green_khaliel_483586634.jpg

Request Chain 117

https://s-media-cache-ak0.pinimg.com/236x/a2/f4/4e/a2f44e7365732df1f106b588a019bbc3.jpg HTTP 301
https://i.pinimg.com/236x/a2/f4/4e/a2f44e7365732df1f106b588a019bbc3.jpg

Request Chain 118

https://s-media-cache-ak0.pinimg.com/736x/41/33/4f/41334f236622880aa58d85f9fba3155c.jpg HTTP 301
https://i.pinimg.com/736x/41/33/4f/41334f236622880aa58d85f9fba3155c.jpg

Request Chain 121

https://www.sudaneseonline.com/db/avatars/drawings_images__1__710491940.jpeg HTTP 301
https://sudaneseonline.com/db/avatars/drawings_images__1__710491940.jpeg

Request Chain 130

https://s-media-cache-ak0.pinimg.com/originals/97/b6/d0/97b6d0e6ea884632c0772aefbc4cd594.jpg HTTP 301
https://i.pinimg.com/originals/97/b6/d0/97b6d0e6ea884632c0772aefbc4cd594.jpg

Request Chain 133

https://www.sudaneseonline.com/files/daily-writer/siri_gadora_194927617.jpg HTTP 301
https://sudaneseonline.com/files/daily-writer/siri_gadora_194927617.jpg

Request Chain 136

https://www.sudaneseonline.com/files/daily-writer/Maher_Almaher________177842373.jpg HTTP 301
https://sudaneseonline.com/files/daily-writer/Maher_Almaher________177842373.jpg

Request Chain 137

https://s-media-cache-ak0.pinimg.com/originals/c4/fe/bb/c4febb7d361abfef7763ccb68406db37.jpg HTTP 301
https://i.pinimg.com/originals/c4/fe/bb/c4febb7d361abfef7763ccb68406db37.jpg

Request Chain 139

https://www.sudaneseonline.com/uploadpic15/Mar/tharwat.jpg HTTP 301
https://sudaneseonline.com/uploadpic15/Mar/tharwat.jpg

Request Chain 144

https://www.sudaneseonline.com/arabic/files/daily-writer/shawqi_badri_878170412.jpg HTTP 301
https://sudaneseonline.com/arabic/files/daily-writer/shawqi_badri_878170412.jpg

Request Chain 146

https://www.sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg HTTP 301
https://sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg

Request Chain 147

https://www.sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg HTTP 301
https://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg

Request Chain 151

https://www.sudaneseonline.com/uploadpic14/mar/idris1.jpg HTTP 301
https://sudaneseonline.com/uploadpic14/mar/idris1.jpg

Request Chain 153

https://www.sudaneseonline.com/files/daily-writer/Salim_Dekin_948126226.jpg HTTP 301
https://sudaneseonline.com/files/daily-writer/Salim_Dekin_948126226.jpg

Request Chain 210

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 213

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 214

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 235

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 237

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

255 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sudaneseonline.com/ 38 KB
9 KB 31ms
15ms Document
text/html 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ec8a8e48b21145b56b0420d53babc4c8175eca30b730a52486a308efd9854892

Request headers

:method: GET
:authority: sudaneseonline.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
content-type: text/html
set-cookie: __cfduid=dc32bb24341f83acf6795f6d846ce2ebc1617335937; expires=Sun, 02-May-21 03:58:57 GMT; path=/; domain=.sudaneseonline.com; HttpOnly; SameSite=Lax; Secure
cache-control: max-age=10800
expires: Thu, 01 Apr 2021 10:21:28 GMT
vary: Accept-Encoding
x-powered-by: PleskLin
cf-cache-status: HIT
age: 63450
cf-request-id: 09325502e800004ea30300f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BjI0zD8DyFDMx33wp5gbZ%2BYkAb5sBWMBEdAK6qep5WnS%2BHbzYzfAlToQPi%2Bdmqx8MF5Txu1pwqGuHSkGL1m4%2B7IkK%2B%2Buv33Osb%2BTM%2Bd9nxg%2BvbO2qmrK8z9LpugyxxU%3D"}]}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6397244b0e7f4ea3-FRA
content-encoding: br

GET
H2 200 5FC2zOw_W9_dNWqSVD1R6XReqLM.js Show response
sudaneseonline.com/cdn-cgi/apps/head/ 6 KB
2 KB 16ms
15ms Script
application/javascript 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cdn-cgi/apps/head/5FC2zOw_W9_dNWqSVD1R6XReqLM.js
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18a0f425e7929f0e35040c31fa34d0ac3584eea98b70d632a2da71554b827583

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3700900
content-type: application/javascript; charset=utf-8
x-amz-request-id: 773D4BCFD0755E03
x-amz-id-2: dKMr0kZqx4cqnUuWU+PCPp3CnIgoCfEB+3DPyoaFhJKp61YeELeV82zRIxJjTirdnbmfzwZpxLQ=
last-modified: Mon, 24 Jul 2017 16:32:06 GMT
server: cloudflare
etag: W/"71e55573d60eceb049b3e5b8113546ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C7b3dGsSzNe7e31IhkJ56GF%2FK%2F10p2crjCzoq%2FekBKPePFUvHTI%2BlWdfrlIN7F7UncsJvo3tLnklxJGJW%2Bx9bS9Gh4HcHbyYozWG6iv84S2gjREveMMhKmoGd70ZB0Y%3D"}]}
x-amz-version-id: sMxU3zQi_vRRZ5x5XHHTu9rDvofI_BJ0
cache-control: public, max-age=31536000
cf-request-id: 09325502fd00004ea304a96000000001
cf-ray: 6397244b2ea74ea3-FRA

GET
H2 200 rss2.css
sudaneseonline.com/ 1 KB
702 B 11ms
11ms Stylesheet
text/css 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/rss2.css?v=1.137
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 553184002d49f3197d581f56de0f8ab37d66f0ae73c3f3faa363ac26c56b02e0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 209718
x-powered-by: PleskLin
cf-request-id: 09325502fd00004ea3191ca000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BkEh8ADavoXCmF42JjiFUCOxeD7K32KIlYQTWxnlI9FED2tjb9Rj3p1fI%2Fs46ZVMx2DdutJH2VNMa0Q4NqBAd3XkhRzaJczGWUEN0E2FjNuYi8sZS2AkYoLs0BuD10o%3D"}]}
content-type: text/css
cache-control: public, max-age=604800
cf-polished: origSize=1392
cf-ray: 6397244b2ea84ea3-FRA
expires: Thu, 29 Apr 2021 17:43:39 GMT

GET
H2 200 youtube.png
sudaneseonline.com/files/social/ 1 KB
2 KB 11ms
10ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/youtube.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7717de7e2e218e956580963a667c5899e3ea5653cbc1569152330429f38542b5

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 31542
x-powered-by: PleskLin
content-disposition: inline; filename="youtube.webp"
content-length: 1122
cf-request-id: 093255030900004ea3d929d000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FfXnaLuzrPaOaMyBOvk6hdBvdclWURU9%2FROlEz%2BugKTzmhO7leFhq2REuZ7map53%2BK5yrelvqPJcWqyMdG2wzuZQZLnTj7FYl%2FS4leSaV1M4iNOVnQg0QLHwqlBKAqI%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=7708
accept-ranges: bytes
cf-ray: 6397244b4ebc4ea3-FRA
expires: Fri, 01 Apr 2022 19:13:14 GMT

GET
H2 200 icon_in.png
sudaneseonline.com/files/social/ 31 KB
31 KB 12ms
12ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/icon_in.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 72a492fc88306b58b590d47f55feb08b11119d149db001980f20ad10846b21a2

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 640609
x-powered-by: PleskLin
content-disposition: inline; filename="icon_in.webp"
content-length: 31788
cf-request-id: 093255030c00004ea32e3b7000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7ZkfjNDpfInEC4CdC9n5yOerfxgj%2FV0l7umbpemvRALSpKmy0M4WkMsN38%2BWY%2BGR9JY80qABLYhYi%2FcO6Qt3EAH49hRw2igPelCFpovFlq%2FcRaj3h92pVyASlR4uMRo%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=57664
accept-ranges: bytes
cf-ray: 6397244b4ec44ea3-FRA
expires: Fri, 25 Mar 2022 18:02:08 GMT

GET
H2 200 pin.png
sudaneseonline.com/files/social/ 526 B
893 B 29ms
26ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/pin.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 72fea3fe50ffbc7bbf4648547ccf1a38ed660ec9971829aae72147845f44f81a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 31921
x-powered-by: PleskLin
content-disposition: inline; filename="pin.webp"
content-length: 526
cf-request-id: 093255031300004ea3ee23f000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7pgvyhMcwF5j%2ByBdlvkAyKjLp8WgofOOs6cS26fJovcWqi0%2FrdgXT3nChcG2lKeBREUWCv0nx1adUb9AmhtWjSGze29MlYxRQcM9ASV8ON58W%2BiORWyNCcI%2BMobUb5k%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=7134
accept-ranges: bytes
cf-ray: 6397244b5ed34ea3-FRA
expires: Fri, 01 Apr 2022 19:06:56 GMT

GET
H2 200 sudanese.gif
sudaneseonline.com/images/ 7 KB
7 KB 13ms
11ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/sudanese.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 03652ccf25e11afea2e0d5e0a443cbe2b7a201a567d1f9e83d152921b80ebcbb

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2521633
x-powered-by: PleskLin
content-disposition: inline; filename="sudanese.webp"
content-length: 7086
cf-request-id: 093255031300004ea304a97000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SUYwDhRrMTzpHExEu6zeA%2BhVTieViZwbyfRDle54MhDQqVbQj0pHLuTqmBhvbB0HIqZ7DKCJincQK%2BbfcqHAOeuplp1htuZGnM9gp26V53fh8ogAKsaLyV1nP9I0Cic%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=9641
accept-ranges: bytes
cf-ray: 6397244b5ed44ea3-FRA
expires: Thu, 03 Mar 2022 23:31:44 GMT

GET
H2 200 asudanese.gif
sudaneseonline.com/images/ 6 KB
7 KB 15ms
12ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/asudanese.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 719a9c5b70a7847cc11a4cbec622308f61315c4e849d91e3f156fe5790487f76

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 643497
x-powered-by: PleskLin
content-disposition: inline; filename="asudanese.webp"
content-length: 6540
cf-request-id: 093255031400004ea309164000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XIe4nkBbJp6pWctZP9LRU3%2BTmAHlT7GdEujodsCNEet5SD2vptUBmqJLCcxuJBXalKfV4lMex6rcG7aFXIcj9yaJetcr4g7oRIZe5%2B0LRRcx3R0YRyMdVteHur1gvZk%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=8535
accept-ranges: bytes
cf-ray: 6397244b5ed64ea3-FRA
expires: Fri, 25 Mar 2022 17:14:00 GMT

GET
H2 200 linkedin.png
sudaneseonline.com/files/social/ 488 B
895 B 19ms
15ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/linkedin.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8dfce04e20664e11e151528f4f1ba4bb9e75f62c322c67964c70a1abde8db31b

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1107537
x-powered-by: PleskLin
content-disposition: inline; filename="linkedin.webp"
content-length: 488
cf-request-id: 093255031400004ea3fb205000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5uZlPHV%2BgHBAfAsrgf4LgjcCRqcHfi3m1DijgUB0NBKDxfUwIgUN3eg6DlFO%2BV6ZjKTzyHsxCLk6fvdVzWu04gT9XG3LW94zvvWffoO8dSrLoiJfSwFq8ok5WiATWRU%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=850
accept-ranges: bytes
cf-ray: 6397244b5ed74ea3-FRA
expires: Sun, 20 Mar 2022 08:20:00 GMT

GET
H2 200 chrome_twitter.png
sudaneseonline.com/files/social/ 392 B
806 B 16ms
13ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/chrome_twitter.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 547ac2b7bf734f40cc994c11bbe5643fb7ae0f86442b53694a73a2b7bc550b53

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 205541
x-powered-by: PleskLin
content-disposition: inline; filename="chrome_twitter.webp"
content-length: 392
cf-request-id: 093255031400004ea314804000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WdnvOIpJGs%2BOT2f1V8jp4e5A6nlkTiHhUNVkoE8m15dkyupseGo%2BsYGMclHzJWq4X5rg6%2Bqe88c0FUkC6%2FqDzQSEU4WOj6ukwfJs9Ck%2FFqX3StWE8z7d6TdSLC9V7Q4%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=6946
accept-ranges: bytes
cf-ray: 6397244b5ed84ea3-FRA
expires: Wed, 30 Mar 2022 18:53:16 GMT

GET
H2 200 facebook.png
sudaneseonline.com/files/social/ 612 B
1017 B 18ms
15ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/social/facebook.png
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 797c26f036647914a3edb42b47186fef5dea31a6d548fa4bf94917c7e17735a2

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 35833
x-powered-by: PleskLin
content-disposition: inline; filename="facebook.webp"
content-length: 612
cf-request-id: 093255031400004ea3411af000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g2A1k2LwrGsY0MMnCyyUk5o8Zc6HfMjyX5MW2piBxDk7wGSXmwiAZeGWoGik52Hoh%2BajZ6WZdg1BKczdxtkvuCD9bYToGcpXnvOzBOdjDv5gwFtUK1EixAQmAkakPVY%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=7013
accept-ranges: bytes
cf-ray: 6397244b5ed94ea3-FRA
expires: Fri, 01 Apr 2022 18:01:44 GMT

GET
H2 200 halibsudanese.jpg
sudaneseonline.com/db/avatars/ 2 KB
2 KB 15ms
12ms Image
image/jpeg 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/halibsudanese.jpg
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7be91ce97275c300ce632c8e46d84811da453937eb643aa48f63f723fef0153a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1250825
x-powered-by: PleskLin
content-length: 1761
cf-request-id: 093255031400004ea3d4b00000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x9bt6MMGt%2BYkqNscbhp1EDwMT5zvGlk1Yb3nOeJahc%2BEjTds1hs8c44Oz0SAGNeXve3NmBz6twXa9y4LjZGjX93gWuzQQfUAVrXA1k3ZFnm2LerzZyUt%2FhJUjzWtPKg%3D"}]}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 6397244b5edb4ea3-FRA
expires: Fri, 18 Mar 2022 16:31:52 GMT

GET
H2 404 dot.gif
sudaneseonline.com/ 3 KB
3 KB 277ms
274ms Image
text/html 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/dot.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ed7d72de81ce28a49509b04006c99759ce51715d83f38fac7f58ee59313d028a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 28 Nov 2013 07:11:13 GMT
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g9Pu%2FGtsUy2M7lIALxIBx%2BLQcQ%2B5o%2Bcp2RukfDtbXI0JfoA2pBynsAoNTBbnSbZxqsrC1E8EsZHT0YTz3O1d3bwExqKyLfMgdP7WA%2B4WBfBwBrCSjDqfjmAxFh5%2FrBM%3D"}]}
content-type: text/html
cache-control: max-age=172800
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 6397244b5ede4ea3-FRA
cf-request-id: 093255031500004ea31292f000000001

GET
H2 200 page_13.gif
sudaneseonline.com/images/ 200 B
571 B 14ms
12ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_13.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c10af103c2513beba5a7397f609106745382adea54bd90b818fa6f4fe8781026

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1107537
x-powered-by: PleskLin
content-disposition: inline; filename="page_13.webp"
content-length: 200
cf-request-id: 093255031500004ea3c584e000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qMCsVkibu1eTmRfgccEuVSDgtOzYVwYd8L0ZTD1a3k1TBjyNtyVHaiSpqkb2%2FEg8WLqpCvYgQNRVkAEbqv01tWItvvV%2Bq5NR%2B47E4wsSYEC7B6Xri1V%2B8qvNrun9%2BXE%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=222
accept-ranges: bytes
cf-ray: 6397244b5ee04ea3-FRA
expires: Sun, 20 Mar 2022 08:20:00 GMT

GET
H2 200 page_15.gif
sudaneseonline.com/images/ 126 B
647 B 18ms
16ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_15.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d15f56ad8410162f6486e3dddf17ace90b3b3dd10142d29a97d4f26a9b13f9b7

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1246944
x-powered-by: PleskLin
content-disposition: inline; filename="page_15.webp"
content-length: 126
cf-request-id: 093255031500004ea303011000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sWpA%2BxsH2UBwzE4%2Bejy1OGBSXMdYguHoMeAGG76r%2BfdipWltPOlIpPTlB2oz2X8qAG2dZUVmkH3IlZPiR7dhKnlPxoUx69QNlJsPlN2nmjkuUUff3IKlEfVXWjAM4%2FI%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=169
accept-ranges: bytes
cf-ray: 6397244b5ee14ea3-FRA
expires: Fri, 18 Mar 2022 17:36:33 GMT

GET
H2 200 page_17.gif
sudaneseonline.com/images/ 160 B
528 B 19ms
17ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_17.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b112d143d0b935fa4c67ee13a697324083dee7bb17b2ae39edee1753e7160db7

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 880052
x-powered-by: PleskLin
content-disposition: inline; filename="page_17.webp"
content-length: 160
cf-request-id: 093255031600004ea3191cc000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BXpbC4wFsbGqjF4xba0YactcDHPEOhd3WJKgIHYLo0%2BFM3aa%2B1eBUTydUjX4iLboCTNQ09jdvSy38PD7189GDFRkQ3G5a0sBSsq8GwocnVF05A%2B6uhvtc3HGZRAicQ8%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=189
accept-ranges: bytes
cf-ray: 6397244b5ee34ea3-FRA
expires: Tue, 22 Mar 2022 23:31:25 GMT

GET
H2 200 page_18.gif
sudaneseonline.com/images/ 894 B
1 KB 17ms
14ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_18.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1137d4c1e3478a9652bd6ca78e55ed48335bd330a209cd4ef45d1c54bf8d6c8d

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 645259
x-powered-by: PleskLin
content-disposition: inline; filename="page_18.webp"
content-length: 894
cf-request-id: 093255031600004ea3f239e000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WFGk3gpFfWMfTi%2BERsGXofIl1cApLfzejD%2BN27TPAxzy54MqfUNoUJGATBnLAoEH2R3r84Vg%2BHM0T2d0Z2tq7bewiCmTEZKH7Gq9v6ajY%2BarU9z5vJPuIw4lXc5%2BTRI%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=1388
accept-ranges: bytes
cf-ray: 6397244b5ee64ea3-FRA
expires: Fri, 25 Mar 2022 16:44:38 GMT

GET
H2 200 page_67.gif
sudaneseonline.com/images/ 133 B
499 B 18ms
16ms Image
image/gif 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_67.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: dbf89db2d125549c513937d10e3af603d5aee8ec51bd14c318322c1dc2b97195

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1250825
x-powered-by: PleskLin
content-length: 133
cf-request-id: 093255031700004ea336b03000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hrAkMoGN%2FSHfc84ueflgGLbbX5UsPu6MHVJxLusVEZh1CcU0aVL0vFA2zaDTgt8%2BmOv1NGBSUJGXdi3wVVGS143ijIkZC4MZvtwm8bW558sx1SLonGgYHMwz3sxOvi8%3D"}]}
content-type: image/gif
cache-control: public, max-age=2592000
cf-polished: origSize=141, status=webp_bigger
accept-ranges: bytes
cf-ray: 6397244b5ee84ea3-FRA
expires: Fri, 18 Mar 2022 16:31:52 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 35ms
10ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 093255032c0000d6f108bbc000000001
last-modified: Mon, 29 Mar 2021 13:37:44 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"6061d828-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2pY%2BZYYbHoV7yCRDvkCmS%2BA3dPlUCkVr6C532qRuv9kZKJ6Ox7DZGGXo9pwpCzUhnF67Xtp%2BTRM9Xv5rOiq6uaYoeUS5TrOFJsUrcJGomcLdxBx7C%2BWM%2FR5HF%2FDYCbxE"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6397244b7e5bd6f1-FRA
expires: Sun, 04 Apr 2021 03:58:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/cdn-cgi/apps/head/5FC2zOw_W9_dNWqSVD1R6XReqLM.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 6230
date: Fri, 02 Apr 2021 02:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Fri, 02 Apr 2021 04:15:07 GMT

GET
H2 200 page_11.gif
sudaneseonline.com/images/ 65 B
424 B 14ms
13ms Image
image/gif 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_11.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2d0ed65db95ee9a4db6cfc439c2cfd35b8562cd082357fd24bd4ee7e903768cc

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1811028
x-powered-by: PleskLin
content-length: 65
cf-request-id: 093255031700004ea3eb8a9000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NNlE%2FfliYZnFUHsEn%2FD7xRdcEf428wTdz9fCzyY4p8pkz%2BANjL1q9noqnMa0qu%2BATweHbOCKU6qbGbd%2BoziXsdR1iEAiDa45z7aTNZS9%2FT%2Bf9F7ssixVVGGl22w6DGc%3D"}]}
content-type: image/gif
cache-control: public, max-age=2592000
cf-polished: origSize=73, status=webp_bigger
accept-ranges: bytes
cf-ray: 6397244b5ee94ea3-FRA
expires: Sat, 12 Mar 2022 04:55:09 GMT

GET
H2 200 page_14.gif
sudaneseonline.com/images/ 112 B
634 B 13ms
13ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_14.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0ffb5e6a9625ae55529682bcb47bc148799f92f6c4b9aa7b959d0ecba3031b99

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 643986
x-powered-by: PleskLin
content-disposition: inline; filename="page_14.webp"
content-length: 112
cf-request-id: 093255031700004ea3d929e000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Jsvk6YeLWZRVsWjFVLpC9e7IIyScHaWn684Vq%2BMZ9QXbVgHUJuqAWJnCTj%2FlzWtJzPTgu26%2FXZeTMDHp1R4VT5Y1L1JqTtyyHJUKeCVukxJhFDNRQRPRuyckeOTXPKA%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=266
accept-ranges: bytes
cf-ray: 6397244b5eea4ea3-FRA
expires: Fri, 25 Mar 2022 17:05:51 GMT

GET
H2 200 page_16.gif
sudaneseonline.com/images/ 118 B
530 B 13ms
13ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_16.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: be3320dc4e3f9f68c6f001ac32d204b9d881de39e0895d6cfa094f2271b59b6a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 29453
x-powered-by: PleskLin
content-disposition: inline; filename="page_16.webp"
content-length: 118
cf-request-id: 093255031800004ea303012000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SNYd0P4Wx%2B%2BACuhXsYGFFLXMiC0zB2X8x%2ByiFV7wvJRH9zGT4k4IZ35O6SP9xQB6hpQbNQdykZGlLmA%2Fe4pKU9N5PQqQVRszbIH0NHDaIAfax1ei4FvO7zQwMx%2Fiq8c%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=318
accept-ranges: bytes
cf-ray: 6397244b5eed4ea3-FRA
expires: Fri, 01 Apr 2022 19:48:04 GMT

GET
H2 200 page_36.gif
sudaneseonline.com/images/ 43 B
415 B 15ms
14ms Image
image/gif 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_36.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 724e999373acde2068adc1a148b9fce57faed54dae3dd9edf30345c26bdeaaea

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1379695
x-powered-by: PleskLin
content-length: 43
cf-request-id: 093255031b00004ea33816a000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GyHM5lDFpmIHb1NQHkDWYh9WZWB7RPRyB983VlDmtO%2F8lgeRDg2ZcZjLjVAwPW3Ut5jKTPvGzEZAjMFEV0fEwPI%2BAZMANsCb%2B7Vjp8YinQs3SCKJyLmEk0%2BeJQ9mkdk%3D"}]}
content-type: image/gif
cache-control: public, max-age=2592000
cf-polished: origSize=51, status=webp_bigger
accept-ranges: bytes
cf-ray: 6397244b5ef44ea3-FRA
expires: Thu, 17 Mar 2022 04:44:02 GMT

GET
H2 200 page_65.gif
sudaneseonline.com/images/ 59 B
432 B 12ms
11ms Image
image/gif 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_65.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8568618df18202314a62419e94e30f4183c4878adb08066b1e76110173c16c1a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1107152
x-powered-by: PleskLin
content-length: 59
cf-request-id: 093255031c00004ea349bf1000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ucQMrksogH9VC0idZtBBc2z%2BXAIbBwtobd%2BEbzMTqRDWc%2FqsPP6059C0LK76QmMHLSTgyhWijfqAhIotEnFRNC4Go0ZanlWy8sUpmZ1921Ib%2F4SKm%2B5VXUY%2BfrYdOlY%3D"}]}
content-type: image/gif
cache-control: public, max-age=2592000
cf-polished: origSize=67, status=webp_bigger
accept-ranges: bytes
cf-ray: 6397244b5ef54ea3-FRA
expires: Sun, 20 Mar 2022 08:26:24 GMT

GET
H2 200 page_69.gif
sudaneseonline.com/images/ 52 B
556 B 12ms
12ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/images/page_69.gif
Requested by: Host: sudaneseonline.com
URL: https://sudaneseonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d8535f1b381398d4053486b50f3b99b5b283f65adc65ed66c52fb74ad44f47a3

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1107152
x-powered-by: PleskLin
content-disposition: inline; filename="page_69.webp"
content-length: 52
cf-request-id: 093255031c00004ea3063ee000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LNLlNrZ9d3NSSzKM5WYk2aQkaPFOwcW2fHONGDhouBa2TWLX75EOUv%2BHGtHwb6Jn2Vz%2FFy2uwHwy0IKpXUaScxY8MpVFonShKLvT9MyPZCBOtVGgHLlxRhVVdaTWTzA%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=gif, origSize=70
accept-ranges: bytes
cf-ray: 6397244b5ef74ea3-FRA
expires: Sun, 20 Mar 2022 08:26:24 GMT

GET
H2 200 urchin.js Show response
google-analytics.com/ 22 KB
7 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://google-analytics.com/urchin.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 06:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 77439
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6847
expires: Thu, 15 Apr 2021 06:28:18 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83c54916208ba4fec97b8c109dc1d26f5e2231ced12bee8032864c219b7d14e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47703
x-xss-protection: 0
server: cafe
etag: 6346030555081020592
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 03:58:57 GMT

GET
H/1.1 200
OK a Show response
xslt.alexa.com/site_stats/js/s/ 151 B
623 B 149ms
49ms Script
binary/octet-stream 65.9.98.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xslt.alexa.com/site_stats/js/s/a?url=sudaneseonline.com
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.98.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd19302865a315df9a57552a585191f452efcbed7b0ab6b6569f4bebb764366e

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Apr 2021 15:49:52 GMT
Via: 1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
Last-Modified: Fri, 27 Oct 2017 21:53:09 GMT
Server: AmazonS3
Age: 95214
ETag: "394d6f2c6c2041a2fbcdaad0e525aa7b"
X-Cache: Hit from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
X-Amz-Cf-Pop: PRG50-C1
Accept-Ranges: bytes
Content-Length: 151
X-Amz-Cf-Id: eE1p1esd6l6bNSDyUYsbk04_H-9DStKWaiZZ4FzLfHc47wDRlaue1g==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-115921305-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37a22473a96e2b728d75e3c6fd9a55becdfc77a1277e556644fe3c8e27ea4884

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39096
x-xss-protection: 0
last-modified: Fri, 02 Apr 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Apr 2021 03:58:57 GMT

GET
H2 200 jquery-1.8.3.js Show response
code.jquery.com/ 260 KB
77 KB 23ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.8.3.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 756d7dfac4a35bb57543f677283d6c682e8d704e5350884b27325badd2b3c4a7

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:57 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-40f49"
vary: Accept-Encoding
x-hw: 1617335937.dop142.fr8.t,1617335937.cds287.fr8.hn,1617335937.cds225.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 78927

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1163485917&t=pageview&_s=1&dl=https%3A%2F%2Fsudaneseonline.com%2F&ul=en-us&de=UTF-8&dt=%D8%B3%D9%88%D8%AF%D8%A7%D9%86%D9%8A%D8%B2%D8%A7%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86%3ASudanese%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1650178958&gjid=2142356144&cid=1199967708.1617335938&tid=UA-251719-1&_gid=1812004523.1617335938&_r=1&_slc=1&z=643874762

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:58:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sudaneseonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 17ms
16ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-251719-1&cid=1199967708.1617335938&jid=1650178958&gjid=2142356144&_gid=1812004523.1617335938&_u=IEBAAEAAAAAAAC~&z=607288179

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 02 Apr 2021 03:58:57 GMT
content-type: text/plain
access-control-allow-origin: https://sudaneseonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-251719-1&cid=1199967708.1617335938&jid=1650178958&_u=IEBAAEAAAAAAAC~&z=1161239869

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:58:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-251719-1&cid=1199967708.1617335938&jid=1650178958&_u=IEBAAEAAAAAAAC~&z=1161239869

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:58:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/ 225 KB
84 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862665169833586&plah=sudaneseonline.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee65ec4e6687e75cf0082dffb5a452a42d4353263efe439959072d89b7f437b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86022
x-xss-protection: 0
server: cafe
etag: 6413673484793450264
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 03:58:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210331/r20190131/ Frame 4765 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210331/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210331/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 01 Apr 2021 20:38:57 GMT
expires: Thu, 15 Apr 2021 20:38:57 GMT
content-type: text/html; charset=UTF-8
etag: 13254444762018554669
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4647
x-xss-protection: 0
age: 26401
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 3016
date: Fri, 02 Apr 2021 03:08:42 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 02 Apr 2021 05:08:42 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d28195e41be85d6a58735387a1a7cbec820bdf56ba8c3c74dfb71f5ae0abcfde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 5TbydfqpKv05yvOvWWFKnQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1778
x-fb-rlafr: 0
x-fb-debug: PQy4i5pwka50qZ1EYJexgoMNlTKowRx8+STugbdhopEw81FXHBOluj48YfN0txM/6cJ63kjDJ+zKpEyP3n6suQ==
x-fb-trip-id: 686109401
x-fb-content-md5: d13c55b1581eb20cc8c75e67ff03a7c6
x-frame-options: DENY
date: Fri, 02 Apr 2021 03:58:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "97fb534b0f7432cdbe5ba402d3cb5680"
timing-allow-origin: *
expires: Fri, 02 Apr 2021 04:17:22 GMT

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83c54916208ba4fec97b8c109dc1d26f5e2231ced12bee8032864c219b7d14e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47703
x-xss-protection: 0
server: cafe
etag: 6346030555081020592
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 03:58:58 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
47 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1163485917&t=pageview&_s=1&dl=https%3A%2F%2Fsudaneseonline.com%2F&ul=en-us&de=UTF-8&dt=%D8%B3%D9%88%D8%AF%D8%A7%D9%86%D9%8A%D8%B2%D8%A7%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86%3ASudanese%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUABAAAAAC~&jid=1970676212&gjid=2033152939&cid=1199967708.1617335938&tid=UA-115921305-1&_gid=1812004523.1617335938&_r=1&gtm=2ou3o0&z=1105992300

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:58:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sudaneseonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-115921305-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 6231
date: Fri, 02 Apr 2021 02:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Fri, 02 Apr 2021 04:15:07 GMT

GET
H2 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/sdb/ 16 KB
3 KB 353ms
352ms XHR
application/rss+xml 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=505
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b7424084886bf2e837f20e0f6073d9c6db5843da74555c06635c0cf1928d6e4d

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hU%2B7S4Z%2BwR3KJwJJM7%2FlLhgXekPsH6z84xWtirUC9pgXhgLPQb7tnCy2k0qHlp10FovEAMztJr7w%2FDJvuspuh%2BvLKWNdIy5OhLau50Nk8aMmXISf1lerR1MGdH9Hiuc%3D"}]}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
cf-ray: 6397244d69744ea3-FRA
cf-request-id: 093255046200004ea309177000000001
expires: Fri, 02 Apr 2021 03:58:59 GMT

GET
H2 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/sdb/ 25 KB
11 KB 321ms
320ms XHR
application/rss+xml 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=510
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: af52233ddb1c6b30807c0535345748f446ad7bb7d68879a1e36261d0c309269f

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uBigz0%2BJWIMdi2FhYmkoQCW9HTdv7AoHuTuIfaj%2F8CvOhdUmCsaQD7uWW4Aqli%2FzyxsiAySbAHMeV5k6TWEJihKM%2BFkZJVQZaWYA6TnOhLa7fguW%2Bvy8eH2f8qTlIYE%3D"}]}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
cf-ray: 6397244d69784ea3-FRA
cf-request-id: 093255046200004ea3e9173000000001
expires: Fri, 02 Apr 2021 03:58:59 GMT

GET
H2 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/esdb/ 13 KB
3 KB 332ms
332ms XHR
application/rss+xml 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=10
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 6a08d58a4c5ab0e488bfd9e35d0f88a70c7d6d0dd992c90c522ea0682dfa0e9f

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9Zs68Isbx6IDkq7kmsLuXOvfq8ggKTXX3oowT9e276vgDfKvpcgRVNmeXVMo8wqlQWwqnz%2BjpRYdLz%2B2YqfflS0QYrFawEGwE7oYWR4QifDgZnVbTeCqMiDmd88x8W4%3D"}]}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
cf-ray: 6397244d697a4ea3-FRA
cf-request-id: 093255046300004ea327335000000001
expires: Fri, 02 Apr 2021 03:58:59 GMT

GET
H2 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/sdb/ 16 KB
3 KB 339ms
338ms XHR
application/rss+xml 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=30
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 39e1eb70c16924f1b2f50527055bdabe1ba58f477d93697ad65fd02c1067bfbd

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hZotaMeYsUO0j6PiwlErFDpw6B%2B24E071ZX1m%2FjtTA0xPib9DMNS6bCqNNSGbCyt6Me0hZuN7mYxbVR2tb1cbbRU1gCXal%2B3KC65URCMK%2FTtR6W9tnuQbqIDXSpuPMs%3D"}]}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
cf-ray: 6397244d697c4ea3-FRA
cf-request-id: 093255046300004ea3ee252000000001
expires: Fri, 02 Apr 2021 03:58:59 GMT

GET
H2 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/esdb/ 13 KB
3 KB 352ms
352ms XHR
application/rss+xml 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=15
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 74d86cd524cb1da4d4ab46568f64f78c65f1e13fcc25c7789c9544d3c12476b2

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ELryRQehOfRYhSEWBeHJ0kICvWpO%2B8jz5Z74qEL2UxxMv6KyXw1XYE4RRg9T6sAZ6cf830g7L8Q1SdbLjvMHVEmz28Iv%2B%2F1SgPsA9gkNUybt8eQUl4lMW19qi7m7PH8%3D"}]}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
cf-ray: 6397244d697d4ea3-FRA
cf-request-id: 093255046300004ea3411bf000000001
expires: Fri, 02 Apr 2021 03:58:59 GMT

GET
H2 200 2bb.cgi Show response
sudaneseonline.com/cgi-bin/esdb/ 12 KB
3 KB 330ms
330ms XHR
application/rss+xml 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=12
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.8.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3ee8d8b06746f8b511aa0c99595d1d54dd92763e757de2f421c6d5b8d5d07551

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://sudaneseonline.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1QoTM6XUpopjWqHEVgKDFD%2Fm8l0bIM2fCL97PStplkiomDe0Zfg6AsFbl00NI2ZdepJEkN4B0Bo%2F%2BuzGk5fUn7vOhtKWWGmy7c12p4X70Np0knwLOW4Xz8ZEYwR1NXk%3D"}]}
content-type: text/xml; charset="utf8"
cache-control: max-age=1
cf-ray: 6397244d697f4ea3-FRA
cf-request-id: 093255046400004ea3ccb01000000001
expires: Fri, 02 Apr 2021 03:58:59 GMT

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/ 35 B
211 B 6ms
6ms Image
image/gif 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=1.4&utmn=113016707&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D8%B3%D9%88%D8%AF%D8%A7%D9%86%D9%8A%D8%B2%D8%A7%D9%88%D9%86%D9%84%D8%A7%D9%8A%D9%86%3ASudanese%20Online&utmhn=sudaneseonline.com&utmhid=1163485917&utmr=-&utmp=/&utmac=UA-251719-1&utmcc=__utma%3D24067384.113016707.1617335938.1617335938.1617335938.1%3B%2B__utmz%3D24067384.1617335938.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 06:11:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78428
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 192 KB
58 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=8a79d988db72be37a9ee6ed8eb04ad6f&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90c82c9e14ac451c5d11c37c2cb997e262dde4b520a8065a2ec95670c0ec39fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://sudaneseonline.com
Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: W4Ha7iek/gz3hZek9GM0qg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 58850
x-fb-rlafr: 0
x-fb-debug: YK/ScfH/n+zS/mKbal55DoqD049VUZYEKJmuBK364qQqm37V3TR49Mo9lFgFUZWtQWYcEGqgQpUXLBsbtuOROw==
x-fb-trip-id: 2052514463
x-fb-content-md5: 41252b1a8cf459395862521375b21e00
x-frame-options: DENY
date: Fri, 02 Apr 2021 03:58:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d90fc1c7d7b211e049e32bba6396a8da"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Apr 2022 02:16:00 GMT

GET
H3-Q050

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1289399876&utmhn=sudaneseonline.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-251719-1&cid=113016707.1617335938&jid=57625809&_v=5.7.2&z=1289399876
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=113016707.1617335938&jid=57625809&_v=5.7.2&z=1289399876
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=113016707.1617335938&jid=57625809&_v=5.7.2&z=1289399876&slf_rd=1&random=831048810

42 B
88 B

17ms
16ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=113016707.1617335938&jid=57625809&_v=5.7.2&z=1289399876&slf_rd=1&random=831048810

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:58:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:58:58 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-251719-1&cid=113016707.1617335938&jid=57625809&_v=5.7.2&z=1289399876&slf_rd=1&random=831048810
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
266 B 38ms
37ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sudaneseonline.com&callback=_gfp_s_&client=ca-pub-9862665169833586

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9862665169833586&plah=sudaneseonline.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

4acb96597935ff9c2d4e6cc88b0c2c7aaee3eceb17530e5df20810a5748f05fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sudaneseonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sudaneseonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8DC3 54 B
213 B 102ms
102ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&adk=1812271804&adf=3025194257&lmt=1617335938&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsudaneseonline.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617335938098&bpp=9&bdt=315&idt=88&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3040851601086&frm=20&pv=2&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&adk=1812271804&adf=3025194257&lmt=1617335938&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsudaneseonline.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617335938098&bpp=9&bdt=315&idt=88&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3040851601086&frm=20&pv=2&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 03:58:58 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Apr-2021 04:13:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:58:58 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 24ms
23ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210331&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44ee71e696fe091e38c4aa03f322759838e37aad33d2e56b9a48da1dbc32c8ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6687
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

234e58e81d77759daf07d771662c4e4b7711301f3a867a8bbf78651dfc13c2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218226621639"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:58:58 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 398D 56 KB
22 KB 195ms
194ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1617335938&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938113&bpp=3&bdt=330&idt=94&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JkgphflQZO&p=https%3A//sudaneseonline.com&dtd=99

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1da1d8959dd50050e604da05fb2b7d0cfe192858da48d19350df6723a9164e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1617335938&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938113&bpp=3&bdt=330&idt=94&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JkgphflQZO&p=https%3A//sudaneseonline.com&dtd=99
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 03:58:58 GMT
server: cafe
content-length: 22280
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Apr-2021 04:13:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:58:58 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F20A 99 KB
32 KB 232ms
231ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938116&bpp=1&bdt=333&idt=105&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sXL8UIMnJk&p=https%3A//sudaneseonline.com&dtd=111

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dace0b688fb7896ea7323dd0aca11fa1f8bb943d100c40ab6d0a3b53860f85d5

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK6v0_DV3u8CFcXTEQgdSRcIrg&gqi=gpZmYNW8DqzE7_UP6OOl4Ak&layout=/sadbundle/%24csp%253Der3%24/1693763440430468214/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938116&bpp=1&bdt=333&idt=105&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sXL8UIMnJk&p=https%3A//sudaneseonline.com&dtd=111
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK6v0_DV3u8CFcXTEQgdSRcIrg&gqi=gpZmYNW8DqzE7_UP6OOl4Ak&layout=/sadbundle/%24csp%253Der3%24/1693763440430468214/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 03:58:58 GMT
server: cafe
content-length: 32459
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Apr-2021 04:13:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:58:58 GMT
cache-control: private

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 25ms
25ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=653080081416030&input_token&origin=1&redirect_uri=https%3A%2F%2Fsudaneseonline.com%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=8a79d988db72be37a9ee6ed8eb04ad6f&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: rwEHsIE3icIEYkMzlsNBBjRH/m+EUI1wdMioLNI9msORamek9PUaXQC8VGbHERkNpyf9ieBgBo61TkYKa2l3Zw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 02 Apr 2021 03:58:58 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sudaneseonline.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A17C 48 KB
19 KB 226ms
226ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1617335938&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938117&bpp=1&bdt=334&idt=119&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9mxMa4oAvZ&p=https%3A//sudaneseonline.com&dtd=123

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4521c92c55fede90957d350c354bdbb5b8368f5e578f0f71c19346775a177b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1617335938&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938117&bpp=1&bdt=334&idt=119&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9mxMa4oAvZ&p=https%3A//sudaneseonline.com&dtd=123
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 03:58:58 GMT
server: cafe
content-length: 19838
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Apr-2021 04:13:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:58:58 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:58:58 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AFE2 84 KB
31 KB 332ms
332ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=130&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ry2gytiTGQ&p=https%3A//sudaneseonline.com&dtd=134

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2153367e1a045b1440397ee6fcb878464109f565b258f1b17f4d7a4b9da7c19

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK331PDV3u8CFamX3godvygGBw&gqi=gpZmYL39D8zI7_UPxb2_sAM&layout=/sadbundle/%24csp%253Der3%24/4289431202364580801/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=130&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ry2gytiTGQ&p=https%3A//sudaneseonline.com&dtd=134
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK331PDV3u8CFamX3godvygGBw&gqi=gpZmYL39D8zI7_UPxb2_sAM&layout=/sadbundle/%24csp%253Der3%24/4289431202364580801/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 03:58:58 GMT
server: cafe
content-length: 31024
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Apr-2021 04:13:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:58:58 GMT
cache-control: private

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
146 B 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sudaneseonline.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
146 B 14ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sudaneseonline.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6CDE 55 KB
22 KB 377ms
376ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=162&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kPdwBrooGd&p=https%3A//sudaneseonline.com&dtd=165

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87867666f991ec72bfa960e68b44e88854c8e671fe757e90cabe0acf682c7881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=162&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kPdwBrooGd&p=https%3A//sudaneseonline.com&dtd=165
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 03:58:58 GMT
server: cafe
content-length: 21818
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Apr-2021 04:13:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:58:58 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D036 56 KB
22 KB 430ms
430ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938125&bpp=1&bdt=342&idt=164&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ICg3oZKcQa&p=https%3A//sudaneseonline.com&dtd=166

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42a44a6d6f4dcdee54f60924136722bcf67590d288cd2a6b1cbb3b49d5828a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938125&bpp=1&bdt=342&idt=164&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ICg3oZKcQa&p=https%3A//sudaneseonline.com&dtd=166
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 03:58:58 GMT
server: cafe
content-length: 22135
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Apr-2021 04:13:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:58:58 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6050 399 B
227 B 61ms
61ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=600&slotname=0328297630&adk=2265731008&adf=2802248822&pi=t.ma~as.0328297630&w=120&lmt=1617335938&psa=0&format=120x600&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938126&bpp=1&bdt=343&idt=171&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280%2C135x700&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=801&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Tch5lUAUb3&p=https%3A//sudaneseonline.com&dtd=173

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87e4d94cc59e66cb725495384dea4b5321187489ff33a0fcb8397c2bdc54f85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9862665169833586&output=html&h=600&slotname=0328297630&adk=2265731008&adf=2802248822&pi=t.ma~as.0328297630&w=120&lmt=1617335938&psa=0&format=120x600&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938126&bpp=1&bdt=343&idt=171&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280%2C135x700&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=801&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&fsb=1&xpc=Tch5lUAUb3&p=https%3A//sudaneseonline.com&dtd=173
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 03:58:58 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Apr-2021 04:13:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:58:58 GMT
cache-control: private

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 435E 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sudaneseonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sudaneseonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 01 Apr 2021 19:31:34 GMT
expires: Fri, 01 Apr 2022 19:31:34 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 30444
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 435E 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 10691
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 02 Apr 2022 01:00:47 GMT

GET
H3-Q050 200 8631317333572956756
tpc.googlesyndication.com/simgad/ Frame 398D 35 KB
35 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8631317333572956756?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlIK_nHU9CYiR3mR_Dy1NUmWe7hXQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1617335938&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938113&bpp=3&bdt=330&idt=94&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JkgphflQZO&p=https%3A//sudaneseonline.com&dtd=99

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a13b011e9cf328be85aed4cbc490581f7d184c7b990db5cd5cba2f00475f347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 10:44:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 09:43:11 GMT
server: sffe
age: 62074
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35754
x-xss-protection: 0
expires: Fri, 01 Apr 2022 10:44:24 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/ Frame 398D 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 8094203328658613728
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:43:05 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 398D 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:53:48 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 398D 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:58:58 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 398D 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:36:34 GMT

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 398D 25 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f08484455172d31ef5c551a8228f73cd46f334707d09677aa3e53d73483a8c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 20:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10479
x-xss-protection: 0
server: cafe
etag: 5380568613746674957
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 20:00:57 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 398D 0
0 20ms
19ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKhpLgpZmYJLzDZKvx_AP5r6vsAbQ8d7nYfCY1NacDbCQHxABIIqBwANglQKgAbn6vuQCyAECqQLx9Vf5JsOzPqgDAcgDyQSqBOgBT9AEyDOK34TUj6qkryyXnAFJrjtJpsCv4mZT-m0WiTDM_KcuvlW_2uOViaRftdnEccU3pJwMg8qWiTGQIwX7h_8QScJ3Q0-RThdJSR5Niwl4TE-J-Dkf1Q2b-VsBL-J6J1IhpGXlFPXRO2jd1HMJO57KnTioMD2lf0gwRDVXg7B7DOsD_P_Xk7tuEC_s43cdt6K9s0aRW7GhMRLaLlwGPLtP-pXHYzuYhaTr4ed6cbmt_MSAOG9u_tAW79AEmDCaG0j7YALwSdGT0qsgMnnoAyMZhBeVyUluP1WoCIhutZQ56266mxkznsAE_MjH2r4DoAYCgAevhcGbAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBD3nAHSCAkIgOGAEBABGB-ACgHICwHYEwOyFxoKGAgAEhRwdWItOTg2MjY2NTE2OTgzMzU4Ng&sigh=SH7_yztFm7o&tpd=AGWhJmup_5091KydSdFrXnRTn7e5lanDZa3MY1nQurfN2HWivQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1617335938&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938113&bpp=3&bdt=330&idt=94&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JkgphflQZO&p=https%3A//sudaneseonline.com&dtd=99
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 02 Apr 2021 03:58:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:58:58 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1264 143 B
220 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1617335938&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938113&bpp=3&bdt=330&idt=94&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JkgphflQZO&p=https%3A//sudaneseonline.com&dtd=99
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1617335938&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938113&bpp=3&bdt=330&idt=94&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JkgphflQZO&p=https%3A//sudaneseonline.com&dtd=99

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 02 Apr 2021 03:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2138
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 16ms
14ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210331&jk=2927676000470857&bg=!LS6lLmrNAAY56aLOOek7ACkAdvg8WlpkLoCxgz5pZt6hd5LaABFyWLtuzcleL0khBE0SsXchjcYtygIAAABKUgAAABJoAQcKANoIxATgLL2kBepqDL3J65KB2Kp1Lg6yW8dw8GEszEQwix86oWSNxUPplOAQkTfmarsA3V_FfFJbOBaewzRgRhJJNF4TFWYbhJaaP7CyBMXJ0aURGjNNW6Y3aGIgvDPWmUcYoH4yLscct9bjE0vVmhtypv2xfehs4Cv7rP3-yZcwRrw9stpMFDvX2JWR09eRvBm8h7duYKtPkvaIo3Eo_JDHU9po1ekxVa_UPhaTHcdu85vmljy8Uag5uECr3lW84GIehIjLGy2TuaDUBNlFVolPxM-0KeBw9cViS5kB7BTIC-Jw0zbJgaP1kbjutgw4jseddYx-xC4xMxPgeiK-yOv00VzyxjIKV5oyU1CxYot_q7vXGtI49bkApTH1JQerVi-TQmj0ZwCVk7G9RAXHyIRMbruVhjKsS-tLN4RGbl_uucYPGGcnwXNxf6IArnSwK0F1otMv6orulx7ubyiToFTIC5srLMBVNBkv6OXAigbpjlYJx6jR-63CkCTvV2hv6uE-BVZJmj0-lfT5uKJfGSLlLKabFtG3GAn6EyT3OnhyEhvszXIlt7lQJZVPfhq29bu70BmFbrVmbhV1URSIl9Fe2gxmNVPykNTpDKpeH7QALiSKKM39ibd0cPQrw5f-x9Rrwx0uN4I1gCbj7p4dipveER-kErBaqrbIBNjw5rnBB28omqiiQhXosnvSViXCqBb4lwF39YAAoXz0CsO_ZYrWqfBgxTRQ6IaN8QuqLn0gge3ULLLwbFLMyUnzC4L_CoA_OuMEqmhwmnEFz7iaNlEoBR0wf8C0AIeb-amUl_XuANjLgJT-1IS2Qluc2wMqGN_zM4irty4Hjp1s7zm0np7CKsUdXmIjlBd9ADvdSrF0nsVL07MJHEkmmGKS5Qo4xVOV3LiAKzbIZswR5r5P80b8nKrU---EGEP7_wZvUsu9oomiXEK3mztAmA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:58:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1264
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

14ms
13ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmjJp0P6RwSFO832RdFr6l62xfJpaV5iB2T93izfobt0aeUBLqtuBbbjZvD9rI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Apr 2021 03:58:58 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 02-Apr-2021 04:58:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:58:58 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Apr 2021 03:58:58 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 398D 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14853238491d117e296eb02408cfa5fdb8c28a055c0901266a1be85a6edfbe97

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 113148755.jpg
www13.0zz0.com/2021/03/18/20/ 67 KB
68 KB 43ms
17ms Image
image/jpeg 2606:4700:3036::6815:1d27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www13.0zz0.com/2021/03/18/20/113148755.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:1d27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

937750ffdd41b5079218f0c49ea4c86157c646130ca635c067d245800194dc04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1561
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 69088
cf-request-id: 09325505d700004e8b5332c000000001
last-modified: Thu, 18 Mar 2021 17:26:33 GMT
server: cloudflare
etag: "10de0-5bdd2e698ff51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6du4W2qyV%2Bh3lRhDC%2BEUMa%2BvFlVYUVBsNdxoGfP2422mnmoE3dLBYy5BcLcjYGD3JsiVE3MYYckISpnw%2FzRNUx68Gs9VJ2YnuWizE9rjA%2BtoSlWXIhTvCQxJ5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6397244fba344e8b-FRA

GET
H2 200 Candacy1.jpg
i.postimg.cc/G22mXthT/ 81 KB
81 KB 350ms
41ms Image
image/jpeg 5.135.83.165
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/G22mXthT/Candacy1.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.83.165 , France, ASN16276 (OVH, FR),
Reverse DNS: i.postimg.cc
Software: nginx /
Resource Hash: fb066449432103954937cfee8ad798a7b096d0805dcd3fce09f6204f401bd245

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
last-modified: Sun, 26 Jul 2020 02:50:00 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 82784
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 qrcode-sudan-org.png
i.ibb.co/Yp86Zmx/ 9 KB
10 KB 139ms
39ms Image
image/png 146.59.152.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/Yp86Zmx/qrcode-sudan-org.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.59.152.166 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: c0621f56e27eaeb8da58aa598039a2c9adff987b864eb21745b3f7143b883a5c

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
last-modified: Wed, 17 Mar 2021 13:06:34 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 9572
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

adamb_cowboy1.JPG
sudaneseonline.com/uploadpic14/mar/
Redirect Chain

https://www.sudaneseonline.com/uploadpic14/mar/adamb_cowboy1.JPG
https://sudaneseonline.com/uploadpic14/mar/adamb_cowboy1.JPG

14 KB
14 KB

12ms
12ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic14/mar/adamb_cowboy1.JPG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4240475704d5c6560364fd97b581ab0a38024b705ec7c4e41e100c4ed8f97792

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1544276
x-powered-by: PleskLin
content-disposition: inline; filename="adamb_cowboy1.webp"
content-length: 13864
cf-request-id: 093255076800004ea3f0a1a000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E1C6omMWoVKX4Pc7ubxQEdsqz3jVtRLArm8ZmQeocxp2Ul%2BO673RMvFNHYYQieoHJKkOOb17ZuaxT%2BvIvhr45edi3GGSuBDM7pG4ejOuR95eSHB%2FyXZnhFA7SxSPtjI%3D"}]}
content-type: image/webp
cache-control: max-age=31536000
cf-polished: qual=85, origFmt=jpeg, origSize=25185
accept-ranges: bytes
cf-ray: 639724523fc44ea3-FRA
expires: Tue, 15 Mar 2022 07:01:02 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g%2FtfVHi5iL3bQAYxyiP2rwWdXi86I0Di2SlyAV52BviJANs%2FWKudkKaHzIE88eyqHOrxRndBdqg2GMFlVCDgG6MXvO9tJVcypQkFA8b%2Bf2anvqZgzuO6VSxvdB0Es6%2FFuoOR"}]}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic14/mar/adamb_cowboy1.JPG
cache-control: max-age=172800
cf-ray: 6397244fac794ea3-FRA
cf-request-id: 09325505c700004ea3ee264000000001

GET
H/1.1 200
OK PHOTO-2021-03-04-06-32-26.jpg.ca3faa1409091633d16b16da777e83a3.jpg
www.sudanesesongs.net/uploads/monthly_2021_03/ 69 KB
69 KB 763ms
164ms Image
image/jpeg 66.7.219.146
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sudanesesongs.net/uploads/monthly_2021_03/PHOTO-2021-03-04-06-32-26.jpg.ca3faa1409091633d16b16da777e83a3.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.7.219.146 Portland, United States, ASN33182 (DIMENOC, US),
Reverse DNS: server2.sudanesesongs.net
Software: Apache /
Resource Hash: fedf6c31f0488f1fb72d46208830a8e4a92f0c519e0cbd92e9ac20a1f8619e5a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 03:58:59 GMT
Last-Modified: Thu, 04 Mar 2021 13:06:10 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 70930
Content-Type: image/jpeg

GET
H2 200 9b3062b9699184d695f2e61d137a4e60.jpg
i.pinimg.com/originals/9b/30/62/ 107 KB
107 KB 46ms
22ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/9b/30/62/9b3062b9699184d695f2e61d137a4e60.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 32fa7e85ea88adbee3751fc1578bf4a4a7d2e77983e95ab49468552d97ffa79b

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "65e7aaa52a8e8036f8d39f8f151b8d8b"
content-length: 109131
vary: Origin
content-type: image/jpeg

GET
H2 200 p_1824g8oaq1.jpg
d.top4top.io/ 41 KB
41 KB 162ms
62ms Image
image/jpeg 51.158.146.105
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.top4top.io/p_1824g8oaq1.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.158.146.105 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-158-146-105.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 4838de5492f836d9565c73beeecad18332c0fd02fca68348eaff0b366793f565

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-file-id: x36086211x
date: Fri, 02 Apr 2021 03:58:58 GMT
last-modified: Tue, 29 Dec 2020 08:22:17 GMT
server: nginx
etag: "5feae739-a21f"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="AdelAbbas001.jpg"
accept-ranges: bytes
content-length: 41503
expires: Fri, 02 Apr 2021 05:58:58 GMT

GET
H2

200

sudansudansudansudansudansudansudan29.jpg
sudaneseonline.com/uploadpic/jan09upload/
Redirect Chain

https://www.sudaneseonline.com/uploadpic/jan09upload/sudansudansudansudansudansudansudan29.jpg
https://sudaneseonline.com/uploadpic/jan09upload/sudansudansudansudansudansudansudan29.jpg

5 KB
6 KB

15ms
15ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic/jan09upload/sudansudansudansudansudansudansudan29.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1c96124814e935910ba08bae08c20f8ffe66d0653f82935908732b390ecb229d

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 574696
x-powered-by: PleskLin
content-disposition: inline; filename="sudansudansudansudansudansudansudan29.webp"
content-length: 5166
cf-request-id: 093255076300004ea3c6b17000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=73OtyVR3y2hM1I27mDMVoA0f8PBZ%2BcRLugccHTSYF7okRdwIZ2jHcFZGymlr9PXXw%2BPp1ABuBXOScGpXLH6j19qK4FevnC9YjpPvmHwiZ6VGSbGR4jsXpkjigHs%2FD3w%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=43099
accept-ranges: bytes
cf-ray: 639724523fb94ea3-FRA
expires: Sat, 26 Mar 2022 12:20:42 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3w4v5BPTKq%2B5FdY1SMcH54MZ2z5Filzd83BUqbw6vHzM5VhB19ZycDx2AknxxWL93I69wZuc9H2Tobz0zYYiF6oUjszpulammw%2B5kf75yJcuA6i83LDYpKYZAcxHudrosJVk"}]}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic/jan09upload/sudansudansudansudansudansudansudan29.jpg
cache-control: max-age=172800
cf-ray: 6397244fac774ea3-FRA
cf-request-id: 09325505c700004ea33b8fc000000001

GET
H2 200 2606-1.jpg
a7sas.net/wp-content/uploads/2019/10/ 48 KB
48 KB 53ms
14ms Image
image/jpeg 2606:4700:3036::ac43:df38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a7sas.net/wp-content/uploads/2019/10/2606-1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:df38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d7af17d4ab24aeb00ee93394751160a184406d1f24800c5989d2696d2b25ef4

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1186913
x-rocket-nginx-serving-static: No
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48794
cf-request-id: 09325505e4000005d4e2974000000001
last-modified: Sun, 20 Oct 2019 16:31:24 GMT
server: cloudflare
etag: "5dac8bdc-be9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cKsPvBrxWbXWbh14dMbESRjuNo3q0wH9c3fhAmFbtKGk23rWJyr4Vf96irD623LglLiWCFXnLxRBkarb44cYB1Dy5zzXu8Lek7v1ZFU9J5IpWjGA12g%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6397244fdea805d4-FRA
expires: Sun, 18 Apr 2021 10:17:05 GMT

GET
H2 200 bed6160ae23a3ef2cb565742c1f7404b.jpg
i.pinimg.com/originals/be/d6/16/ 51 KB
52 KB 637ms
613ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/be/d6/16/bed6160ae23a3ef2cb565742c1f7404b.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0b83a35c88034d12ffbc9bf20014d8094e15062b3975bec6967a161e1663667e

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "09f243801d5dd93cb922dd4cb78f56cc"
content-length: 52590
vary: Origin
content-type: image/jpeg

GET
H2 200 p_1917011rf1.jpeg
g.top4top.io/ 85 KB
86 KB 191ms
123ms Image
image/jpeg 163.172.24.234
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.top4top.io/p_1917011rf1.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.24.234 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-24-234.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 813ceb154a85f0bf408d7b973afdb38aa63d31fb8526518db74bd00ed5f5d082

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-file-id: x37714854x
date: Fri, 02 Apr 2021 03:58:58 GMT
last-modified: Thu, 01 Apr 2021 11:42:52 GMT
server: nginx
etag: "6065b1bc-155d0"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="WhatsApp%20Image%202021-03-16%20at%2011.08.23%20AM%20(3).jpeg"
accept-ranges: bytes
content-length: 87504
expires: Fri, 02 Apr 2021 05:58:58 GMT

GET
H2 200 00000asudaneseonline.jpg
sudaneseonline.com/db/avatars/ 13 KB
13 KB 13ms
11ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/00000asudaneseonline.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 372d04f407947fdd808207dde54cf389d2535f566ea1b0cbd6dea35faf41e80c

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 643670
x-powered-by: PleskLin
content-disposition: inline; filename="00000asudaneseonline.webp"
content-length: 12846
cf-request-id: 09325505bf00004ea3c93d7000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KLJb2Huh9c%2BrDHyTgIX0foCqemmFwmgMGoOgCSpCDs92Ymi9zRjoJjmA1KVF4vPhP5bsgto7VvCQ4fD0j9E%2Fn%2F9Vtd3f6xIsqPkzSC0JpImKipODE5dMPhjvpFZW3e4%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=48686
accept-ranges: bytes
cf-ray: 6397244f9c654ea3-FRA
expires: Fri, 25 Mar 2022 17:11:08 GMT

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6a0c91b4419ed4eb2ae73f0bca9e09c5826f122f9fdd4e9f9ff6e28f20c528c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2

200

p_514yotp41.jpg
i.top4top.io/
Redirect Chain

https://c.top4top.net/p_514yotp41.jpg
https://c.top4top.io/p_514yotp41.jpg
https://i.top4top.io/p_514yotp41.jpg

9 KB
10 KB

197ms
122ms

Image
image/jpeg

163.172.59.20
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.top4top.io/p_514yotp41.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.59.20 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-59-20.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 888b943c86fc505ab43c86b15d0d4e42256b28b4d76b2304498c921375d4f2fa

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-file-id: x17658824x
date: Fri, 02 Apr 2021 03:58:58 GMT
last-modified: Tue, 30 May 2017 01:52:34 GMT
server: nginx
etag: "592cd062-252e"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="%D9%86%D8%AC%D9%8A%D9%85.jpg"
accept-ranges: bytes
content-length: 9518
expires: Fri, 02 Apr 2021 05:58:58 GMT

Redirect headers

location: https://i.top4top.io/p_514yotp41.jpg
date: Fri, 02 Apr 2021 03:58:58 GMT
server: nginx
content-length: 58
vary: Accept
content-type: text/plain; charset=utf-8

GET
H2

200

1459671_10152082883814328_1950176262_n.jpg
sudaneseonline.com/uploadpic14/nov/
Redirect Chain

https://www.sudaneseonline.com/uploadpic14/nov/1459671_10152082883814328_1950176262_n.jpg
https://sudaneseonline.com/uploadpic14/nov/1459671_10152082883814328_1950176262_n.jpg

62 KB
63 KB

13ms
12ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic14/nov/1459671_10152082883814328_1950176262_n.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b08da24a924529caa8e505459e52adc5602291ae750ce2cacbe91928c312b35a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 169514
x-powered-by: PleskLin
content-disposition: inline; filename="1459671_10152082883814328_1950176262_n.webp"
content-length: 63760
cf-request-id: 093255063800004ea31482f000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S4wXB37Ge0niGLZtuhEg30%2FTbXMhtnd6zrJmKWH5xCw%2FiR8YgKDmMWr%2B%2F7maguHOF0NZQBXsKbuNzwIp7DotXX8Vcx6nKTbPmNw%2BHhPYVKSD8nY3EkypYBTbW9xzhxw%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=76191
accept-ranges: bytes
cf-ray: 639724505d6e4ea3-FRA
expires: Thu, 31 Mar 2022 04:53:44 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 437
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QACf0WmyX3ZHXWwq3rRwyOQJUqyxAIT6mZeG2ndz7ix2q%2BZPvaJh01ye%2BiiR48MBGD0zy4n9YJuL9oCBetOl4MRypxrr%2FHTAcwPa9kn19CIQ5n5XRKBUROBe5t%2BSXqdLWb4S"}]}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic14/nov/1459671_10152082883814328_1950176262_n.jpg
cache-control: max-age=172800
cf-ray: 6397244ffcfb4ea3-FRA
cf-request-id: 09325505f800004ea30918d000000001

GET
H2 200 d38af4a1fa19289e76462fe3bd5a1a6f.jpg
i.pinimg.com/564x/d3/8a/f4/ 28 KB
29 KB 14ms
11ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/564x/d3/8a/f4/d38af4a1fa19289e76462fe3bd5a1a6f.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c02ddc028251ce8b5aaf959bc6e90d6944467212439f5bf283dbbd99292c815f

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "96c05b4c1c11aa1721f7c84f3c2a267d"
content-length: 29038
vary: Origin
content-type: image/jpeg

GET
H2

200

00000asudaneseonline.jpg
sudaneseonline.com/db/avatars/
Redirect Chain

https://www.sudaneseonline.com/db/avatars/00000asudaneseonline.jpg
https://sudaneseonline.com/db/avatars/00000asudaneseonline.jpg

13 KB
13 KB

11ms
11ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/00000asudaneseonline.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 372d04f407947fdd808207dde54cf389d2535f566ea1b0cbd6dea35faf41e80c

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 643670
x-powered-by: PleskLin
content-disposition: inline; filename="00000asudaneseonline.webp"
content-length: 12846
cf-request-id: 093255076a00004ea303049000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=twd1%2Bf1kvusbs9uqAXI2hUwhdLBgc8nGynOhqGKBlcuEfhkHlJgqIBntDYEAKsKZofPai6L3DxBadaNd6fsRRDFC%2FYtPg6Y1Rz9kyWemEDFIdOIwafbGVdq971oivO4%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=48686
accept-ranges: bytes
cf-ray: 639724524fcb4ea3-FRA
expires: Fri, 25 Mar 2022 17:11:08 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LDpiDupKCkhjO3GTtVBo6AP%2FcQI3UNc7yZTUlIsUZGlkLMO%2FuAmCk%2Byb7u21rCm14r8oq05WMr3A2Cx%2BsTm6U9%2FQd9hOiMZhKrr1nvD2FB%2Bydu2TAbbZSj%2FhTBbcTGspUIh8"}]}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/db/avatars/00000asudaneseonline.jpg
cache-control: max-age=172800
cf-ray: 6397244fecdb4ea3-FRA
cf-request-id: 09325505ef00004ea3e226a000000001

GET
H2

200

Darfur_Destroyed.jpg
1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/
Redirect Chain

https://bp1.blogger.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg
https://1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg

22 KB
22 KB

22ms
18ms

Image
image/jpeg

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d470ab3f2efb2271564c86298b3139480369a7d8b85cc117631ae5714605d93a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 02:25:54 GMT
x-content-type-options: nosniff
age: 5584
content-disposition: inline;filename="Darfur_Destroyed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22596
x-xss-protection: 0
server: fife
etag: "v45"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 02 Apr 2021 09:39:24 GMT

Redirect headers

date: Thu, 01 Apr 2021 21:59:52 GMT
x-content-type-options: nosniff
server: fife
age: 21546
location: https://1.bp.blogspot.com/_xBqFVB89wQ4/SDHqaszYnvI/AAAAAAAAAEU/fNOPpuWn_7o/S220/Darfur_Destroyed.jpg
vary: Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 297
x-xss-protection: 0
expires: Sat, 01 May 2021 21:59:52 GMT

GET
H2 200 shawgo.jpg
sudaneseonline.com/db/avatars/ 57 KB
58 KB 18ms
14ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/shawgo.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cf5f8602ddd688b3192c614d2ec643678944be422c98f2b7370423283ffa93e1

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 205748
x-powered-by: PleskLin
content-disposition: inline; filename="shawgo.webp"
content-length: 58382
cf-request-id: 09325505ed00004ea3fa89b000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r7XKRWhXV0tjISziGbn2T6kXlYEh7EzFQc4h%2FZG4UjdpBad0okdrtfjD%2BnrHxqNJQuZ9bDLsH5%2F7nU8iS%2BYhU5CM3fmS1j0LFEqj98u7duQAHUxa%2BzITPi%2BFk9Iu678%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=262818
accept-ranges: bytes
cf-ray: 6397244fecdf4ea3-FRA
expires: Wed, 30 Mar 2022 18:49:50 GMT

GET
H2 200 p_1914f18jh1.jpg
a.top4top.io/ 84 KB
85 KB 138ms
56ms Image
image/jpeg 163.172.219.20
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.top4top.io/p_1914f18jh1.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.219.20 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-219-20.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 5dd9e0556a9b71dde130bfac787e9b44c2984051006c106f27386f78859ec353

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-file-id: x37654104x
date: Fri, 02 Apr 2021 03:58:58 GMT
last-modified: Mon, 29 Mar 2021 04:01:07 GMT
server: nginx
etag: "60615103-15171"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="%D9%82%D8%B1%D9%86%D9%82%20%D8%B1%D9%88%D8%A7%D9%8A%D8%A9.jpg"
accept-ranges: bytes
content-length: 86385
expires: Fri, 02 Apr 2021 05:58:58 GMT

GET
H2

404

sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg
sudaneseonline.com/uploadpic11/june/
Redirect Chain

https://www.sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg
https://sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg

3 KB
3 KB

284ms
284ms

Image
text/html

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ed7d72de81ce28a49509b04006c99759ce51715d83f38fac7f58ee59313d028a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:59 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 28 Nov 2013 07:11:13 GMT
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sAQtRcPjkJxHjqXoI62LWwBtEk7WqMuTetq4xL9PxZnT3yAaxFsoF4k1NehFR7mAAVFf8jZtXCW%2BGlI4o2mFYx3KOt44qZg5wJxd8Rlw3KLH0y8LBzt0efS%2BQBoHo%2Bo%3D"}]}
content-type: text/html
cache-control: max-age=172800
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 639724524fca4ea3-FRA
cf-request-id: 093255076b00004ea30ebcb000000001

Redirect headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EKDKBtMiH9wr4AgPhJ6qFzejQvR5N%2B4y4EzgcEyPjuzws9VafF3N6MDnIMvFGbFReg%2BSj9kQy7GiY4ny7ll%2Bqm7J4shYAdbWRqhsSwS1BS4O8Wi22nUxgjsPwDEXoBtbofZX"}]}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic11/june/sudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudansudan7.jpg
cache-control: max-age=172800
cf-ray: 6397244fece04ea3-FRA
cf-request-id: 09325505ed00004ea3c5876000000001

GET 1016333_488823897867823_1875840390_nsudan1sudan.jpg
http//www.sudaneseonline.com/uploadpic14/mar/ 0
0

GET
H2 200 mosafir.jpg
sudaneseonline.com/uploadpic16/may/ 2 KB
3 KB 14ms
12ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic16/may/mosafir.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 56583d7365641d0274d83f874ccdc02fd4524a491f481ef968c962c10c61d3b4

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 642817
x-powered-by: PleskLin
content-disposition: inline; filename="mosafir.webp"
content-length: 2432
cf-request-id: 09325505ee00004ea3e918b000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o2LBCWE66gOtfkQMN9wUx0aQL442RV2ppj6aOaADk7g2LaFytMYPxiIMWqVHyBhO99yk2i%2BVoFklMc6ZihM8yh7YUcj8v7p5OTUWGdadGQxcO%2FEY0ahJYZMJmo7uW5s%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=3709
accept-ranges: bytes
cf-ray: 6397244fece14ea3-FRA
expires: Fri, 25 Mar 2022 17:25:21 GMT

GET
H2

200

mamanadwa.jpg
sudaneseonline.com/uploadpic10/May/
Redirect Chain

https://www.sudaneseonline.com/uploadpic10/May/mamanadwa.jpg
https://sudaneseonline.com/uploadpic10/May/mamanadwa.jpg

20 KB
20 KB

11ms
11ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic10/May/mamanadwa.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 992388fbeff91f69ece1f2af28b26cd013db8135f58d8d05b96c9aecdc62a731

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1102462
x-powered-by: PleskLin
content-disposition: inline; filename="mamanadwa.webp"
content-length: 20326
cf-request-id: 093255077f00004ea336b3f000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MMTFUokTzByJxsL%2BPhiOuDI%2F2BWR9LD98nHLuGQB%2B0lbRnPR2ccZ8mIof9Hi3x08xbB3QUYqRR3BR2%2B8mQKuFdwQo26ZHsb84BOqswGp9UdgzXnYb7RMIp8uTiS%2FWXU%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=45668
accept-ranges: bytes
cf-ray: 639724526ff44ea3-FRA
expires: Sun, 20 Mar 2022 09:44:36 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qK2Om3tUqb8rUNhYOanugwvbK1EagBIJgUaTXG%2B0H3FTE3mCH9xMNktlJGA2BIc%2FUEuGpbyirwTrvQoV85r1WyKJ4uNPy7ucIHE5ICGzETEyuZgxXM8bCJIcBS9kTEjxpnxT"}]}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic10/May/mamanadwa.jpg
cache-control: max-age=172800
cf-ray: 639724507d9a4ea3-FRA
cf-request-id: 093255064c00004ea3f23c7000000001

GET
H2

200

drawings_il_340x270.375184795_gkx2_766470924.jpg
sudaneseonline.com/db/avatars/
Redirect Chain

https://www.sudaneseonline.com/db/avatars/drawings_il_340x270.375184795_gkx2_766470924.jpg
https://sudaneseonline.com/db/avatars/drawings_il_340x270.375184795_gkx2_766470924.jpg

2 KB
3 KB

12ms
11ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/drawings_il_340x270.375184795_gkx2_766470924.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 341c395990c70eca9478ceddb6012b07c34db8cdc0e937583df1421101a89e19

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1250680
x-powered-by: PleskLin
content-disposition: inline; filename="drawings_il_340x270.webp"
content-length: 2428
cf-request-id: 09325508e500004ea3d4b4e000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q%2BfbkCbIq%2FEn6imlkI%2BAeyuropZTafarbvvEgmHin0g%2B2DvB77EF7LhtPk8jophVPLff9AL%2BWiKKnc4KG%2FqALzLv40aIBxoteAXXLrvpaWX4l7xhH1M5JeU9C7BiPE4%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=2854
accept-ranges: bytes
cf-ray: 63972454aa874ea3-FRA
expires: Fri, 18 Mar 2022 16:34:19 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=71GnUj8KZp8TsuqTvnkuhRKH%2Bwo%2BCc%2FXm49HbQSbWVsgNmGBlFytfIS4WSM%2FOZRWxCUQlao94UrT5MSOuAclqu7LosU56JqMgIifKH63BYMryIIR5thaAVLST6GxQbt4qj9t"}]}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/db/avatars/drawings_il_340x270.375184795_gkx2_766470924.jpg
cache-control: max-age=172800
cf-ray: 639724525fe74ea3-FRA
cf-request-id: 093255077800004ea3c6b18000000001

GET
H2 200 00Latest_News_808188640.jpg
sudaneseonline.com/english/files/ 10 KB
11 KB 14ms
12ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/english/files/00Latest_News_808188640.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a2c0e0a1bf8b3c57bd4825c24dbea2cb72bb0bf3127fc88970a982e5d7d6eebb

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 204844
x-powered-by: PleskLin
content-disposition: inline; filename="00Latest_News_808188640.webp"
content-length: 10702
cf-request-id: 09325505f200004ea3cd32d000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=El%2BBhMDrXTpa8TSuptR4uXy%2BK1EkQWILdkzpWj5krxPCtUHV1oIf%2BPP8uvotI4MRV7bWebBik1F%2BYnGkSyeiMtVe31VOW1vBVQBLqO6SGxaelkv2bVxdPkj3IfyOuzQ%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=17618
accept-ranges: bytes
cf-ray: 6397244fecea4ea3-FRA
expires: Wed, 30 Mar 2022 19:04:53 GMT

GET
H2 200 937a15082c8364b7d235265dacc6a744.jpg
i.pinimg.com/originals/93/7a/15/ 32 KB
32 KB 111ms
109ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/93/7a/15/937a15082c8364b7d235265dacc6a744.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4130840cd3b4551d245f902798f99c85267091b851a6d4b389c35af04f9789f5

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "eb61072fc250ab1ed0329f2f37a0d177"
content-length: 32862
vary: Origin
content-type: image/jpeg

GET
H2

200

1nur_131441372.jpg
sudaneseonline.com/english/files/cover/
Redirect Chain

https://www.sudaneseonline.com/english/files/cover/1nur_131441372.jpg
https://sudaneseonline.com/english/files/cover/1nur_131441372.jpg

12 KB
12 KB

32ms
32ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/english/files/cover/1nur_131441372.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 06b683609a410f8c005dd4b27a0a660b5304d31b0e5614b95ea3ae02cd1b8072

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1108406
x-powered-by: PleskLin
content-disposition: inline; filename="1nur_131441372.webp"
content-length: 12164
cf-request-id: 093255089b00004ea3381b7000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B5Uw9HhIhqncI6CGPsSW9d1mUyEGrdVikfeiUjT6G2H4LD08ZYmtkfxUwx42P0THY%2FN2oVvpYvx1zF%2FemU7kBtT1N3A1a%2Fv%2BgtMcOIKn6VKtiJVhGOharpcL17h0fYw%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=35440
accept-ranges: bytes
cf-ray: 6397245429f34ea3-FRA
expires: Sun, 20 Mar 2022 08:05:33 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C15stRsDrR3HTKPJxxs5wncilEVg%2BXJ%2B4oWAvxkmezTT2%2BczcoZiclYfjVs5ey6%2B%2BIxPT1J9cu%2BJVOK0OlrVrpnpYy4W1oYQRBcC0b1mTZ2FC3dNr%2BI5f97RzmD9GAzIH1Mq"}]}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/english/files/cover/1nur_131441372.jpg
cache-control: max-age=172800
cf-ray: 639724525fe84ea3-FRA
cf-request-id: 093255077800004ea31483f000000001

GET
H2

200

ICC-Logo.jpg
sudaneseonline.com/uploadpic14/nov/
Redirect Chain

https://www.sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg
https://sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg

18 KB
18 KB

12ms
12ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8d3d5252c5c8636e3a85a58e8a925714c7cb17c8da2563ed39d2824d33833993

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 645444
x-powered-by: PleskLin
content-disposition: inline; filename="ICC-Logo.webp"
content-length: 18476
cf-request-id: 09325508e400004ea327373000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nxtCE7q0mDQePtOkkff%2B97xobnbyfoKaPgH8gCK0yKYzR1Qpzp444sZ2%2FTJTIfTVcR4yZPAqHtAISaUIawAeVCE35xBbKAlrLqN8s4l%2F0zUkkP6p46d1mv%2B%2BdCQWCmU%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=32696
accept-ranges: bytes
cf-ray: 63972454aa864ea3-FRA
expires: Fri, 25 Mar 2022 16:41:35 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k1DTLp1m57on6seXgpQv%2BGOfLivW7J%2BT0wJmx7txbWFCG9grc8%2FgwuiANL3wdEVA9fx80vP0kW5h1ZkaetI4w5tws2CK7Ty0wRp97wpFLzvfim%2BOxpMswMNebgTiuGOcHKtW"}]}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic14/nov/ICC-Logo.jpg
cache-control: max-age=172800
cf-ray: 639724525fe94ea3-FRA
cf-request-id: 093255077800004ea3411ea000000001

GET
H2

200

766efe683cde3ebb0b9b5cbc7b3fed71.jpg
i.pinimg.com/564x/76/6e/fe/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg
https://i.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg

12 KB
12 KB

17ms
17ms

Image
image/jpeg

2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 34bf4ec3eca0adc00a246b829f90f947845d914d89cfa0a0d6de663628449a67

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 43
x-cdn: akamai
x-edgeconnect-midmile-rtt: 15
etag: "0d941b7ba11d2da3dba6ca4aaaab872d"
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 11878

Redirect headers

location: https://i.pinimg.com/564x/76/6e/fe/766efe683cde3ebb0b9b5cbc7b3fed71.jpg
x-cdn: akamai
content-length: 0
vary: Origin

GET
H2 200 00Press_Releases_743165196.jpg
sudaneseonline.com/english/files/ 12 KB
12 KB 18ms
17ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/english/files/00Press_Releases_743165196.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c1005580aa64ecc161e55963e34a2a829a95a3446b9ab0a66d2b51d35413f203

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 880045
x-powered-by: PleskLin
content-disposition: inline; filename="00Press_Releases_743165196.webp"
content-length: 12100
cf-request-id: 09325505f500004ea3f9b18000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nf7xNAuNSs0FrPdxTOfbKHCrcR4%2BUeSp9ALdGBUC8yci%2FhACiM3W%2FtN60C%2BBgR6zA6d2GddcJj64wbNKd0DDOPKclEAhp33i94T1LHxuYRRlhiDsZLxW0YsAoSOd22c%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=18775
accept-ranges: bytes
cf-ray: 6397244fecf34ea3-FRA
expires: Tue, 22 Mar 2022 23:31:33 GMT

GET
H2 200 press.png
sudaneseonline.com/uploadpic19/ 43 KB
43 KB 17ms
15ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic19/press.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7ddadf329de63774f1dedde0cd0a01a422b46a93daa2b36c138f659be3f1ac11

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 41082
x-powered-by: PleskLin
content-disposition: inline; filename="press.webp"
content-length: 43628
cf-request-id: 093255060700004ea31482d000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JV8fXoNnYKYuURxO0eV4q9v4pbmbEj89bCKuwafZ9CN9WGFFy334EiTibWhBl%2BsMoDy37ub52%2FEHyKZ0HqIi4uuWQ9sdM7M1eKZDX8yr1fmQS3S4j75IkoVCQ1y31%2F4%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=62188
accept-ranges: bytes
cf-ray: 639724500d124ea3-FRA
expires: Fri, 01 Apr 2022 16:34:16 GMT

GET
H2 200 88b373fedadc4d0edb2d5fb7fa00872a.jpg
i.pinimg.com/originals/88/b3/73/ 1 MB
1 MB 10ms
8ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/88/b3/73/88b373fedadc4d0edb2d5fb7fa00872a.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 256c5f4cee027a6108043883db67b4bda1cfae5ce0a5bf0186f5cfcc444acf11

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "4bfbcb51ce4e92b26ac68323068dec94"
content-length: 1107558
vary: Origin
content-type: image/jpeg

GET
H2 200 5d3962e95cca9c949e42b9c3621a3381.jpg
i.pinimg.com/originals/5d/39/62/ 44 KB
44 KB 16ms
14ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/5d/39/62/5d3962e95cca9c949e42b9c3621a3381.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 39dd2de0700433f2734f0647fea044e3852e5f1c1a6ae93d77a914082692d719

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "8cba82dc0ed4a7023365a1532e67b1b0"
content-length: 45099
vary: Origin
content-type: image/jpeg

GET
H2 200 news1.png
sudaneseonline.com/uploadpic19/ 26 KB
27 KB 20ms
18ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic19/news1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f0c9e59fe4556a5ca7da317a52097784bbe634004d9f67c78b36d0b7f4656704

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 34293
x-powered-by: PleskLin
content-disposition: inline; filename="news1.webp"
content-length: 26968
cf-request-id: 093255060600004ea32006c000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eMs5UCfD9foznnygFGal84HtQxf2EA32M%2BpcwJ0%2FbAl5LhOhxpKID5QveIHg35SQwy8GUYamcSAkD4G0rkEovq0uxrDQjzer%2B8d8%2F5oQlm0SO3%2BHr0be9STwUb6ClnM%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: origFmt=png, origSize=43107
accept-ranges: bytes
cf-ray: 639724500d154ea3-FRA
expires: Fri, 01 Apr 2022 18:27:25 GMT

GET
H2 200 200px-HTlogo_main.png
upload.wikimedia.org/wikipedia/ar/thumb/3/32/HTlogo_main.png/ 67 KB
67 KB 53ms
24ms Image
image/png 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/ar/thumb/3/32/HTlogo_main.png/200px-HTlogo_main.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.8 /

Resource Hash

2ff79e8330c623cdf29f94e252633740694a3b4cfd77192daaafd8cd04ab0bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 10:06:10 GMT
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 64368
x-cache-status: hit-front
x-cache: cp3057 hit, cp3065 hit/49
server-timing: cache;desc="hit-front", host;desc="cp3065"
content-length: 68305
x-client-ip: 2a01:4f8:121:131a::2
last-modified: Thu, 19 Jul 2018 20:25:54 GMT
server: ATS/8.0.8
etag: eb7a75fc079e3b29ddad0c0eeb6a3270
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
x-timestamp: 1532031953.80463
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2

200

green_khaliel_483586634.jpg
sudaneseonline.com/arabic/files/cover/
Redirect Chain

https://www.sudaneseonline.com/arabic/files/cover/green_khaliel_483586634.jpg
https://sudaneseonline.com/arabic/files/cover/green_khaliel_483586634.jpg

16 KB
17 KB

14ms
13ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/arabic/files/cover/green_khaliel_483586634.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ca48648f9bcb2c585c1360603216f36bd78c8af87d6f3d307d800ca2041f7c8a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 365204
x-powered-by: PleskLin
content-disposition: inline; filename="green_khaliel_483586634.webp"
content-length: 16824
cf-request-id: 09325508ed00004ea30305f000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aJeeeETxSZJygBX%2F7IHX5mukMj8hU2dPQWLh7uRPOIswDuni%2B2pTZCC0anQO%2FiODNNOStJzJ%2BmnJpZEf2dhHmrcW6tOWYJfic8HSssvV7orC5VizfpY5fNuZP53US9I%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=31509
accept-ranges: bytes
cf-ray: 63972454aa934ea3-FRA
expires: Mon, 28 Mar 2022 22:32:14 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kjboQ2pPkV37JZOIQ74IUCumt5vpy%2F%2B%2Baro4WKDkVvTw5ken7sZtULO%2BIarNmOq3wfVxirUv7bjGLRpRKIEhAkrXygUnAwBqsj%2B6vaqLjXKyp5hyr5ujBklxz1Qa4kYy1%2BWP"}]}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/arabic/files/cover/green_khaliel_483586634.jpg
cache-control: max-age=172800
cf-ray: 6397245278024ea3-FRA
cf-request-id: 093255078600004ea3091a0000000001

GET
H2

200

a2f44e7365732df1f106b588a019bbc3.jpg
i.pinimg.com/236x/a2/f4/4e/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/236x/a2/f4/4e/a2f44e7365732df1f106b588a019bbc3.jpg
https://i.pinimg.com/236x/a2/f4/4e/a2f44e7365732df1f106b588a019bbc3.jpg

9 KB
9 KB

14ms
13ms

Image
image/jpeg

2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/236x/a2/f4/4e/a2f44e7365732df1f106b588a019bbc3.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: cf35792bd7566a05f57299ebbf1a5e37f1df7a61893a3ec55ab99d18109d2eab

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "15911713ae3642eaedc1ee3b74a96440"
content-length: 9404
vary: Origin
content-type: image/jpeg

Redirect headers

location: https://i.pinimg.com/236x/a2/f4/4e/a2f44e7365732df1f106b588a019bbc3.jpg
x-cdn: akamai
content-length: 0
vary: Origin

GET
H2

200

41334f236622880aa58d85f9fba3155c.jpg
i.pinimg.com/736x/41/33/4f/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/736x/41/33/4f/41334f236622880aa58d85f9fba3155c.jpg
https://i.pinimg.com/736x/41/33/4f/41334f236622880aa58d85f9fba3155c.jpg

22 KB
22 KB

15ms
14ms

Image
image/jpeg

2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/41/33/4f/41334f236622880aa58d85f9fba3155c.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3e035d5e3d092548b462fd177a9c7dc6d57a8d8e2abda9e4821dbff185642699

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "300b30b54e4471c127c110074e779225"
content-length: 22020
vary: Origin
content-type: image/jpeg

Redirect headers

location: https://i.pinimg.com/736x/41/33/4f/41334f236622880aa58d85f9fba3155c.jpg
x-cdn: akamai
content-length: 0
vary: Origin

GET
H2 200 764677a60bdfbdc24d361db3d7dec9df.jpg
i.pinimg.com/originals/76/46/77/ 399 KB
400 KB 30ms
28ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/76/46/77/764677a60bdfbdc24d361db3d7dec9df.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 733a90c78ebe6072cb5bff90bf028b9cba6e50d0570686265a30589570edb925

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "4b959f8e8b2412020e29ce9d74889856"
content-length: 408328
vary: Origin
content-type: image/jpeg

GET
H2 200 000nothing_476480549_754956420.jpg
sudaneseonline.com/db/avatars/ 672 B
1 KB 20ms
16ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/000nothing_476480549_754956420.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: eaafcf858dacd31ee94ea267b50975065796ba5aec12e2cc0d87d744e83a247f

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1836340
x-powered-by: PleskLin
content-disposition: inline; filename="000nothing_476480549_754956420.webp"
content-length: 672
cf-request-id: 093255060b00004ea30ebb9000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0WhIqSn%2BLnVn0HQdUePu%2BhpHyIOIe8p5WcwsGf7ht%2BCzS96ySO4NLhP6ymb13AmHP21ygsrT7GF%2BvLeXh9h07YR92GRkjTAD%2BK23g1JrhV8uTheKfQG2j4PzYZ1qwAU%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=1551
accept-ranges: bytes
cf-ray: 639724500d214ea3-FRA
expires: Fri, 11 Mar 2022 21:53:18 GMT

GET
H2

200

drawings_images__1__710491940.jpeg
sudaneseonline.com/db/avatars/
Redirect Chain

https://www.sudaneseonline.com/db/avatars/drawings_images__1__710491940.jpeg
https://sudaneseonline.com/db/avatars/drawings_images__1__710491940.jpeg

2 KB
3 KB

14ms
13ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/drawings_images__1__710491940.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: eb77c1e984c822e951f8e7aacc8cb4007d0ab0aa0dcc4455f1dee2293ac5b9f0

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 27629
x-powered-by: PleskLin
content-disposition: inline; filename="drawings_images__1__710491940.webp"
content-length: 2378
cf-request-id: 093255077800004ea3d4b3d000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Jqhr%2BIetvYNUXCA4gtNf80x4FFgPpOSy6%2BNH7hjXkyOiH2n2nmj55qpqaRS7%2BvbuWONvGwTdT00S%2F1d3b2nMNO6wlZGW4VgFs%2FtC7gTPpoa0YGUgYtmUX5Az0hXmsOY%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=2889
accept-ranges: bytes
cf-ray: 639724525fe44ea3-FRA
expires: Fri, 01 Apr 2022 20:18:29 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9VfhNoJJw69XMvnAgYC%2BTjLu1ZYuuSRjqVQYRz2q8T0EnQpxhGSDZC7Oc5gekOfB7XPkc5qyGykh3Ix5soT%2FWbRBomONhOZ%2BOfcwC4OgzBXwBtQRXEBUnwWiX9pN5wOaIpmj"}]}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/db/avatars/drawings_images__1__710491940.jpeg
cache-control: max-age=172800
cf-ray: 639724505d634ea3-FRA
cf-request-id: 093255063200004ea304abd000000001

GET
H2 200 a250a1a7040039702be10ffd80ecd430.jpg
i.pinimg.com/564x/a2/50/a1/ 12 KB
12 KB 26ms
19ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/564x/a2/50/a1/a250a1a7040039702be10ffd80ecd430.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3a93ef00953b3e0bb2630ec5215478b1ae00d8abc6ea36e8ce4670e770d5b984

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "b203eb0a815e962e8f1e2935a7dc1f01"
content-length: 12548
vary: Origin
content-type: image/jpeg

GET
H2 200 _._____%20___%20______.jpg
sudaneseonline.com/db/avatars/ 37 KB
37 KB 16ms
9ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/_._____%20___%20______.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bed02c16941497047a8e371f87ae9e0a594757ab219d9d6c96ead426c82c4062

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 638489
x-powered-by: PleskLin
content-disposition: inline; filename="_.webp"
content-length: 37820
cf-request-id: 093255060d00004ea338193000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JQyB8UijKb7G1eivMqZqD8hFPHxbppFgjYX3Is31%2FOLrk9NWT%2FtEFqr3G0aSv2sXns0Z%2FNFqnCZ8JttyDnwbAeLMt%2FrNECBJHDVPkHoY4ELU5QsLurEuavBJzwysLEA%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=205611
accept-ranges: bytes
cf-ray: 639724501d2b4ea3-FRA
expires: Fri, 25 Mar 2022 18:37:29 GMT

GET
H2 200 bedawi_s_picture_420592460.jpg
sudaneseonline.com/files/daily-writer/ 6 KB
6 KB 18ms
11ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/bedawi_s_picture_420592460.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 418b0eae7ec35a77851857b27f9dd21d36c3b07b4a88f18793590711a0c2ef78

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 34422
x-powered-by: PleskLin
content-disposition: inline; filename="bedawi_s_picture_420592460.webp"
content-length: 6194
cf-request-id: 093255060d00004ea32e3df000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jxxqyzE3syitp83FnlHn4xKy%2F7GzamlY7QyCpsOE2A2iS7RXjETTwGTRKWEcZAz6MFSumYvQs7beOKsH%2BRv7kc261a9YVvfIiMrNmKm3Iun0Bg0bkSVhyXIITG1%2FgGc%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=11901
accept-ranges: bytes
cf-ray: 639724501d2c4ea3-FRA
expires: Fri, 01 Apr 2022 18:25:16 GMT

GET
H2 200 hamid_fadalla_402316769.jpg
sudaneseonline.com/files/daily-writer/ 15 KB
16 KB 18ms
12ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/hamid_fadalla_402316769.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: aab60f65d859d9459ded33c8dc9d4769db2dfbaa70d0afcc0891a0ed2f0d5b4e

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 34422
x-powered-by: PleskLin
content-disposition: inline; filename="hamid_fadalla_402316769.webp"
content-length: 15486
cf-request-id: 093255060d00004ea338a97000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K%2FSz%2Bg3PkDFyt2iAmqbQinVLuGkc4p3m3yQDJoUQTgA9wQU%2B6pXzwjlpNTqf8KvTkldopWaR7c4%2B3bk1MFbmMYh1DE10exDLIjysZ7mQercVtVNdftgX93q9zJrjdkY%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=25951
accept-ranges: bytes
cf-ray: 639724501d2d4ea3-FRA
expires: Fri, 01 Apr 2022 18:25:16 GMT

GET
H2 200 f707db3ae6b3ca8fbbb8b5fa1602017d.jpg
i.pinimg.com/originals/f7/07/db/ 79 KB
80 KB 481ms
474ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/f7/07/db/f707db3ae6b3ca8fbbb8b5fa1602017d.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ccd589c6f3c28f9ab95307472950b234952f43985cbcd75ced28d8f5ba06d42a

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "bc33d1db3a3ba61c6260c0c86e04f7d8"
content-length: 81366
vary: Origin
content-type: image/jpeg

GET
H2 200 nopic.jpg
sudaneseonline.com/db/avatars/ 2 KB
3 KB 21ms
10ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/nopic.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b0b47fbe08813f2964de03684b90df90615e5591820069441e26471cf176fc0f

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 208063
x-powered-by: PleskLin
content-disposition: inline; filename="nopic.webp"
content-length: 2442
cf-request-id: 093255060d00004ea312954000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yI71gkMxLwxhTzxVfEbkwv7jeAxBoZXCZEMT6jGv%2BiPwpjJtDyoMwvcMv0W9UlnooEQAONpQ%2FNbXx7QcPPcZ8Xzy%2BNCdLdz5VC44ZBD6PzWAO7R1hFzldML8kQqUNac%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=29041
accept-ranges: bytes
cf-ray: 639724501d2e4ea3-FRA
expires: Wed, 30 Mar 2022 18:11:14 GMT

GET
H2 200 0b806f617a61c419960bc1358a35d881.jpg
i.pinimg.com/originals/0b/80/6f/ 37 KB
37 KB 432ms
425ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/0b/80/6f/0b806f617a61c419960bc1358a35d881.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 772029ffddff8892ab9484f7ac91a8a9d7e12d1edef3390dc336054184c880d3

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "bc18dcfbeecae83eedc2426466e8d3af"
content-length: 37565
vary: Origin
content-type: image/jpeg

GET
H2 200 ca06b6567e7b79496510d42af1dea752.jpg
i.pinimg.com/originals/ca/06/b6/ 20 KB
20 KB 189ms
183ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/ca/06/b6/ca06b6567e7b79496510d42af1dea752.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f079e26fbfff5c587c5ba449f9e00eabb19510b044ef599626ae785a2aaf4ca

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "8b8b507f1ecf298920b7732a5811a34f"
content-length: 20574
vary: Origin
content-type: image/jpeg

GET
H2

200

97b6d0e6ea884632c0772aefbc4cd594.jpg
i.pinimg.com/originals/97/b6/d0/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/originals/97/b6/d0/97b6d0e6ea884632c0772aefbc4cd594.jpg
https://i.pinimg.com/originals/97/b6/d0/97b6d0e6ea884632c0772aefbc4cd594.jpg

26 KB
27 KB

14ms
13ms

Image
image/jpeg

2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/97/b6/d0/97b6d0e6ea884632c0772aefbc4cd594.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0f6e6582296b1d29ca0bc18449883ee26d4791a204a2d8a4aa3396465209e5aa

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "270e6df56703418776a441367d7c296f"
content-length: 26939
vary: Origin
content-type: image/jpeg

Redirect headers

location: https://i.pinimg.com/originals/97/b6/d0/97b6d0e6ea884632c0772aefbc4cd594.jpg
x-cdn: akamai
content-length: 0
vary: Origin

GET
H2 200 ad4ecbfcc290e06c8f33be3ae2969b5b.jpg
i.pinimg.com/736x/ad/4e/cb/ 12 KB
12 KB 35ms
24ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/ad/4e/cb/ad4ecbfcc290e06c8f33be3ae2969b5b.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e9e33a6e29e9d4852f65cefae0304e8b49a99724d3327c2ca3840ee432952bb1

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "3816b777c8875e7efdd1993a82cb84b1"
content-length: 12431
vary: Origin
content-type: image/jpeg

GET
H2 200 nuraldin_Madani_618166527.jpg
sudaneseonline.com/files/daily-writer/ 11 KB
12 KB 22ms
11ms Image
image/jpeg 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/nuraldin_Madani_618166527.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0b8f2c815b29a22692ff010e8185dabd533fd50b99222fed22917577a26aac02

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 173149
x-powered-by: PleskLin
content-length: 11550
cf-request-id: 093255061200004ea3e918d000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5dhlNdzTmQUU9knpL4M0YAr1qrsL3Pphp7gR%2Bzms6UqMDPGVDr%2BwVW8pCnGIwjL6SlmQT11NX%2FOiVq5DFHcQEL8oYxnSd6XS0XfQtbWill86ohLc3u0RGGzOAj0iwCE%3D"}]}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-polished: degrade=85, origSize=15710, status=webp_bigger
accept-ranges: bytes
cf-ray: 639724501d374ea3-FRA
expires: Thu, 31 Mar 2022 03:53:09 GMT

GET
H2

200

siri_gadora_194927617.jpg
sudaneseonline.com/files/daily-writer/
Redirect Chain

https://www.sudaneseonline.com/files/daily-writer/siri_gadora_194927617.jpg
https://sudaneseonline.com/files/daily-writer/siri_gadora_194927617.jpg

10 KB
11 KB

14ms
13ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/siri_gadora_194927617.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cc8818d80104cdb8dffba62d276afcc8372799de2d76199c55c3c718f826b73e

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1797788
x-powered-by: PleskLin
content-disposition: inline; filename="siri_gadora_194927617.webp"
content-length: 10400
cf-request-id: 09325508ec00004ea3e6b9d000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iYCKJRW6kgd8aEa1PuJEpDFHHEo%2BLfuAmSd2iIsmtHRowCnZnHQB9GCEGYcPWlGAiN%2B9VAkORaB%2FXn07kEji0kp2yS45M4yufI9LGZRy6QMi6oVhkq34iVOE3zZjuoY%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=28209
accept-ranges: bytes
cf-ray: 63972454aa914ea3-FRA
expires: Sat, 12 Mar 2022 08:35:51 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RyRmMblzFsx2iG0YK0g5kOBDY1P6yF5OBRHLeaLFufc6pTb8ESV6WOBwcxdc2TgmwzoSpQk5fpofpsGX%2FH8yRlGgIKnG8oAFHVBvuns%2Fx7ZO%2Bnuc%2FmTcIks2WpTTNg8X6NSz"}]}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/files/daily-writer/siri_gadora_194927617.jpg
cache-control: max-age=172800
cf-ray: 63972452780f4ea3-FRA
cf-request-id: 093255078c00004ea30a05c000000001

GET
H2 200 11c091ea12b4a667cc95c3926dbfccca.jpg
i.pinimg.com/originals/11/c0/91/ 10 KB
11 KB 35ms
24ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/11/c0/91/11c091ea12b4a667cc95c3926dbfccca.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d04fd99985eba0f4d4a0db111704c4f4724ae4b6fce4eb08aa8a8ed0ab89213b

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "4c8c5183abfc6674241eedd6b00e6087"
content-length: 10709
vary: Origin
content-type: image/jpeg

GET
H2 200 1ef6f8c3127d13271c69d7f7acedd214.jpg
i.pinimg.com/originals/1e/f6/f8/ 25 KB
25 KB 477ms
466ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/1e/f6/f8/1ef6f8c3127d13271c69d7f7acedd214.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 64f3b067421484c9019252a5926bc89033f4461c64bbd18c105ec81b1174c0f2

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "f817ebe0ac403d57c8628b1cb8b4ab6d"
content-length: 25664
vary: Origin
content-type: image/jpeg

GET
H2

200

Maher_Almaher________177842373.jpg
sudaneseonline.com/files/daily-writer/
Redirect Chain

https://www.sudaneseonline.com/files/daily-writer/Maher_Almaher________177842373.jpg
https://sudaneseonline.com/files/daily-writer/Maher_Almaher________177842373.jpg

32 KB
32 KB

18ms
18ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/Maher_Almaher________177842373.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a2054b9637afdc9e1aab989d848708525c8e799cec87becb97c8702877a1e79b

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 154407
x-powered-by: PleskLin
content-disposition: inline; filename="Maher_Almaher________177842373.webp"
content-length: 32324
cf-request-id: 09325509d100004ea3ee294000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gQf1d1FwyrDw3CJlN8BUNmJ6RJSJakow%2FaCdHE6oB1VDyA3DDRkxLZFPYzt%2F5wiBZ%2FJOTZEE%2BEeh7NHeZ7kROvL4Sy1YXRWnliV8mZP0bB5GnzbxT%2FslnqjshG9IjYI%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=42493
accept-ranges: bytes
cf-ray: 639724561c0a4ea3-FRA
expires: Thu, 31 Mar 2022 09:05:32 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xNQ2%2BUwdAvPcV2xRwOE5CMvKe5nG4292UUYKQq6qQ0vEMNHlJ5FygvOeszQXQnHagwziQhXOK0GLRLo9So0uWjCzIByj4ZIaah8yKA8sg6p%2FhY2nn5DWSjlDFdii%2FTzR%2Fz2I"}]}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/files/daily-writer/Maher_Almaher________177842373.jpg
cache-control: max-age=172800
cf-ray: 6397245419d94ea3-FRA
cf-request-id: 093255088c00004ea34983b000000001

GET
H2

200

c4febb7d361abfef7763ccb68406db37.jpg
i.pinimg.com/originals/c4/fe/bb/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/originals/c4/fe/bb/c4febb7d361abfef7763ccb68406db37.jpg
https://i.pinimg.com/originals/c4/fe/bb/c4febb7d361abfef7763ccb68406db37.jpg

30 KB
30 KB

410ms
409ms

Image
image/jpeg

2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/c4/fe/bb/c4febb7d361abfef7763ccb68406db37.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: dd1665c06814cd2459affd4cc6aa2b48ac9229dee9bedfe1df7717056c9c732d

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "a6573d6cf4210ac7ecac873ed74c349b"
content-length: 30512
vary: Origin
content-type: image/jpeg

Redirect headers

location: https://i.pinimg.com/originals/c4/fe/bb/c4febb7d361abfef7763ccb68406db37.jpg
x-cdn: akamai
content-length: 0
vary: Origin

GET
H2 200 e8537a2e674a901497443e1f544a2324.jpg
i.pinimg.com/originals/e8/53/7a/ 21 KB
21 KB 37ms
23ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/e8/53/7a/e8537a2e674a901497443e1f544a2324.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b96d52bbeaf4b1e8233c9f95a3c15219649eda5f59216c604241322f109f2c09

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "12de398acacc133965b44a8af8cb41e2"
content-length: 21277
vary: Origin
content-type: image/jpeg

GET
H2

200

tharwat.jpg
sudaneseonline.com/uploadpic15/Mar/
Redirect Chain

https://www.sudaneseonline.com/uploadpic15/Mar/tharwat.jpg
https://sudaneseonline.com/uploadpic15/Mar/tharwat.jpg

13 KB
13 KB

12ms
12ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic15/Mar/tharwat.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 726bd300778a73b754dc044818565a6beefce02119a6399297c5fac84f3d1055

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 883671
x-powered-by: PleskLin
content-disposition: inline; filename="tharwat.webp"
content-length: 13342
cf-request-id: 09325509e700004ea31e9a7000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yFN094%2BHv7crabVD5FrS25h5rlOUrZvIg8fc88NRQGmxxU8tepvdeoynbg%2F5DXorR4f4dVhP9MJLcvbCvrq%2FHLenmPw9xjbbZjztNBw1mNjSaXT%2B5rcnfszzpPOlDhk%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=49404
accept-ranges: bytes
cf-ray: 639724563c2d4ea3-FRA
expires: Tue, 22 Mar 2022 22:31:08 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b3O%2B0IlXDbrIaZzDdTTGuhFfcbd30PVYGriSKowdjGQkXwIu046Oxzs5nWQqqiRS81iHmfcYWF101PvVeZ6MuHvz%2BLy1EuZ%2Bb6to%2Fbeq7gi6jO4gg%2BXSXT5xo9QmoAg7Ys%2B5"}]}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic15/Mar/tharwat.jpg
cache-control: max-age=172800
cf-ray: 639724545a304ea3-FRA
cf-request-id: 09325508bc00004ea32008f000000001

GET
H2 200 3a1e14c4ede5db3b424ed2f918dfe0be.jpg
i.pinimg.com/originals/3a/1e/14/ 7 KB
7 KB 44ms
31ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/3a/1e/14/3a1e14c4ede5db3b424ed2f918dfe0be.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6860842b1855988141a64c5b218a317410588fe180d6e6281819d127120f375d

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "3e5c79600cbb6f09137b3c21ed46d22b"
content-length: 7343
vary: Origin
content-type: image/jpeg

GET
H2 200 d49f9589d6601dffdf647d79af8ee9e8.png
i.pinimg.com/originals/d4/9f/95/ 95 KB
95 KB 47ms
34ms Image
image/png 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/d4/9f/95/d49f9589d6601dffdf647d79af8ee9e8.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ac0e8d13ec5f276feada45b806b85af037f734e0ee5a8aa7ce4b9e1e9110d5fc

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "887b46dd348b773cbc3cce0411f0ae66"
content-length: 97168
vary: Origin
content-type: image/png

GET
H2 200 salah_albasha_679470719.jpg
sudaneseonline.com/files/daily-writer/ 41 KB
42 KB 31ms
14ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/salah_albasha_679470719.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8371ca7726358d3088e19a1406a034d30cafa4fef366e69d959dd6a41822e9ff

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 166487
x-powered-by: PleskLin
content-disposition: inline; filename="salah_albasha_679470719.webp"
content-length: 42320
cf-request-id: 093255061700004ea3dcaf8000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=swO49uTROhHdY8X6wYF7nF5j2YiEyJia8WZZQ6H2eEocbwO5XxBEIacRwbWXOg9oByML677u%2BfwDXwEtczHBATsdf3FEugFcH0vgNzf6RBbCyMamn%2FuvRG9gQ0hKHgw%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=58723
accept-ranges: bytes
cf-ray: 639724502d3c4ea3-FRA
expires: Thu, 31 Mar 2022 05:44:11 GMT

GET
H2 200 9fa5b332f1169e451edab660ea456b89.png
i.pinimg.com/originals/9f/a5/b3/ 323 KB
324 KB 145ms
133ms Image
image/png 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/9f/a5/b3/9fa5b332f1169e451edab660ea456b89.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: cb2196aad794bd3bf5603f20bfdaad85a6b871b63ca69bed33b0a5f4ba046f96

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "b1d404c3c2278f5fb7b07699ca4809df"
content-length: 330887
vary: Origin
content-type: image/png

GET
H2

200

shawqi_badri_878170412.jpg
sudaneseonline.com/arabic/files/daily-writer/
Redirect Chain

https://www.sudaneseonline.com/arabic/files/daily-writer/shawqi_badri_878170412.jpg
https://sudaneseonline.com/arabic/files/daily-writer/shawqi_badri_878170412.jpg

10 KB
10 KB

12ms
12ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/arabic/files/daily-writer/shawqi_badri_878170412.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f2ab71d8fb4085be52c617b5a08c399312c2b4322287fddcaf52e40ae1ac9133

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 147019
x-powered-by: PleskLin
content-disposition: inline; filename="shawqi_badri_878170412.webp"
content-length: 9938
cf-request-id: 0932550a1800004ea345a21000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wOmtX1a4mdXHcpVtF1%2FLImqqD3OIFuPKlToSQR9b%2FSKzwPaTeR6UcCLb6KROa0Y08CgXtnGHq7GJclpVSRqnDuR1nw1eUoPSjWndpTlIy6bR48atJCFDBiB3E9Qq7mc%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=27977
accept-ranges: bytes
cf-ray: 639724568c8f4ea3-FRA
expires: Thu, 31 Mar 2022 11:08:40 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nkjI4xbNWKz8yBL7QbljKYd5ee40RwxBlxcFm91knNwdXJZA6L3QePJ13ywp5R%2BNA59aizrsDt4MN1oTgZHrMz7KyyXtrt1ETZzDBCGmCk93zcgWOZXDnpsBv0%2BT%2BmCqfYW4"}]}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/arabic/files/daily-writer/shawqi_badri_878170412.jpg
cache-control: max-age=172800
cf-ray: 63972454ba9d4ea3-FRA
cf-request-id: 09325508f100004ea32e004000000001

GET
H2 200 e1ba1b2b2779634759c574bd555da9c5.jpg
i.pinimg.com/originals/e1/ba/1b/ 65 KB
66 KB 637ms
622ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/e1/ba/1b/e1ba1b2b2779634759c574bd555da9c5.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9c117e5ac0a809abdfd02e4dbb07ade68ccd5baf5e51c3ed994a59acc3896b7d

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "762a447d76cef2ec181429a3e6070bdd"
content-length: 66922
vary: Origin
content-type: image/jpeg

GET
H2

200

dr.mahmoudasuleiman.jpg
sudaneseonline.com/uploadpic14/mar/
Redirect Chain

https://www.sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg
https://sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg

7 KB
8 KB

10ms
10ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2961b3db2b46da7335a7b966b4503e9c698b31721b54d65ce1b93c5662447624

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 41081
x-powered-by: PleskLin
content-disposition: inline; filename="dr.webp"
content-length: 7212
cf-request-id: 0932550a0d00004ea327381000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HzSLhrgReU33YsrZns0JL3qOjDdMuE3dTo4ACvPCHvtaBWGtK1JqjkhK1P4oId1h0L3hcGZZCrmX9leA3bgrMF%2FFdWfhSSBtBPIJajf9Vv0ipRSzJlLs5ZljKoM9ctE%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=17935
accept-ranges: bytes
cf-ray: 639724567c784ea3-FRA
expires: Fri, 01 Apr 2022 16:34:18 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FJIQZVtcxE0st%2FJSJk3BIfF%2FXMGCjCqvJ9PF%2BpJwIsX0oaz4BhTtnvilcBGDUhk2tHy9aE6vqzoMv7FDY6ZaNFmhyMZOolgVnCx36Ir7Up3Ae2rKX2M1%2Bj78olpzGHoivWvr"}]}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic14/mar/dr.mahmoudasuleiman.jpg
cache-control: max-age=172800
cf-ray: 63972454ba9e4ea3-FRA
cf-request-id: 09325508f200004ea33b922000000001

GET
H2

200

4sudanews_jpg10.jpg_500x400_841775616.jpg
sudaneseonline.com/db/avatars/
Redirect Chain

https://www.sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg
https://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg

1 KB
2 KB

11ms
11ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b9b22ee5c44be56ed8d9915f66fdc68649e6b6280facfc5416dec407f8362f4c

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 35738
x-powered-by: PleskLin
content-disposition: inline; filename="4sudanews_jpg10.webp"
content-length: 1290
cf-request-id: 0932550a1300004ea3cd35e000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yOr7f2uGMh%2BLTX5sBogXRWcdyq3mFh9tD93T%2BwCahShcjM7boiYFrMJg9R%2F9NO8vQKYrtl%2BniLHqDsU6Xq0PYU6v7UX5rqUGfDsOeBxtoNNu4rd%2BAUvkm9nhKlLGylo%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=1852
accept-ranges: bytes
cf-ray: 639724568c804ea3-FRA
expires: Fri, 01 Apr 2022 18:03:21 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F8njI%2BxVcZ4dAIFx6vcnLB0OqYsezueTsQZYjdR7uAO2tbWgZLfc%2BF78zneuuUYyRctM9ejPvpQs22BubIMNNFAigOzhDja0Zib0iT1A3M%2BmfK9R3n0IAN5HcGEVYkm46GiW"}]}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/db/avatars/4sudanews_jpg10.jpg_500x400_841775616.jpg
cache-control: max-age=172800
cf-ray: 63972454caa94ea3-FRA
cf-request-id: 09325508fa00004ea304adf000000001

GET
H2 200 072a72eb5eb1fe3fb7d44bb9d8f5b148.jpg
i.pinimg.com/originals/07/2a/72/ 22 KB
23 KB 34ms
20ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/07/2a/72/072a72eb5eb1fe3fb7d44bb9d8f5b148.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f695180a0fbf6c666bb6dd71063a0199a666258364646e51593926e23d52bbef

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "21be6c9f78c24e51e5f98099adcdbb9f"
content-length: 22936
vary: Origin
content-type: image/jpeg

GET
H2 200 77cddd7de3020989785169be95dccfe2.jpg
i.pinimg.com/originals/77/cd/dd/ 222 KB
223 KB 45ms
31ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/77/cd/dd/77cddd7de3020989785169be95dccfe2.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b86a5d34de3ccf02a5d9b86bf2357f2c8bda612eb44cb4990f5326bae68b3893

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "54e13abf17f78f182ec2f8b313c7c0cf"
content-length: 227316
vary: Origin
content-type: image/jpeg

GET
H2 200 8207d2559f1099a95f1fc9bd10e4826b.jpg
i.pinimg.com/originals/82/07/d2/ 329 KB
330 KB 50ms
36ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/82/07/d2/8207d2559f1099a95f1fc9bd10e4826b.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d536ac86bd42f483358b267bc5daf5cd150bb8c774c37b3b3c66b5d7dc6f0342

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "a12f3b09f8fa9d8302b29cdeba3298cb"
content-length: 337393
vary: Origin
content-type: image/jpeg

GET
H2

200

idris1.jpg
sudaneseonline.com/uploadpic14/mar/
Redirect Chain

https://www.sudaneseonline.com/uploadpic14/mar/idris1.jpg
https://sudaneseonline.com/uploadpic14/mar/idris1.jpg

18 KB
18 KB

13ms
12ms

Image
image/jpeg

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic14/mar/idris1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b985c9d61d3616f8cb9ae78e1658946c7f395b30d86c18af9e8f4acd137592c8

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1250680
x-powered-by: PleskLin
content-length: 18317
cf-request-id: 0932550a1f00004ea3f9b4a000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nqvj6bWlkpg94pe%2Ft9p%2BcRmh2Hz8VqBjwnRBWF0l2RgiJzmP2i4jau2gfB6Y9yfby%2FFlSuWNc%2FGCBhFkqc8QjUOZhoO7qinJM%2Flj7ha1d%2FdcvRSBmBQWZmD2eD%2BcS1E%3D"}]}
content-type: image/jpeg
cache-control: public, max-age=2592000
cf-polished: origSize=19094, status=webp_bigger
accept-ranges: bytes
cf-ray: 639724569c9b4ea3-FRA
expires: Fri, 18 Mar 2022 16:34:19 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hfeoZMhBMkQSi2b720VmCw6fen3ZJhPsdRtw7mrnspH8bBcb%2F5CU06Eml3BLONLfNZwG1tHIue956kZRb0SLYworkmJ8j%2BwvZLrSm6P5eXnVfQLZ5CzlpqTWkQXq2l3uULp4"}]}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/uploadpic14/mar/idris1.jpg
cache-control: max-age=172800
cf-ray: 63972454caaa4ea3-FRA
cf-request-id: 09325508fa00004ea3c6b2a000000001

GET
H2 200 6049937f1e9542bb11fe778f28786d39.jpg
i.pinimg.com/originals/60/49/93/ 17 KB
17 KB 52ms
40ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/60/49/93/6049937f1e9542bb11fe778f28786d39.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b18ed6ca4c98d8ef4e32f9bc82778ee7f52d3d645acff62107d7ead99036a3de

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "85de7027e49c3f3d67b7f871e9f5e630"
content-length: 17284
vary: Origin
content-type: image/jpeg

GET
H2

200

Salim_Dekin_948126226.jpg
sudaneseonline.com/files/daily-writer/
Redirect Chain

https://www.sudaneseonline.com/files/daily-writer/Salim_Dekin_948126226.jpg
https://sudaneseonline.com/files/daily-writer/Salim_Dekin_948126226.jpg

8 KB
8 KB

12ms
12ms

Image
image/webp

2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/files/daily-writer/Salim_Dekin_948126226.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a153f3819c758754117e2a2c953c2003ecf1bc55ef9c8d0db6ba8969215ce1c6

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 640220
x-powered-by: PleskLin
content-disposition: inline; filename="Salim_Dekin_948126226.webp"
content-length: 7760
cf-request-id: 0932550afe00004ea3e4212000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GLG03J0YCQayyk9HSp2bacpdBGUD9hZUVesIDgeGmhniXUl%2BlsdbHjL%2Fvolabl%2FkaicjRlDV4y8Nl23Kx9rSflx0kH9lD14UHzHJCdYbIkRA%2F01cpyZbe8lGYABqm%2B0%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=23898
accept-ranges: bytes
cf-ray: 63972457fe054ea3-FRA
expires: Fri, 25 Mar 2022 18:08:39 GMT

Redirect headers

date: Fri, 02 Apr 2021 03:58:59 GMT
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fb4gSnRUq7Xe%2FFP1gDE237GIsZJDRybL7rSbCTFlY1CFfwLn3LDrw9YFzGiJGvU25jb4TVK4XDCoLmWgy4%2BMOjwgYl%2BxMkSZFjoWfOI00frPUGZRp%2FcsCqMV3sfLImiTfZ81"}]}
content-type: text/html; charset=iso-8859-1
location: http://sudaneseonline.com/files/daily-writer/Salim_Dekin_948126226.jpg
cache-control: max-age=172800
cf-ray: 639724563c274ea3-FRA
cf-request-id: 09325509e400004ea320ab2000000001

GET
H2 200 1bfe522ed5ae55dd4611a81eb230989e.png
i.pinimg.com/originals/1b/fe/52/ 202 KB
203 KB 54ms
41ms Image
image/png 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/1b/fe/52/1bfe522ed5ae55dd4611a81eb230989e.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d8f6622cfbd9872f2fd15939125bf8c707180c7a1f3b885a0710eb0ac6cb18fd

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "163ff35b33678da78d85d1f8d4ecf0d2"
content-length: 206836
vary: Origin
content-type: image/png

GET
H2 200 karti.jpg
sudaneseonline.com/uploadpic16/may/ 12 KB
12 KB 26ms
14ms Image
image/webp 2606:4700:20::681a:b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudaneseonline.com/uploadpic16/may/karti.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5a9fd7b21dc6a10ecd891500b275827227ded1bc4da401d19806c1c432c6d2d5

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1249514
x-powered-by: PleskLin
content-disposition: inline; filename="karti.webp"
content-length: 12062
cf-request-id: 093255062300004ea30303a000000001
cf-bgj: imgq:85,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9M700GlaMuYBH%2FTPb0WGvRovNHOy%2BMGrafHte%2FGseCt16LX3E5sMV2DVchItlx3cm%2BcKRrsU5bR7Ga3Dfw4A8n%2BViekJZaDdXBn6bxCYqdu73xBr8DciadDHkggvK8A%3D"}]}
content-type: image/webp
cache-control: public, max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=55773
accept-ranges: bytes
cf-ray: 639724503d504ea3-FRA
expires: Fri, 18 Mar 2022 16:53:44 GMT

GET
H2 200 7cd63ddcc9cb27bb4a82277fa21ec192.jpg
i.pinimg.com/originals/7c/d6/3d/ 15 KB
15 KB 54ms
42ms Image
image/jpeg 2a02:26f0:6c00:294::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/7c/d6/3d/7cd63ddcc9cb27bb4a82277fa21ec192.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c7359ac53adc88dae2f28ff7a0e9156dcb2d088c6b434d0c2946e9c5ec7a1dce

Request headers

Referer: https://sudaneseonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "00f6850a5b04d6b300c84c9ebcfe669d"
content-length: 15460
vary: Origin
content-type: image/jpeg

GET
H3-Q050 200 spam_signals_bundle_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/elements/html/spam_signals/ Frame A17C 6 KB
3 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1617335938&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938117&bpp=1&bdt=334&idt=119&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9mxMa4oAvZ&p=https%3A//sudaneseonline.com&dtd=123

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 23:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2925
x-xss-protection: 0
server: cafe
etag: 11749031388657934619
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 23:11:51 GMT

GET
H3-Q050 200 7229637387047019371
tpc.googlesyndication.com/daca_images/simgad/ Frame A17C 136 KB
136 KB 24ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7229637387047019371

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f161cca91dfbe38ac4b143e3a89cc0c7f2e8606600e440aeb7441fb418e1ff18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 16:02:45 GMT
x-content-type-options: nosniff
age: 42973
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138862
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 04:59:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Apr 2022 16:02:45 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/ Frame A17C 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 8094203328658613728
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:43:05 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame A17C 2 KB
1 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:53:48 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A17C 118 KB
36 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:58:58 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame A17C 13 KB
5 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:36:34 GMT

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame A17C 25 KB
10 KB 14ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f08484455172d31ef5c551a8228f73cd46f334707d09677aa3e53d73483a8c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 20:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10479
x-xss-protection: 0
server: cafe
etag: 5380568613746674957
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 20:00:57 GMT

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame AF08 14 KB
6 KB 13ms
5ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 10691
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 02 Apr 2022 01:00:47 GMT

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ Frame 67DA 178 KB
26 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/index.html

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb7aec3a39788280b60d61e90de3e4b1644179fcc032af6cb842d8dbdc1c5c5f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/1693763440430468214/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Fri, 02 Apr 2021 02:26:00 GMT
expires: Sat, 02 Apr 2022 02:26:00 GMT
last-modified: Tue, 16 Mar 2021 07:12:55 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 25091
age: 5578
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame F150 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPIacgpZmYK7mDsWnx_APya6g8Arb-t_PYZbdi9mxDcWBhoyYExABIIqBwANglQKgAdLCkLECyAEJqQLx9Vf5JsOzPqgDAcgDSKoE5QFP0K2t9r2kTJq_PTAikdUqM9mA-3ZhR--psaLA4ljtEPkc5NfTuBp5TAkYzN_e64L0vqWDwcrQOe1_L6Ar6FHxnkg0SCSBsbZX8b8GzMayyGaMYb7sdmk-M-WnQcSQY7YxDCNHlWsM5kt9zUTuXFC_MZt4tXJCb4OASnsCYCo98kyAP-zzvT142M6z8M6n4LIrwXp0vhwrI4zDtzYryrOoI5ADvZdw8o7_iFWcq3_WE4UbZkefPkwr8moRDPcD698YvK5aOgtRX3QAKr1C0BMxQheVA9Fod6W3MbKWzf9kOm7JSQuZwATRw-_RqgOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHlr3vzgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQhuoG0ggJCIDhgBAQARgfgAoByAsB2BMLshcaChgIABIUcHViLTk4NjI2NjUxNjk4MzM1ODY&sigh=plOE0BxYGzE&template_id=419&tpd=AGWhJms5cozGy75EVCiVEs7DSvStesupZpn0h20GTXNcjutdlA

Requested by

Host: sudaneseonline.com
URL: https://sudaneseonline.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938116&bpp=1&bdt=333&idt=105&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sXL8UIMnJk&p=https%3A//sudaneseonline.com&dtd=111
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 02 Apr 2021 03:58:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/ Frame F150 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938116&bpp=1&bdt=333&idt=105&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sXL8UIMnJk&p=https%3A//sudaneseonline.com&dtd=111

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 8094203328658613728
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:43:05 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame F150 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:53:48 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F150 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:58:58 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame F150 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:36:34 GMT

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/ Frame 7237 3 KB
1 KB 9ms
9ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=130&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ry2gytiTGQ&p=https%3A//sudaneseonline.com&dtd=134

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bd525dc317d47424279fbc7165201537c4bfe4c94c7f7c209a0685b6af281f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/4289431202364580801/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1306
date: Tue, 30 Mar 2021 09:59:09 GMT
expires: Wed, 30 Mar 2022 09:59:09 GMT
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 237589
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame AFE2 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsN2JgpZmYK2uEKmv-ga_0Zg4n_nN4WGM9Imojw2pv8KEihsQASCKgcADYJUCoAH02syZA8gBCakC8fVX-SbDsz6oAwHIA0iqBO0BT9DmqxG5xsva2S4raPd2REI8UgEHt5BsuOg0kFAoaq6d0DQphL3Mkrm6lA9PjAUFVUPRc9eFu_2m0emnNv53xmzAaMusyMin5YZIGoGP8t8DSZ-V5cNpYR_CGelSuKEH8QF8qc2j9R84vZveDFrFdGh0ROTxpSJkOJQ8EVFufF93JSu8awHzAipQNTfNvki02ieLu1ITsCSX2BaZeSfGMeNQgwjwCC6xYCJ8ULn38MqxDE30sIR_RZWRrI8saC7BZGAQZ6enLjfqSqtrOAoaKRwxNEYqgGi8cmjFy47JKdV7KISqHZGNfMWHgQ67wAT9_r-IiQOSBQQIBBgBkgUECAUYBKAGLoAH9KSzZqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDUzALSCAkIgOGAEBABGB-ACgHICwHYEwyyFxoKGAgAEhRwdWItOTg2MjY2NTE2OTgzMzU4Ng&sigh=b7j7fUszQmU&template_id=419&tpd=AGWhJmsRE210dhzMf4ZSzWeSMB-r-JuTdOUuuJJxa6UPcXZAzg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=130&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ry2gytiTGQ&p=https%3A//sudaneseonline.com&dtd=134
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 02 Apr 2021 03:58:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/ Frame AFE2 17 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 8094203328658613728
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:43:05 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame AFE2 2 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:53:48 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AFE2 118 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:58:58 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame AFE2 13 KB
5 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:36:34 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame A17C 0
0 22ms
17ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ch9PngpZmYJjMD7Wx-gbM5bq4BJX25o9ihaelydsI2tkeEAEgioHAA2CVAqAB2vGB9QLIAQKoAwHIA8kEqgTlAU_QFL2az_0pu2AraMKjxiwBlnObNyzxsPzo0Ii8myEzRnr5d0_2hd0KbilaPgz_IuBub6yElmEJgOLZfXVdhHBvlTCzrZ92sSMFJvQT7qCmxDTCkjCNKNMPcRCCIgjzgAcJ2dpYi1g242El3fWD2SL34Hak8WE2Q0HwgXCcLIEtTFxJe82WD_jqBavdl9C3AwIYNMe6kLKOMMPC21wtNaH0_XSJBkZhmteTJKpeff0ARmCN4hxt-nzoKNibtUzOtqwv07KJqcUIVU0E8L5RcnIUHY767UnF9oiTVBfA_M7L-hz852bABMH2hf6CApIFBAgEGAGSBQQIBRgEoAYCgAeOjv6KAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDGjxfSCAkIgOGAEBABGB-ACgHICwHYEwyyFxoKGAgAEhRwdWItOTg2MjY2NTE2OTgzMzU4Ng&sigh=OkoalE99bN0&tpd=AGWhJmvh6MOV0XycbJQTBjvocAnBuplim1U2i0OVoLYHhKQxuA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1617335938&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938117&bpp=1&bdt=334&idt=119&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9mxMa4oAvZ&p=https%3A//sudaneseonline.com&dtd=123
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 02 Apr 2021 03:58:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F2F1 143 B
165 B 8ms
5ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938116&bpp=1&bdt=333&idt=105&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sXL8UIMnJk&p=https%3A//sudaneseonline.com&dtd=111
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmjJp0P6RwSFO832RdFr6l62xfJpaV5iB2T93izfobt0aeUBLqtuBbbjZvD9rI; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=3758595536&adf=4242385838&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938116&bpp=1&bdt=333&idt=105&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sXL8UIMnJk&p=https%3A//sudaneseonline.com&dtd=111

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 02 Apr 2021 03:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2138
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F150 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d474fa2e36150bdfb1f8a4102b239c0a193c704395660524ce7101aacaa5714b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 12486491901237122246
tpc.googlesyndication.com/simgad/ Frame 6CDE 36 KB
36 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12486491901237122246?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlr01_Ipn872gyoPBgCKLGQNTFQ3g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=162&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kPdwBrooGd&p=https%3A//sudaneseonline.com&dtd=165

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fedc05eac7cdae88d50076bbbb63b1d3de35d8fa9421ce91ae2fcebb32af6bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 12:10:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 08:17:32 GMT
server: sffe
age: 56919
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36673
x-xss-protection: 0
expires: Fri, 01 Apr 2022 12:10:19 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/ Frame 6CDE 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=162&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kPdwBrooGd&p=https%3A//sudaneseonline.com&dtd=165

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 8094203328658613728
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:43:05 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 6CDE 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=162&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kPdwBrooGd&p=https%3A//sudaneseonline.com&dtd=165

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:53:48 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6CDE 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=162&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kPdwBrooGd&p=https%3A//sudaneseonline.com&dtd=165

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:58:58 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 6CDE 13 KB
5 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=162&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kPdwBrooGd&p=https%3A//sudaneseonline.com&dtd=165

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:36:34 GMT

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 6CDE 25 KB
10 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=162&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kPdwBrooGd&p=https%3A//sudaneseonline.com&dtd=165

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f08484455172d31ef5c551a8228f73cd46f334707d09677aa3e53d73483a8c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 20:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10479
x-xss-protection: 0
server: cafe
etag: 5380568613746674957
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 20:00:57 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6CDE 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIpeAgpZmYL-YEtObgQe6_6YIs5nljWK0pfy5ow2WnqqBjw4QASCKgcADYJUCoAGt3IqIA8gBAqgDAcgDyQSqBOEBT9C1rHA88KL_SCHfcjKWA3VKvElhZgQ1wL3yx9h9V7YazB2ZXuS9AYF4EZJXQGdFB0hWF3wTGtltugvHW8EqOsA8C5tU2u0c23NzpQtzeONGP7Qt8RnwuVM5uMLGeJU8G0qDzcZXAkhb1D6oHyg0xcNI1RaLTz2paf0k8T95GQwPU2Tebg7PqOXiau0rgGsmY1_616gveJ4dnLXm-TgpUSnGU5okuX5bP1RiNgfrSnGEPsKYVec-pMyQPGr0UD7K0H28HjmOiVUKs2tBGKFOycCaq2eaNno4GboCTa5aSbykwAS5ts3gtgOSBQQIBBgBkgUECAUYBKAGAoAHgqbFaqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBComgbSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItOTg2MjY2NTE2OTgzMzU4Ng&sigh=S5IfSXDkJC4&tpd=AGWhJmtmADAb5XPWXtgxXxyV9Pjt_laKxuJ0wAR-k-_x54JWCw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=162&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kPdwBrooGd&p=https%3A//sudaneseonline.com&dtd=165

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=162&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kPdwBrooGd&p=https%3A//sudaneseonline.com&dtd=165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 02 Apr 2021 03:58:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2BCA 143 B
165 B 9ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=130&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ry2gytiTGQ&p=https%3A//sudaneseonline.com&dtd=134
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmjJp0P6RwSFO832RdFr6l62xfJpaV5iB2T93izfobt0aeUBLqtuBbbjZvD9rI; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=4236862856&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=130&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=353&ady=579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ry2gytiTGQ&p=https%3A//sudaneseonline.com&dtd=134

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 02 Apr 2021 03:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2138
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AB7C 143 B
165 B 7ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1617335938&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938117&bpp=1&bdt=334&idt=119&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9mxMa4oAvZ&p=https%3A//sudaneseonline.com&dtd=123
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmjJp0P6RwSFO832RdFr6l62xfJpaV5iB2T93izfobt0aeUBLqtuBbbjZvD9rI; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=250&slotname=3654242599&adk=1230168666&adf=414323073&pi=t.ma~as.3654242599&w=970&lmt=1617335938&psa=0&format=970x250&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938117&bpp=1&bdt=334&idt=119&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=348&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9mxMa4oAvZ&p=https%3A//sudaneseonline.com&dtd=123

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 02 Apr 2021 03:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2138
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 1EE7 247 B
788 B 129ms
36ms Document
text/html 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

741b6bf9d1aff7f3b68193020ff41c03c389568047d352393d7e57ef4dd11be9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/redir.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-z-7h1IlTLP8dQJtDafcNfA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 204
date: Fri, 02 Apr 2021 03:58:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame AFE2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d080111ee20d2a403859e70ecf8bdd5d9c7e45f78201d70662495a7482afaeea

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 1969110408003943459
tpc.googlesyndication.com/simgad/ Frame D036 54 KB
55 KB 8ms
8ms Image
image/gif 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1969110408003943459

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938125&bpp=1&bdt=342&idt=164&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ICg3oZKcQa&p=https%3A//sudaneseonline.com&dtd=166

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b11f3b368d1f7282f6dc4189d3e0cf1b4a16c65bd5c098a86ec17ae67fa50f95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 12:19:06 GMT
x-content-type-options: nosniff
age: 142792
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55772
x-xss-protection: 0
last-modified: Mon, 19 Oct 2020 08:14:06 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Mar 2022 12:19:06 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/ Frame D036 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938125&bpp=1&bdt=342&idt=164&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ICg3oZKcQa&p=https%3A//sudaneseonline.com&dtd=166

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 8094203328658613728
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:43:05 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame D036 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938125&bpp=1&bdt=342&idt=164&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ICg3oZKcQa&p=https%3A//sudaneseonline.com&dtd=166

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:53:48 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D036 118 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938125&bpp=1&bdt=342&idt=164&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ICg3oZKcQa&p=https%3A//sudaneseonline.com&dtd=166

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Fri, 02 Apr 2021 03:58:58 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame D036 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938125&bpp=1&bdt=342&idt=164&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ICg3oZKcQa&p=https%3A//sudaneseonline.com&dtd=166

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 03:36:34 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame D036 0
0 15ms
13ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSP6VVsAcv-cts4Htc2o70ZHw0hbsZvmLkCHXth69duQRopK-rbRnSSvkt1w1UIMQ9VJ45r
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938125&bpp=1&bdt=342&idt=164&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ICg3oZKcQa&p=https%3A//sudaneseonline.com&dtd=166
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame D036 25 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938125&bpp=1&bdt=342&idt=164&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ICg3oZKcQa&p=https%3A//sudaneseonline.com&dtd=166

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f08484455172d31ef5c551a8228f73cd46f334707d09677aa3e53d73483a8c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 20:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10479
x-xss-protection: 0
server: cafe
etag: 5380568613746674957
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 20:00:57 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame D036 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cr7--gpZmYPThEpbqgAehpZu4C7yt9dNfm6buhscM2tkeEAEgioHAA2CVAqABmu6qvwPIAQOpAvH1V_kmw7M-qAMByAPJBKoE7wFP0DZVdXntYZGT2N_AQH_4-zkVT31qtgmFYYG5kFY2U5umk7Noxpu5OraxX2EJ7g9WdXvHMqozHOP2Ac35C8EphU4sBg-fXMiZTQztFrRCQB1JhZs44bNasoME4PaUFGkSZuIQ1MloF9dLt7Zmc8MRLQ8K_cnCZ5DKptW0eRF2X49Mg1g7abjtW45TcmWvwqr6CiplFcRbJ8AIJ2HgRmJWgHkmVZZU-5Exh_4AO7JQhMx73zrZ4YnC7oYsopsVboNnw8ICw4pPvvSt0IZZamMh48AJant68FiaSfWZfiWGuJrW7_zfDMwdtc98oJrd-8AEpo-slu4BkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgOAB86R1UCoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQx-YF0ggJCIDhgFAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTk4NjI2NjUxNjk4MzM1ODY&sigh=gmeXN7xcYHo&tpd=AGWhJmu-VLzwaWxrzyySTaUnheg-Iq6Wbqhy4P5A2NlXZ7CC8w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938125&bpp=1&bdt=342&idt=164&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ICg3oZKcQa&p=https%3A//sudaneseonline.com&dtd=166

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938125&bpp=1&bdt=342&idt=164&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ICg3oZKcQa&p=https%3A//sudaneseonline.com&dtd=166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 02 Apr 2021 03:58:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A17C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e68c3d944fb20d7f7b51eb587ba9aba743b2f3113752a70c25f645c86826133

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 67DA 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 17:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 02 Apr 2021 17:09:25 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 67DA 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 02 Apr 2021 13:07:30 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F9C7 143 B
169 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=162&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kPdwBrooGd&p=https%3A//sudaneseonline.com&dtd=165

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=162&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kPdwBrooGd&p=https%3A//sudaneseonline.com&dtd=165
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmjJp0P6RwSFO832RdFr6l62xfJpaV5iB2T93izfobt0aeUBLqtuBbbjZvD9rI; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=162&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kPdwBrooGd&p=https%3A//sudaneseonline.com&dtd=165

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 02 Apr 2021 03:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2139
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 7237 9 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 02 Apr 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7237 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 02 Apr 2021 13:07:30 GMT

GET
H2 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7237 186 KB
48 KB 39ms
13ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 03:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Apr 2021 03:58:59 GMT

GET
H3-Q050 200 300x250.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/ Frame 7237 56 KB
10 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/300x250.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4da3a779e79e6432ea996cd1a064704d26fe43421305b7795b87d21d3931a58d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 237587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8583
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Tue, 30 Mar 2021 09:59:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 09:59:12 GMT

GET
DATA 200
OK truncated
/ Frame 6CDE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 766ea0430e5a66097b51276e5f4a334d5a6a81b303f2a70451c07945cb51d056

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7618 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938125&bpp=1&bdt=342&idt=164&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ICg3oZKcQa&p=https%3A//sudaneseonline.com&dtd=166

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938125&bpp=1&bdt=342&idt=164&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ICg3oZKcQa&p=https%3A//sudaneseonline.com&dtd=166
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmjJp0P6RwSFO832RdFr6l62xfJpaV5iB2T93izfobt0aeUBLqtuBbbjZvD9rI; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938125&bpp=1&bdt=342&idt=164&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ICg3oZKcQa&p=https%3A//sudaneseonline.com&dtd=166

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 02 Apr 2021 03:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2139
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D036 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d3a579a48162679f04b0c5774f7837e455281c771a25809ec8f07f9e7d6f892

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F2F1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
156 B

14ms
14ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmjJp0P6RwSFO832RdFr6l62xfJpaV5iB2T93izfobt0aeUBLqtuBbbjZvD9rI; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Apr 2021 03:58:59 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 02-Apr-2021 04:58:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:58:59 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Apr 2021 03:58:59 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 CTA.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame 7237 1 KB
1 KB 12ms
11ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/CTA.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c2744fe747215e6a27c0eddb2b548eba36d35c5baa0a8b856ccf56a5c31d2ec

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 842
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1183
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Fri, 02 Apr 2021 03:44:57 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 03:44:57 GMT

GET
H3-Q050 200 iframe.html Show response
p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 1EE7 7 KB
3 KB 98ms
60ms Document
text/html 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

dda23fcf1ec1da46779b40508cee9100e7cd6a8af7a6681efde371005fb579b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-9q5tcChFGWCvrvTojPuspg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 2424
date: Fri, 02 Apr 2021 03:58:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 25 Feb 2021 15:45:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2BCA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

14ms
14ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmjJp0P6RwSFO832RdFr6l62xfJpaV5iB2T93izfobt0aeUBLqtuBbbjZvD9rI; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Apr 2021 03:58:59 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 02-Apr-2021 04:58:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:58:59 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Apr 2021 03:58:59 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AB7C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

16ms
16ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmjJp0P6RwSFO832RdFr6l62xfJpaV5iB2T93izfobt0aeUBLqtuBbbjZvD9rI; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Apr 2021 03:58:59 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 02-Apr-2021 04:58:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:58:59 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Apr 2021 03:58:59 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 67DA 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 10692
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 02 Apr 2022 01:00:47 GMT

GET
H3-Q050 200 F3_Txt3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ Frame 67DA 1 KB
1 KB 10ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/F3_Txt3.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef1743d7ecaff93a0742d46ead9ade262310002b5a0a0aea5c7e60c41f4f79e2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 117882
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1390
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 07:12:55 GMT
server: sffe
date: Wed, 31 Mar 2021 19:14:17 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Mar 2022 19:14:17 GMT

GET
H3-Q050 200 F3_Txt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ Frame 67DA 1 KB
1 KB 12ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/F3_Txt2.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733911fd56dc678a672e7a1c2ad77086a0ab395e6c8f37c5fca573f80c37fbfa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 243678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1194
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 07:12:55 GMT
server: sffe
date: Tue, 30 Mar 2021 08:17:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 08:17:41 GMT

GET
H3-Q050 200 F3_Txt1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ Frame 67DA 1 KB
1 KB 11ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/F3_Txt1.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3225f1c2c5c5c624d06f7fbd04a3559c2c6ec8c01c59aeccd3a5c34b04c3340

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 243678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1187
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 07:12:55 GMT
server: sffe
date: Tue, 30 Mar 2021 08:17:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 08:17:41 GMT

GET
H3-Q050 200 ball.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ Frame 67DA 5 KB
5 KB 20ms
16ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ball.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df7b86a63a96e5f00d5b055b5055708e5625d2cb3f3c4a4b4dc14885d95e58fa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 243678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5322
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 07:12:55 GMT
server: sffe
date: Tue, 30 Mar 2021 08:17:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 08:17:41 GMT

GET
H3-Q050 200 Grass_Effect.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ Frame 67DA 5 KB
5 KB 19ms
16ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/Grass_Effect.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c4e63ec7c9b7b4946df769f2604d682c98f536767e0a123166c895ef6301ebc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 243678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5095
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 07:12:55 GMT
server: sffe
date: Tue, 30 Mar 2021 08:17:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 08:17:41 GMT

GET
H3-Q050 200 Grass.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ Frame 67DA 14 KB
14 KB 19ms
15ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/Grass.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da7a28b8cf91c923184f37de5ae22d51b3d0a9d2d7d58f822ccb3a75676b376c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 243678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13909
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 07:12:55 GMT
server: sffe
date: Tue, 30 Mar 2021 08:17:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 08:17:41 GMT

GET
H3-Q050 200 F1_Logo_and_txt.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ Frame 67DA 2 KB
2 KB 18ms
15ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/F1_Logo_and_txt.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

376e8069d2d5700265be45d8f62f4f55a634ee083f984d2f44710cf0d002cd4e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 243678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1970
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 07:12:55 GMT
server: sffe
date: Tue, 30 Mar 2021 08:17:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 08:17:41 GMT

GET
H3-Q050 200 Shoe.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ Frame 67DA 5 KB
5 KB 18ms
14ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/Shoe.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c070741116c73bb0ad1bf03cb60609169c8d31b6de153d846b6441d725d7a950

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 243678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4937
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 07:12:55 GMT
server: sffe
date: Tue, 30 Mar 2021 08:17:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 08:17:41 GMT

GET
H3-Q050 200 Shoe_neu.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ Frame 67DA 967 B
998 B 17ms
14ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/Shoe_neu.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2960b29d6e0e27f24c757b9ab2f2a7a0416be7fd24960c1ab11b90b478c02210

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 243678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 967
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 07:12:55 GMT
server: sffe
date: Tue, 30 Mar 2021 08:17:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 08:17:41 GMT

GET
H3-Q050 200 T_Shirt.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ Frame 67DA 9 KB
9 KB 15ms
12ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/T_Shirt.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

418b3960485d1ac8cf5eafc18db59fa8ef426837a1728f50633e6937d1a0a63e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 243678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9223
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 07:12:55 GMT
server: sffe
date: Tue, 30 Mar 2021 08:17:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 08:17:41 GMT

GET
H3-Q050 200 T_Shirt_Parchentage.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ Frame 67DA 1 KB
1 KB 15ms
11ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/T_Shirt_Parchentage.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1422e90fc80e1de773e8a80f21200da732fe37d3ae861a41411b41028a0c34c8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 243678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1026
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 07:12:55 GMT
server: sffe
date: Tue, 30 Mar 2021 08:17:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 08:17:41 GMT

GET
H3-Q050 200 Big.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ Frame 67DA 659 B
690 B 28ms
24ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/Big.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

306c307cb20fbcd07e76b834821704af40b01c334f115f8761c672bf2f6e7db4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 243678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 659
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 07:12:55 GMT
server: sffe
date: Tue, 30 Mar 2021 08:17:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 08:17:41 GMT

GET
H3-Q050 200 F2_Ctb.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ Frame 67DA 1 KB
1 KB 27ms
24ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/F2_Ctb.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aa6ba1c509151f429b9b50f0c78df2bd3a938b38c716f7d138323d59cebb09

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 243678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1431
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 07:12:55 GMT
server: sffe
date: Tue, 30 Mar 2021 08:17:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 08:17:41 GMT

GET
H3-Q050 200 Small.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ Frame 67DA 8 KB
8 KB 26ms
23ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/Small.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d20958fe33b79a2a0a341353b5512b67a82ed4ac3975e7b5434393424bc4114

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 243678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8239
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 07:12:55 GMT
server: sffe
date: Tue, 30 Mar 2021 08:17:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 08:17:41 GMT

GET
H3-Q050 200 F2_Stick.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ Frame 67DA 3 KB
3 KB 26ms
23ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/F2_Stick.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0d7b4f23692033521ee722734ea78b70d15c0c77e69bb44b49bbd6de357597

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 243678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3097
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 07:12:55 GMT
server: sffe
date: Tue, 30 Mar 2021 08:17:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 08:17:41 GMT

GET
H3-Q050 200 F2_Neu.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ Frame 67DA 969 B
1000 B 25ms
22ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/F2_Neu.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

647ca28809fbb72311ec5f5c83e0031b7835ab5e22529909865589adeb7c6f8c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 243678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 969
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 07:12:55 GMT
server: sffe
date: Tue, 30 Mar 2021 08:17:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 08:17:41 GMT

GET
H3-Q050 200 F1_Stick.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ Frame 67DA 7 KB
7 KB 24ms
22ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/F1_Stick.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6f242c2401b0bbc39eafd4d8f4034d9fcd5672e6ec601778c1698277b9afda2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 243678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7148
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 07:12:55 GMT
server: sffe
date: Tue, 30 Mar 2021 08:17:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 08:17:41 GMT

GET
H3-Q050 200 120x600_BG.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/ Frame 67DA 6 KB
7 KB 22ms
20ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1693763440430468214/120x600_BG.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839602a4885dfa8161674e53e0d4eb4db545f20eb1914009d59c070193a836e8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 243678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 07:12:55 GMT
server: sffe
date: Tue, 30 Mar 2021 08:17:41 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 08:17:41 GMT

GET
H3-Q050 200 CTA_blanc.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame 7237 1 KB
1 KB 21ms
19ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/CTA_blanc.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eebf35211143c8364122917c63490e1f22a4ca895a8e50e1f3ab840943cbcec

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 509238
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1183
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Sat, 27 Mar 2021 06:31:41 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Mar 2022 06:31:41 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F9C7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

52ms
45ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=162&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kPdwBrooGd&p=https%3A//sudaneseonline.com&dtd=165

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmjJp0P6RwSFO832RdFr6l62xfJpaV5iB2T93izfobt0aeUBLqtuBbbjZvD9rI; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Apr 2021 03:58:59 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 02-Apr-2021 04:58:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:58:59 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Apr 2021 03:58:59 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame FF1B 14 KB
6 KB 13ms
5ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=280&slotname=4035717796&adk=3749310642&adf=392376537&pi=t.ma~as.4035717796&w=336&lmt=1617335938&psa=0&format=336x280&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938118&bpp=1&bdt=335&idt=162&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&xpc=kPdwBrooGd&p=https%3A//sudaneseonline.com&dtd=165

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 10692
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 02 Apr 2022 01:00:47 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7618
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

15ms
14ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938125&bpp=1&bdt=342&idt=164&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ICg3oZKcQa&p=https%3A//sudaneseonline.com&dtd=166

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmjJp0P6RwSFO832RdFr6l62xfJpaV5iB2T93izfobt0aeUBLqtuBbbjZvD9rI; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Apr 2021 03:58:59 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 02-Apr-2021 04:58:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 03:58:59 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Apr 2021 03:58:59 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 7237 14 KB
6 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 10692
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 02 Apr 2022 01:00:47 GMT

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 95BF 14 KB
6 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=700&slotname=8647246999&adk=90918906&adf=3709146430&pi=t.ma~as.8647246999&w=135&lmt=1617335938&psa=0&format=135x700&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938125&bpp=1&bdt=342&idt=164&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2e41d7708952adca-2218e81f44a7003d%3AT%3D1617335938%3ART%3D1617335938%3AS%3DALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ&prev_fmts=0x0%2C468x60%2C135x700%2C970x250%2C336x280%2C336x280&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1460&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ICg3oZKcQa&p=https%3A//sudaneseonline.com&dtd=166

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 10692
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 02 Apr 2022 01:00:47 GMT

GET
H3-Q050 200 keyart.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame 7237 26 KB
26 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/keyart.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96df509716909d34da46ba6cb3070b1c2728ab80696b33c5b3b8e1de5c39aab9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 509494
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26327
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Sat, 27 Mar 2021 06:27:25 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Mar 2022 06:27:25 GMT

GET
H3-Q050 200 logo1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame 7237 1 KB
1 KB 11ms
10ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/logo1.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93145f73267d49fb0755c373ac2ce47a9e39866da0bf529443810b769d8d6b68

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 49587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1121
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Thu, 01 Apr 2021 14:12:32 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Apr 2022 14:12:32 GMT

GET
H3-Q050 200 logo2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame 7237 1 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/logo2.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8a74579fb64e402c0bf5ff5ab4c91a522f812ce8c082588e95e08d21eecc45b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 599016
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1504
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Fri, 26 Mar 2021 05:35:23 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Mar 2022 05:35:23 GMT

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame EC7E 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 01:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 10692
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 02 Apr 2022 01:00:47 GMT

GET
H3-Q050 200 tableau1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame 7237 21 KB
21 KB 7ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/tableau1.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46b665aec587754215aca2c2e84218bef73ed2bb059fed084caef1df300a0008

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 177767
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21091
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Wed, 31 Mar 2021 02:36:12 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Mar 2022 02:36:12 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 398D 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFY7mgpZmYJLzDZKvx_AP5r6vsAbQ8d7nYfCY1NacDbCQHxABIIqBwANglQKgAbn6vuQCyAECqQLx9Vf5JsOzPqgDAaoE6AFP0ATIM4rfhNSPqqSvLJecAUmuO0mmwK_iZlP6bRaJMMz8py6-Vb_a45WJpF-12cRxxTeknAyDypaJMZAjBfuH_xBJwndDT5FOF0lJHk2LCXhMT4n4OR_VDZv5WwEv4nonUiGkZeUU9dE7aN3Ucwk7nsqdOKgwPaV_SDBENVeDsHsM6wP8_9eTu24QL-zjdx23or2zRpFbsaExEtouXAY8u0_6lcdjO5iFpOvh53pxua38xIA4b27-0Bbv0ASYMJobSPtgAvBJ0ZPSqyAyeegDIxmEF5XJSW4_VagIiG61lDnrbrqbGTOewAT8yMfavgOgBgKAB6-FwZsBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEPecAdIICQiA4YAQEAEYH4AKAcgLAdgTA7IXGgoYCAASFHB1Yi05ODYyNjY1MTY5ODMzNTg2&sigh=i3US2zpMPKc&vt=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9862665169833586&output=html&h=60&slotname=9323921525&adk=2256891426&adf=3771979299&pi=t.ma~as.9323921525&w=468&lmt=1617335938&psa=0&format=468x60&url=https%3A%2F%2Fsudaneseonline.com%2F&flash=0&wgl=1&dt=1617335938113&bpp=3&bdt=330&idt=94&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3040851601086&frm=20&pv=1&ga_vid=113016707.1617335938&ga_sid=1617335938&ga_hid=1163485917&ga_fc=1&ga_cid=1199967708.1617335938&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2927676000470857&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JkgphflQZO&p=https%3A//sudaneseonline.com&dtd=99
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 02 Apr 2021 03:58:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 398D 42 B
155 B 16ms
15ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUxmkWH-ZjeOg4ZScz-Ky3CdkSm6ugazM6Pe1DFxOwk2LqWA2Dkt4Wt3u0dP7E2km-OVKGaiSRHt-JXZLJsG-Ze9vLIEV4j0VClWsOzU6ti65d3azHE207Qy3TlA&sai=AMfl-YQvtlmBaxRuWZjzalDjVb-xTOMf_emjds2-SrbJtX7cj4div67aNrwTJwg5e6Q9RP_75P6Q4zklMRdg&sig=Cg0ArKJSzBgdHXYXP2kBEAE&id=osdim&mcvt=1000&p=0,586,58,1054&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210331&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2256891426&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617335938213&dlt=199&rpt=55&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:58:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 tableau2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame 7237 32 KB
32 KB 13ms
13ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/tableau2.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc8904cf494c040131cf5c61ed0ee8b3af200a356ea113a3e54a4d7c798159d3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 599016
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32960
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Fri, 26 Mar 2021 05:35:23 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Mar 2022 05:35:23 GMT

GET
H3-Q050 200 tableau3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame 7237 13 KB
13 KB 7ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/tableau3.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aeceef378724433f1a66549d593a39a79cf997c78cbde925187be550d58ee68

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 179007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13398
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Wed, 31 Mar 2021 02:15:32 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Mar 2022 02:15:32 GMT

GET
H3-Q050 200 tableau4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame 7237 23 KB
23 KB 7ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/tableau4.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c80da8eb6e9150d66697643e8d59db022fd32060461f75d428bf63687c5b38de

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 80090
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23527
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Thu, 01 Apr 2021 05:44:09 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Apr 2022 05:44:09 GMT

GET
H3-Q050 200 txt1_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame 7237 476 B
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/txt1_1.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dd6350825500b6c6cd37e595e90cfbde94471edb412b60765d86b1e238aa6c8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 516345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 476
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Sat, 27 Mar 2021 04:33:14 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Mar 2022 04:33:14 GMT

GET
H3-Q050 200 txt1_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame 7237 600 B
720 B 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/txt1_2.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa42c00f4e7bda83e89b338ec4aa0d511f6c0148264743615cca2477357dd08b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 190541
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Tue, 30 Mar 2021 23:03:18 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 23:03:18 GMT

GET
H3-Q050 200 txt1_3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame 7237 873 B
956 B 6ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/txt1_3.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65cb276688e651b73730817cf765a5ff0dcf7e6d4bfde56a300049a80bb531dc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 569284
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 873
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Fri, 26 Mar 2021 13:50:55 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Mar 2022 13:50:55 GMT

GET
H3-Q050 200 txt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame 7237 1 KB
1 KB 6ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/txt2.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7aa0cbcb88af656c2d1c38409d4e76618fdef545d6612cf9689ff688fa7f5525

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 218656
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1216
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Tue, 30 Mar 2021 15:14:43 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 15:14:43 GMT

GET
H3-Q050 200 txt3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame 7237 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/txt3.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

572e29bba4425be2b621a357ce43f5388bbc52f4e23ce145cc71a530ccc8ae7a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 190541
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1273
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Tue, 30 Mar 2021 23:03:18 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 23:03:18 GMT

GET
H3-Q050 200 txt4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/ Frame 7237 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4289431202364580801/images/txt4.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac5b62e1eede76e411958a7768e2b6e18dd5b07968bd8e5eda42e73d81623ed8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 12646
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1362
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 17:54:18 GMT
server: sffe
date: Fri, 02 Apr 2021 00:28:13 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 00:28:13 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F150 42 B
66 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5S8eYGwr3xjIY_hAAc5lu2ZNGMxLvuP6tUrrqVgl3bOCKPWrwh9YeGr9uNjHIvTq9zSRgKQlgpDCZ9aCyesMhd0UAzGiFgVPWbXALxvKjOs2InvNoGg1fdprEWQ&sai=AMfl-YR-swv0UqW_SRMacwV8Je6Gwkn1SJTh_T0YTIn0PsPC57H9D1bAG8SqJ6jVLfhP2WnPil0GYm78PqC7&sig=Cg0ArKJSzKzshrGbIQtSEAE&id=osdim&mcvt=1001&p=112,11,787,146&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210331&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3758595536&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617335938228&dlt=404&rpt=44&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:58:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A17C 42 B
89 B 17ms
15ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstz4DxaFhlmOC3yrG1Ej3AO6u0ha7XzvNQauhFbyM3-12wvV57epB2hrWeNpeD3mD7Sn0TfzWMvCzib7bEZu2T6evEmQav5pOAvyxMrHGWDVj0upkTEqlGyKuYuSA&sai=AMfl-YTdzN6pTMgO7aklf34ozrD5E3KYsoa5tg48cuH_ad4Q2SuKw3QhAIctRbdasdsKzKAEv0lWudQZ4ixk&sig=Cg0ArKJSzKHLF7EvSMihEAE&id=osdim&mcvt=1000&p=111,348,361,1318&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210331&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1230168666&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1617335938241&dlt=289&rpt=33&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:59:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D036 42 B
66 B 22ms
22ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsus3lFobQnzF415RYedfuTiH-Kf5nFWQ0Gn8ScJzXziE_K8w2boX9Sl0ZQaEC2pwJnUM-h9EyUuhrQiPOJKM6Lg5tMOXLbyA4kTkILlxjrJ_57enIGQ3Bunl0PmGT0Kk_bFKpn-045-NFgEyMkpMuJJ&sai=AMfl-YTOBFuZ-yqvjsjrv52164tTrhozJKLxkCcjFmZkTeRLgVE83NjUbOs7GNQ7LVLtPHPLz0QwYd8846XvDz760z24ZHt21Q9jnoDakIObrntv2Rtv7PEYsdARjPRG0FI&sig=Cg0ArKJSzJRfQnrDhx28EAE&cid=CAASPeRoXGr5aIUQSutS3smZcPASy3rRMrg_sdW8q-O8rMFgrXDgpD0Tkom5SAhXHHsCiI_fd6zMiYCVmlJVqt0&id=osdim&mcvt=1001&p=101,1460,776,1595&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210331&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=90918906&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617335938292&dlt=476&rpt=2&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:59:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-287818-i1-v6exp3-ds.metric.ipv6test.com/v6exp3/ Frame 1EE7 35 B
410 B 72ms
13ms Image
image/gif 2001:4860:4802:32::3e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-287818-i1-v6exp3-ds.metric.ipv6test.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::3e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:59:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-287818-i2-v6exp3-ds.metric.ipv6test.net/v6exp3/ Frame 1EE7 35 B
410 B 65ms
15ms Image
image/gif 2001:4860:4802:32::3e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-287818-i2-v6exp3-ds.metric.ipv6test.net/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::3e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 03:59:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: http
URL: https://http//www.sudaneseonline.com/uploadpic14/mar/1016333_488823897867823_1875840390_nsudan1sudan.jpg

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:15:39	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 02:37:11	Name: IDE Value: AHWqTUmjJp0P6RwSFO832RdFr6l62xfJpaV5iB2T93izfobt0aeUBLqtuBbbjZvD9rI
.sudaneseonline.com/	1970-01-19 17:15:36	Name: __utmt Value: 1
.sudaneseonline.com/	1969-12-31 23:59:59	Name: __utmc Value: 24067384
.sudaneseonline.com/	1970-01-20 10:46:47	Name: __utma Value: 24067384.113016707.1617335938.1617335938.1617335938.1
.sudaneseonline.com/	1970-01-19 17:58:47	Name: __cfduid Value: dc32bb24341f83acf6795f6d846ce2ebc1617335937
.sudaneseonline.com/	1970-01-19 17:15:35	Name: _gat_gtag_UA_115921305_1 Value: 1
.doubleclick.net/	1970-01-19 17:15:36	Name: test_cookie Value: CheckForPermission
.sudaneseonline.com/	1970-01-20 02:37:11	Name: __gads Value: ID=2e41d7708952adca-2218e81f44a7003d:T=1617335938:RT=1617335938:S=ALNI_MaPXosvvHkMG-Cecq1BxMx8naHYnQ
.sudaneseonline.com/	1970-01-19 17:15:37	Name: __utmb Value: 24067384.1.10.1617335938
.sudaneseonline.com/	1970-01-19 17:15:35	Name: _gat Value: 1
.sudaneseonline.com/	1970-01-20 10:46:47	Name: _ga Value: GA1.2.1199967708.1617335938
.sudaneseonline.com/	1970-01-19 21:38:23	Name: __utmz Value: 24067384.1617335938.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.sudaneseonline.com/	1970-01-19 17:17:02	Name: _gid Value: GA1.2.1812004523.1617335938

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=505
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=510
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=10
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/sdb/2bb.cgi?seq=rss2&board=30
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=15
console-api	log	(Line 13) Message: url_feed:: https://sudaneseonline.com/cgi-bin/esdb/2bb.cgi?seq=rss2&board=12

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
a.top4top.io
a7sas.net
adservice.google.com
adservice.google.de
ajax.cloudflare.com
bp1.blogger.com
c.top4top.io
c.top4top.net
code.jquery.com
connect.facebook.net
d.top4top.io
g.top4top.io
google-analytics.com
googleads.g.doubleclick.net
http
i.ibb.co
i.pinimg.com
i.postimg.cc
i.top4top.io
p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-287818-i1-v6exp3-ds.metric.ipv6test.com
p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-287818-i2-v6exp3-ds.metric.ipv6test.net
p4-c4i4eqwbrle24-zi57iurmdqjxr2hx-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
s-media-cache-ak0.pinimg.com
s0.2mdn.net
ssl.google-analytics.com
stats.g.doubleclick.net
sudaneseonline.com
tpc.googlesyndication.com
upload.wikimedia.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.sudaneseonline.com
www.sudanesesongs.net
www13.0zz0.com
xslt.alexa.com
http
142.250.185.98
142.250.186.35
146.59.152.166
163.172.219.20
163.172.24.234
163.172.59.20
195.154.113.3
2001:4860:4802:32::3e
2001:4de0:ac18::1:a:1a
2606:4700:20::681a:b2e
2606:4700:3036::6815:1d27
2606:4700:3036::ac43:df38
2606:4700::6810:a823
2620:0:862:ed1a::2:b
2a00:1450:4001:801::2002
2a00:1450:4001:802::2008
2a00:1450:4001:802::200e
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2006
2a00:1450:4001:812::2004
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9b
2a02:26f0:6c00:294::1931
2a02:26f0:6c00:2ac::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
5.135.83.165
51.158.146.105
65.9.98.23
66.7.219.146
03652ccf25e11afea2e0d5e0a443cbe2b7a201a567d1f9e83d152921b80ebcbb
06b683609a410f8c005dd4b27a0a660b5304d31b0e5614b95ea3ae02cd1b8072
0b83a35c88034d12ffbc9bf20014d8094e15062b3975bec6967a161e1663667e
0b8f2c815b29a22692ff010e8185dabd533fd50b99222fed22917577a26aac02
0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd
0f6e6582296b1d29ca0bc18449883ee26d4791a204a2d8a4aa3396465209e5aa
0ffb5e6a9625ae55529682bcb47bc148799f92f6c4b9aa7b959d0ecba3031b99
1137d4c1e3478a9652bd6ca78e55ed48335bd330a209cd4ef45d1c54bf8d6c8d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1422e90fc80e1de773e8a80f21200da732fe37d3ae861a41411b41028a0c34c8
14853238491d117e296eb02408cfa5fdb8c28a055c0901266a1be85a6edfbe97
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
16aa6ba1c509151f429b9b50f0c78df2bd3a938b38c716f7d138323d59cebb09
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18a0f425e7929f0e35040c31fa34d0ac3584eea98b70d632a2da71554b827583
1aeceef378724433f1a66549d593a39a79cf997c78cbde925187be550d58ee68
1c96124814e935910ba08bae08c20f8ffe66d0653f82935908732b390ecb229d
234e58e81d77759daf07d771662c4e4b7711301f3a867a8bbf78651dfc13c2f6
256c5f4cee027a6108043883db67b4bda1cfae5ce0a5bf0186f5cfcc444acf11
2960b29d6e0e27f24c757b9ab2f2a7a0416be7fd24960c1ab11b90b478c02210
2961b3db2b46da7335a7b966b4503e9c698b31721b54d65ce1b93c5662447624
2b0d7b4f23692033521ee722734ea78b70d15c0c77e69bb44b49bbd6de357597
2c2744fe747215e6a27c0eddb2b548eba36d35c5baa0a8b856ccf56a5c31d2ec
2d0ed65db95ee9a4db6cfc439c2cfd35b8562cd082357fd24bd4ee7e903768cc
2d20958fe33b79a2a0a341353b5512b67a82ed4ac3975e7b5434393424bc4114
2eebf35211143c8364122917c63490e1f22a4ca895a8e50e1f3ab840943cbcec
2ff79e8330c623cdf29f94e252633740694a3b4cfd77192daaafd8cd04ab0bb0
306c307cb20fbcd07e76b834821704af40b01c334f115f8761c672bf2f6e7db4
32fa7e85ea88adbee3751fc1578bf4a4a7d2e77983e95ab49468552d97ffa79b
341c395990c70eca9478ceddb6012b07c34db8cdc0e937583df1421101a89e19
34bf4ec3eca0adc00a246b829f90f947845d914d89cfa0a0d6de663628449a67
372d04f407947fdd808207dde54cf389d2535f566ea1b0cbd6dea35faf41e80c
376e8069d2d5700265be45d8f62f4f55a634ee083f984d2f44710cf0d002cd4e
37a22473a96e2b728d75e3c6fd9a55becdfc77a1277e556644fe3c8e27ea4884
39dd2de0700433f2734f0647fea044e3852e5f1c1a6ae93d77a914082692d719
39e1eb70c16924f1b2f50527055bdabe1ba58f477d93697ad65fd02c1067bfbd
3a93ef00953b3e0bb2630ec5215478b1ae00d8abc6ea36e8ce4670e770d5b984
3e035d5e3d092548b462fd177a9c7dc6d57a8d8e2abda9e4821dbff185642699
3ee8d8b06746f8b511aa0c99595d1d54dd92763e757de2f421c6d5b8d5d07551
4130840cd3b4551d245f902798f99c85267091b851a6d4b389c35af04f9789f5
418b0eae7ec35a77851857b27f9dd21d36c3b07b4a88f18793590711a0c2ef78
418b3960485d1ac8cf5eafc18db59fa8ef426837a1728f50633e6937d1a0a63e
41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2
4240475704d5c6560364fd97b581ab0a38024b705ec7c4e41e100c4ed8f97792
42a44a6d6f4dcdee54f60924136722bcf67590d288cd2a6b1cbb3b49d5828a51
44ee71e696fe091e38c4aa03f322759838e37aad33d2e56b9a48da1dbc32c8ac
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
46b665aec587754215aca2c2e84218bef73ed2bb059fed084caef1df300a0008
4838de5492f836d9565c73beeecad18332c0fd02fca68348eaff0b366793f565
4acb96597935ff9c2d4e6cc88b0c2c7aaee3eceb17530e5df20810a5748f05fd
4da3a779e79e6432ea996cd1a064704d26fe43421305b7795b87d21d3931a58d
547ac2b7bf734f40cc994c11bbe5643fb7ae0f86442b53694a73a2b7bc550b53
553184002d49f3197d581f56de0f8ab37d66f0ae73c3f3faa363ac26c56b02e0
56583d7365641d0274d83f874ccdc02fd4524a491f481ef968c962c10c61d3b4
572e29bba4425be2b621a357ce43f5388bbc52f4e23ce145cc71a530ccc8ae7a
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
5a9fd7b21dc6a10ecd891500b275827227ded1bc4da401d19806c1c432c6d2d5
5dd9e0556a9b71dde130bfac787e9b44c2984051006c106f27386f78859ec353
5e68c3d944fb20d7f7b51eb587ba9aba743b2f3113752a70c25f645c86826133
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f079e26fbfff5c587c5ba449f9e00eabb19510b044ef599626ae785a2aaf4ca
647ca28809fbb72311ec5f5c83e0031b7835ab5e22529909865589adeb7c6f8c
64f3b067421484c9019252a5926bc89033f4461c64bbd18c105ec81b1174c0f2
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
65cb276688e651b73730817cf765a5ff0dcf7e6d4bfde56a300049a80bb531dc
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6860842b1855988141a64c5b218a317410588fe180d6e6281819d127120f375d
6a08d58a4c5ab0e488bfd9e35d0f88a70c7d6d0dd992c90c522ea0682dfa0e9f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
719a9c5b70a7847cc11a4cbec622308f61315c4e849d91e3f156fe5790487f76
724e999373acde2068adc1a148b9fce57faed54dae3dd9edf30345c26bdeaaea
726bd300778a73b754dc044818565a6beefce02119a6399297c5fac84f3d1055
72a492fc88306b58b590d47f55feb08b11119d149db001980f20ad10846b21a2
72fea3fe50ffbc7bbf4648547ccf1a38ed660ec9971829aae72147845f44f81a
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
733911fd56dc678a672e7a1c2ad77086a0ab395e6c8f37c5fca573f80c37fbfa
733a90c78ebe6072cb5bff90bf028b9cba6e50d0570686265a30589570edb925
741b6bf9d1aff7f3b68193020ff41c03c389568047d352393d7e57ef4dd11be9
74d86cd524cb1da4d4ab46568f64f78c65f1e13fcc25c7789c9544d3c12476b2
756d7dfac4a35bb57543f677283d6c682e8d704e5350884b27325badd2b3c4a7
766ea0430e5a66097b51276e5f4a334d5a6a81b303f2a70451c07945cb51d056
7717de7e2e218e956580963a667c5899e3ea5653cbc1569152330429f38542b5
772029ffddff8892ab9484f7ac91a8a9d7e12d1edef3390dc336054184c880d3
78bd525dc317d47424279fbc7165201537c4bfe4c94c7f7c209a0685b6af281f
797c26f036647914a3edb42b47186fef5dea31a6d548fa4bf94917c7e17735a2
7aa0cbcb88af656c2d1c38409d4e76618fdef545d6612cf9689ff688fa7f5525
7be91ce97275c300ce632c8e46d84811da453937eb643aa48f63f723fef0153a
7d7af17d4ab24aeb00ee93394751160a184406d1f24800c5989d2696d2b25ef4
7dd6350825500b6c6cd37e595e90cfbde94471edb412b60765d86b1e238aa6c8
7ddadf329de63774f1dedde0cd0a01a422b46a93daa2b36c138f659be3f1ac11
7ee65ec4e6687e75cf0082dffb5a452a42d4353263efe439959072d89b7f437b
7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798
813ceb154a85f0bf408d7b973afdb38aa63d31fb8526518db74bd00ed5f5d082
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8371ca7726358d3088e19a1406a034d30cafa4fef366e69d959dd6a41822e9ff
839602a4885dfa8161674e53e0d4eb4db545f20eb1914009d59c070193a836e8
83c54916208ba4fec97b8c109dc1d26f5e2231ced12bee8032864c219b7d14e4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8568618df18202314a62419e94e30f4183c4878adb08066b1e76110173c16c1a
8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f
87867666f991ec72bfa960e68b44e88854c8e671fe757e90cabe0acf682c7881
87e4d94cc59e66cb725495384dea4b5321187489ff33a0fcb8397c2bdc54f85e
888b943c86fc505ab43c86b15d0d4e42256b28b4d76b2304498c921375d4f2fa
8d3a579a48162679f04b0c5774f7837e455281c771a25809ec8f07f9e7d6f892
8d3d5252c5c8636e3a85a58e8a925714c7cb17c8da2563ed39d2824d33833993
8dfce04e20664e11e151528f4f1ba4bb9e75f62c322c67964c70a1abde8db31b
90c82c9e14ac451c5d11c37c2cb997e262dde4b520a8065a2ec95670c0ec39fc
93145f73267d49fb0755c373ac2ce47a9e39866da0bf529443810b769d8d6b68
937750ffdd41b5079218f0c49ea4c86157c646130ca635c067d245800194dc04
96df509716909d34da46ba6cb3070b1c2728ab80696b33c5b3b8e1de5c39aab9
992388fbeff91f69ece1f2af28b26cd013db8135f58d8d05b96c9aecdc62a731
9a13b011e9cf328be85aed4cbc490581f7d184c7b990db5cd5cba2f00475f347
9c117e5ac0a809abdfd02e4dbb07ade68ccd5baf5e51c3ed994a59acc3896b7d
9c4e63ec7c9b7b4946df769f2604d682c98f536767e0a123166c895ef6301ebc
a153f3819c758754117e2a2c953c2003ecf1bc55ef9c8d0db6ba8969215ce1c6
a1da1d8959dd50050e604da05fb2b7d0cfe192858da48d19350df6723a9164e2
a2054b9637afdc9e1aab989d848708525c8e799cec87becb97c8702877a1e79b
a2c0e0a1bf8b3c57bd4825c24dbea2cb72bb0bf3127fc88970a982e5d7d6eebb
a4521c92c55fede90957d350c354bdbb5b8368f5e578f0f71c19346775a177b5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aab60f65d859d9459ded33c8dc9d4769db2dfbaa70d0afcc0891a0ed2f0d5b4e
ac0e8d13ec5f276feada45b806b85af037f734e0ee5a8aa7ce4b9e1e9110d5fc
ac5b62e1eede76e411958a7768e2b6e18dd5b07968bd8e5eda42e73d81623ed8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af52233ddb1c6b30807c0535345748f446ad7bb7d68879a1e36261d0c309269f
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b08da24a924529caa8e505459e52adc5602291ae750ce2cacbe91928c312b35a
b0b47fbe08813f2964de03684b90df90615e5591820069441e26471cf176fc0f
b112d143d0b935fa4c67ee13a697324083dee7bb17b2ae39edee1753e7160db7
b11f3b368d1f7282f6dc4189d3e0cf1b4a16c65bd5c098a86ec17ae67fa50f95
b18ed6ca4c98d8ef4e32f9bc82778ee7f52d3d645acff62107d7ead99036a3de
b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8
b7424084886bf2e837f20e0f6073d9c6db5843da74555c06635c0cf1928d6e4d
b86a5d34de3ccf02a5d9b86bf2357f2c8bda612eb44cb4990f5326bae68b3893
b96d52bbeaf4b1e8233c9f95a3c15219649eda5f59216c604241322f109f2c09
b985c9d61d3616f8cb9ae78e1658946c7f395b30d86c18af9e8f4acd137592c8
b9b22ee5c44be56ed8d9915f66fdc68649e6b6280facfc5416dec407f8362f4c
bc8904cf494c040131cf5c61ed0ee8b3af200a356ea113a3e54a4d7c798159d3
be3320dc4e3f9f68c6f001ac32d204b9d881de39e0895d6cfa094f2271b59b6a
bed02c16941497047a8e371f87ae9e0a594757ab219d9d6c96ead426c82c4062
c02ddc028251ce8b5aaf959bc6e90d6944467212439f5bf283dbbd99292c815f
c0621f56e27eaeb8da58aa598039a2c9adff987b864eb21745b3f7143b883a5c
c070741116c73bb0ad1bf03cb60609169c8d31b6de153d846b6441d725d7a950
c1005580aa64ecc161e55963e34a2a829a95a3446b9ab0a66d2b51d35413f203
c10af103c2513beba5a7397f609106745382adea54bd90b818fa6f4fe8781026
c3225f1c2c5c5c624d06f7fbd04a3559c2c6ec8c01c59aeccd3a5c34b04c3340
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6a0c91b4419ed4eb2ae73f0bca9e09c5826f122f9fdd4e9f9ff6e28f20c528c
c7359ac53adc88dae2f28ff7a0e9156dcb2d088c6b434d0c2946e9c5ec7a1dce
c80da8eb6e9150d66697643e8d59db022fd32060461f75d428bf63687c5b38de
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
ca48648f9bcb2c585c1360603216f36bd78c8af87d6f3d307d800ca2041f7c8a
cb2196aad794bd3bf5603f20bfdaad85a6b871b63ca69bed33b0a5f4ba046f96
cb7aec3a39788280b60d61e90de3e4b1644179fcc032af6cb842d8dbdc1c5c5f
cc8818d80104cdb8dffba62d276afcc8372799de2d76199c55c3c718f826b73e
ccd589c6f3c28f9ab95307472950b234952f43985cbcd75ced28d8f5ba06d42a
cd19302865a315df9a57552a585191f452efcbed7b0ab6b6569f4bebb764366e
cf35792bd7566a05f57299ebbf1a5e37f1df7a61893a3ec55ab99d18109d2eab
cf5f8602ddd688b3192c614d2ec643678944be422c98f2b7370423283ffa93e1
d04fd99985eba0f4d4a0db111704c4f4724ae4b6fce4eb08aa8a8ed0ab89213b
d080111ee20d2a403859e70ecf8bdd5d9c7e45f78201d70662495a7482afaeea
d15f56ad8410162f6486e3dddf17ace90b3b3dd10142d29a97d4f26a9b13f9b7
d2153367e1a045b1440397ee6fcb878464109f565b258f1b17f4d7a4b9da7c19
d28195e41be85d6a58735387a1a7cbec820bdf56ba8c3c74dfb71f5ae0abcfde
d470ab3f2efb2271564c86298b3139480369a7d8b85cc117631ae5714605d93a
d474fa2e36150bdfb1f8a4102b239c0a193c704395660524ce7101aacaa5714b
d536ac86bd42f483358b267bc5daf5cd150bb8c774c37b3b3c66b5d7dc6f0342
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6f242c2401b0bbc39eafd4d8f4034d9fcd5672e6ec601778c1698277b9afda2
d8535f1b381398d4053486b50f3b99b5b283f65adc65ed66c52fb74ad44f47a3
d8f6622cfbd9872f2fd15939125bf8c707180c7a1f3b885a0710eb0ac6cb18fd
da7a28b8cf91c923184f37de5ae22d51b3d0a9d2d7d58f822ccb3a75676b376c
dace0b688fb7896ea7323dd0aca11fa1f8bb943d100c40ab6d0a3b53860f85d5
dbf89db2d125549c513937d10e3af603d5aee8ec51bd14c318322c1dc2b97195
dd1665c06814cd2459affd4cc6aa2b48ac9229dee9bedfe1df7717056c9c732d
dda23fcf1ec1da46779b40508cee9100e7cd6a8af7a6681efde371005fb579b6
df7b86a63a96e5f00d5b055b5055708e5625d2cb3f3c4a4b4dc14885d95e58fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a74579fb64e402c0bf5ff5ab4c91a522f812ce8c082588e95e08d21eecc45b
e9e33a6e29e9d4852f65cefae0304e8b49a99724d3327c2ca3840ee432952bb1
eaafcf858dacd31ee94ea267b50975065796ba5aec12e2cc0d87d744e83a247f
eb77c1e984c822e951f8e7aacc8cb4007d0ab0aa0dcc4455f1dee2293ac5b9f0
ec8a8e48b21145b56b0420d53babc4c8175eca30b730a52486a308efd9854892
ed7d72de81ce28a49509b04006c99759ce51715d83f38fac7f58ee59313d028a
ef1743d7ecaff93a0742d46ead9ade262310002b5a0a0aea5c7e60c41f4f79e2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08484455172d31ef5c551a8228f73cd46f334707d09677aa3e53d73483a8c9c
f0c9e59fe4556a5ca7da317a52097784bbe634004d9f67c78b36d0b7f4656704
f161cca91dfbe38ac4b143e3a89cc0c7f2e8606600e440aeb7441fb418e1ff18
f2ab71d8fb4085be52c617b5a08c399312c2b4322287fddcaf52e40ae1ac9133
f695180a0fbf6c666bb6dd71063a0199a666258364646e51593926e23d52bbef
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fa42c00f4e7bda83e89b338ec4aa0d511f6c0148264743615cca2477357dd08b
fb066449432103954937cfee8ad798a7b096d0805dcd3fce09f6204f401bd245
fedc05eac7cdae88d50076bbbb63b1d3de35d8fa9421ce91ae2fcebb32af6bb9
fedf6c31f0488f1fb72d46208830a8e4a92f0c519e0cbd92e9ac20a1f8619e5a

sudaneseonline.com Open in urlscan Pro 2606:4700:20::681a:b2e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

255 Requests

99 %HTTPS

69 %IPv6

30 Domains

42 Subdomains

34 IPs

5 Countries

6207 kBTransfer

8496 kBSize

14 Cookies

7 Outgoing links

Redirected requests

255 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sudaneseonline.com Open in urlscan Pro
2606:4700:20::681a:b2e Public Scan

Screenshot
Live screenshot

Full Image

255
Requests

99 %
HTTPS

69 %
IPv6

30
Domains

42
Subdomains

34
IPs

5
Countries

6207 kB
Transfer

8496 kB
Size

14
Cookies

255 HTTP transactions
7 data transactions