sudantribune.com Open in urlscan Pro
2606:4700:10::6816:4bfb Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Effective URL:
https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Submission: On August 30 via api (August 30th 2022, 5:57:01 pm UTC) from CH — Scanned from DE

Summary HTTP 110 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 15 domains to perform 110 HTTP transactions. The main IP is 2606:4700:10::6816:4bfb, located in United States and belongs to CLOUDFLARENET, US. The main domain is sudantribune.com. The Cisco Umbrella rank of the primary domain is 653837.
TLS certificate: Issued by E1 on August 11th 2022. Valid for: 3 months.

This is the only time sudantribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 30	2606:4700:10:... 2606:4700:10::6816:4bfb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
17	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
110	26

30 2606:4700:10::6816:4bfb (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.sudantribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sudantribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	sudantribune.com 2 redirects www.sudantribune.com sudantribune.com — Cisco Umbrella Rank: 653837	219 KB
21	criteo.net static.criteo.net — Cisco Umbrella Rank: 655 pix.eu.criteo.net — Cisco Umbrella Rank: 7955 csm.eu.criteo.net — Cisco Umbrella Rank: 8150	253 KB
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	286 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	424 KB
8	google.com www.google.com — Cisco Umbrella Rank: 9 region1.analytics.google.com — Cisco Umbrella Rank: 5695 adservice.google.com — Cisco Umbrella Rank: 88	42 KB
7	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 108 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52	36 KB
5	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13652 ads.eu.criteo.com — Cisco Umbrella Rank: 7878 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9998	107 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6076 adservice.google.de — Cisco Umbrella Rank: 8811	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	154 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	10 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	88 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 882	648 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1113	5 KB
110	15

	Domain	Requested by
28	sudantribune.com	sudantribune.com static.cloudflareinsights.com
17	static.criteo.net	ads.eu.criteo.com
9	pagead2.googlesyndication.com	sudantribune.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com www.google.com
5	www.google.com	sudantribune.com www.gstatic.com www.google.com tpc.googlesyndication.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	csm.eu.criteo.net	ads.eu.criteo.com
3	www.googletagmanager.com	sudantribune.com www.googletagmanager.com
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.fr.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	sudantribune.com
2	www.sudantribune.com	2 redirects
1	pix.eu.criteo.net	ads.eu.criteo.com
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	sudantribune.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.cloudflareinsights.com	sudantribune.com
110	26

This site contains links to these domains. Also see Links.

Domain
sudantribune.net
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
*.sudantribune.com E1	`2022-08-11` - `2022-11-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-07-22` - `2022-10-19`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-03` - `2022-11-05`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-21` - `2022-11-23`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Frame ID: BAD905EA852C0D04594B332A8AE7D3A9
Requests: 58 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html
Frame ID: 24887E137B8836B53CBC16C51A01FAE6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdIEOIdAAAAAFYJWfLsh0mSPaIvYkbF3wy3gwxo&co=aHR0cHM6Ly9zdWRhbnRyaWJ1bmUuY29tOjQ0Mw..&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=invisible&cb=5ic55k403j9n
Frame ID: CC1DD3D3F8EC6FC40C882F2C79702A93
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0291318216404608&output=html&adk=1812271804&adf=3025194257&lmt=1661882216&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsudantribune.com%2FBREAKING-NEWS-SPLA-minister-killed%2C26975%2Fr%2Fn%2Fr%2Fn%2Fr%2FnSince&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661882216092&bpp=6&bdt=282&idt=197&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3699215483701&frm=20&pv=2&ga_vid=1224149863.1661882216&ga_sid=1661882216&ga_hid=1483977933&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068920&oid=2&pvsid=914991964320575&tmod=1036739973&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=213
Frame ID: D7A9BDEB42EB9E80F960125311B78A9A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0291318216404608&output=html&h=280&adk=3685186759&adf=2810334022&pi=t.aa~a.108489206~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1661882216&rafmt=1&to=qs&pwprc=8386737607&psa=0&format=1200x280&url=https%3A%2F%2Fsudantribune.com%2FBREAKING-NEWS-SPLA-minister-killed%2C26975%2Fr%2Fn%2Fr%2Fn%2Fr%2FnSince&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661882216098&bpp=2&bdt=288&idt=210&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3699215483701&frm=20&pv=1&ga_vid=1224149863.1661882216&ga_sid=1661882216&ga_hid=1483977933&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=73&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068920&oid=2&pvsid=914991964320575&tmod=1036739973&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PAgQz2KaqD&p=https%3A//sudantribune.com&dtd=212
Frame ID: B1B7E4D0BBB955502364F103105249DF
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yw5PaAAFu9AKsogGAA3uZANQrG1TJWLFfDMCMw&u=%7CKglIOBpwlNot6GUHEXKSW04KSOsp%2F6ftHgoiAIapXIg%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4JdLNIKaOnb5OzEWkIpq6r1BJdkqejnNl5wdET7w9LynkdBqXWJ-1Sk1CFvDilBDhXrnkOkTst6TWxhcdy8MSdGX2awMwY8wbbA2ViF98-zMm9wHgmB_y9TMvgJphUgOCiMdI1tyRCWcVckE2smWi7Apo2W_L0iCKJuPt3piVOZIqYkys311ejBenwj8GYCnzObTRqoOuLx2uAfDBfeNWV1WK1vpg4MV2ZWEBOVCwTDVR6xm2A1S7l9LrmigJk9PacyY-dnz47bXTUqaqnWE5_NoEwJHMHKvpXaGZwNVpzPUMXEuuVwoifc9xIY8AjtjhC2sxCq4lpYriqIGTYFDxh-x79alGijEv4IxtlvCcIf9lgL-AwsT7bp4MG9O8CH3c4BrYM4MsV0cN-8zG90PKQDBdyana1Y1VPbKC9h8iONpmfXasqaDfj0UgHdUboohLtzHuTDUF7R7pkLzrI-lqx7CkqtpzWwlNMGXzonetaZ9MZPRto9OHOgN8u7ywqRyc6HcK5co3oEFbrxlvp-uvSReWEsDiWYuxaNeFGJv5qn9EeYAqXO8RyTcpiipUdNFg2Yvbp2wbJAHgkRr_AduXKdEfyoleBPXJY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4mrCaE8OY9D3FoaQygXk3LfICsme0rFc9eqhhogBwI23ARABIABglcKmgrAHggEXY2EtcHViLTAyOTEzMTgyMTY0MDQ2MDigAdW20uoDyAEJqQLqZJz5xcywPqgDAaoEiQJP0D4iK-8lCBsSQkl2B7I2AO5zmpGMPbs4aOuc4PU1rIN3lzeVgQ_2EO_HLMgiFWxkD23ttQM6WqnoSwE2vGOuYs4FUmF-jdRo9V3tNxhB-Qyn1QnFhSyqah5PyDoMyoxEk3lJUBggXsstIxNJ7RnasSiC8Pvc5pOtNvGGQqAsFw6YGR0K5fUmRLhXi2Pxqw36wotNJuqdKAi9O45TvDC3CMSWu1IgVYk9LkCr2jpAr-lQWjBQe69kj3Tn9xrllqw5J7D2TqS4KRNNTvIvW7XFRY4kiO1T8rZzTIlXkhj1-IdFSEDPK7OsEYY3MZZtbC174d-Yf3VMBin-Yk9fY8Utf1K9-U2CmmPHgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YzoMCvNEhhoCAFCF5825iD1zI3A%26client%3Dca-pub-0291318216404608%26adurl%3D
Frame ID: A5DCA2753DB24082E666A969058D3CD2
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1
Frame ID: 943114F5FE5075EE9010A931E7EDB7DF
Requests: 4 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yw5PaAAFg8kK4DYPAA_wvHB59ipVO2NuNXl0pQ&u=%7CKglIOBpwlNqLEyJhORWcprezKPzgn0zAzM8twu6wI7w%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4JdLNIKaOnb5OzEWkIpq6r1BJdkqejnNl5wdET7w9LynkdBqXWJ-1Ske462UrEU9Qr2aQvLgfmDh04Exh1_G_nD8it2FC4SU6e4ywzKtthPbm-h0McqUp_wgdt-9PiCMjpbCuJXtVfqMmUn5FREcips9ZnkHCSX-ZAntu2d35MKmgYGAo7JG2RG6hb1WFHicn8Ba8slnWdB6nzkpHLKyW_jCZ-TPVLlCJUEd2UFCzJXXzK2QYZeyi-3Z8PAKC8ePSnCj3UgQUCPAvyOSA8-6HP4MT1Pc-WUnYqbOFrqXBWPmMuVaF_KLdazEdbBSY5wO3Fxp6G690_Hpys2-KgbCVUsSg_GQUk5FIvRYlLxmgTPxd303GEIsymSYHgLM_h7ZVYOAXbqbvgnIJgXa0S6YL38yMGnO_5f1Dgq8mR-tjNfqiQaf79wCQQaccqQio77BTDlSZ7cXaJQG8WmjEXefoxgBJsoh7J6qtrnxDKGJsxiXbWOn-CgaDYWiEx0U9SzZ2yZSO84Q37zc_sYXGIdBMowQIi-cM64zJn-2mFIac1Cd5KPYrGriA8udVf3TJbfRhcdhCCC9aYcclz8FfFbYJoHLo9F70KyV9c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQCgpaE8OY8mHFo_sgAe84b_4Bsme0rFcpfyT93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMDI5MTMxODIxNjQwNDYwOKAB1bbS6gPIAQmpAu8aTxNh0rA-qAMBqgSJAk_QZZTjxIMzJd1TGzbILnYxb-OBP7r1ItKef74NX26IpV3J7G9_Qr3H6GgRNY9uVFmEq-q2japCmKJVEV4ammCWgPQUyDIhSdY4jS7FCwIyIZk1_0uwhnaYp5DcI07qjzGJ8sJRQMibQL02exdHv5qgid-2FAsKeooJ132vEkFfAC04n3KcnSIqdVhnAEugYqSOEe2PgG6ktvSJ0lo40SqqKcV1mvh1VAM3gbCbCXHITEVRxKMul6ifpPd_nI2oZ1meKfV0q3eWH7WZ1aiC_hpCojWZMrr8E33yWHlVO0eaiMtYr_oJXUoIE1q-lgplTOQ-29it6sMvHw97f9ImY9pPDmgnEXFyN0yABu-dgaTXla2bG6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_17gybZLfxqb_fzU6whPqtFw9xgVw%26client%3Dca-pub-0291318216404608%26adurl%3D
Frame ID: 4F6BED509E3815BA66920C1F1BABE9BD
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7C04A7BDF630F244E76BCF210E04D3AE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 27082016FCBD1D1AA55C08A3EC9E90D4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found - Sudan Tribune

Page URL History Show full URLs

http://www.sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince HTTP 301
https://www.sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince HTTP 301
https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

110
Requests

100 %
HTTPS

84 %
IPv6

15
Domains

26
Subdomains

26
IPs

4
Countries

1647 kB
Transfer

4084 kB
Size

9
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://sudantribune.net/
Title: العربية

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sudantribuneEN/

Search URL Search Domain Scan URL

URL: https://twitter.com/sudantribune_en

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince HTTP 301
https://www.sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince HTTP 301
https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

110 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request nSince Show response
sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/
Redirect Chain

http://www.sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
https://www.sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince

114 KB
36 KB

185ms
176ms

Document
text/html

2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbcf0a8a17a2ae1826d71f338e905d70efe1da598aae72f3355ac3b581fdaefa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: MISS
cf-ray: 742f67e7b8156939-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 30 Aug 2022 17:56:55 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://sudantribune.com/wp-json/>; rel="https://api.w.org/"
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: max-age=3600
cf-ray: 742f67e77f6c6939-FRA
date: Tue, 30 Aug 2022 17:56:55 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Tue, 30 Aug 2022 18:56:55 GMT
location: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
server: cloudflare
vary: Accept-Encoding

GET
H2 200 admin-ajax.php Show response
sudantribune.com/wp-admin/ 0
302 B 113ms
110ms Script
application/javascript 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sudantribune.com/wp-admin/admin-ajax.php?action=pll_xdata_check&redirect=https%3A%2F%2Fsudantribune.com%2FBREAKING-NEWS-SPLA-minister-killed%2C26975%2Fr%2Fn%2Fr%2Fn%2Fr%2FnSince&nonce=aec3e216b9

Requested by

Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 742f67e8d9d76939-FRA
vary: Accept-Encoding
content-length: 0
x-content-type-options: nosniff
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 abp-popular-posts-widget.css
sudantribune.com/wp-content/plugins/Google-Analytics-Popular-Posts-master/css/ 307 B
254 B 32ms
30ms Stylesheet
text/css 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-content/plugins/Google-Analytics-Popular-Posts-master/css/abp-popular-posts-widget.css
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e03aa26e3e60ab01094995b59a63fc896927538aca8a68beee9c7e7e1e1114a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 21 May 2022 10:28:31 GMT
server: cloudflare
age: 1059
etag: "133-6288becf-14615a3;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e8d9dc6939-FRA
content-length: 146
expires: Mon, 13 Jun 2022 08:25:54 GMT

GET
H2 200 style.min.css
sudantribune.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 25ms
23ms Stylesheet
text/css 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 12 Jul 2022 17:22:32 GMT
server: cloudflare
age: 1059
etag: "15b64-62cdadd8-13402f3;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e8d9de6939-FRA
content-length: 11683
expires: Tue, 19 Jul 2022 19:20:27 GMT

GET
H2 200 styles.css
sudantribune.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 27ms
25ms Stylesheet
text/css 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Aug 2022 09:25:33 GMT
server: cloudflare
age: 1059
etag: "aab-62fa110d-14812f0;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e8d9e06939-FRA
content-length: 972
expires: Mon, 22 Aug 2022 11:05:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
896 B 72ms
25ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C600%2C700%7CSource+Sans+Pro%3A400%2C600%2C700

Requested by

Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7af8ad5d6659ab08a56400b3c86832926d67a8b4e6dd5b10f25725b605b0613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 17:56:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Aug 2022 17:56:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Aug 2022 17:56:55 GMT

GET
H2 200 bootstrap.min.css
sudantribune.com/wp-content/themes/sudantribune/css/ 63 KB
9 KB 31ms
29ms Stylesheet
text/css 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-content/themes/sudantribune/css/bootstrap.min.css
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5582fcb25f3bde2a2ecd75b0c0464370a8a8fa59bc3520d1e442875fe55ed1ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Oct 2021 12:35:31 GMT
server: cloudflare
age: 1059
etag: "fa58-6172b013-1461373;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e8d9e16939-FRA
content-length: 9426
expires: Mon, 13 Jun 2022 08:25:54 GMT

GET
H2 200 font-icons.css
sudantribune.com/wp-content/themes/sudantribune/css/ 6 KB
1 KB 26ms
24ms Stylesheet
text/css 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-content/themes/sudantribune/css/font-icons.css
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5c6d519d07e2de3c0c98f8dd9995ce077402f683e13caf6013d52faa16c5443

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 23:26:10 GMT
server: cloudflare
age: 1059
etag: "16ad-6192ec92-1461375;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e8d9e36939-FRA
content-length: 1351
expires: Mon, 13 Jun 2022 08:25:54 GMT

GET
H2 200 style.css
sudantribune.com/wp-content/themes/sudantribune/ 143 KB
23 KB 38ms
37ms Stylesheet
text/css 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-content/themes/sudantribune/style.css
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e706e8e4da71dca6cdeab6d0faf70c0963e5c7cf5290a5ed123cb729723c732

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 31 Jan 2022 09:43:50 GMT
server: cloudflare
age: 1059
etag: "23a69-61f7af56-1461372;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e8d9e46939-FRA
content-length: 23841
expires: Mon, 13 Jun 2022 08:25:54 GMT

GET
H2 200 jquery.min.js Show response
sudantribune.com/wp-includes/js/jquery/ 87 KB
30 KB 39ms
38ms Script
application/x-javascript 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 01 Jun 2022 10:38:45 GMT
server: cloudflare
age: 1059
etag: "15db1-629741b5-134086e;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e8d9e66939-FRA
content-length: 30953
expires: Mon, 13 Jun 2022 08:25:54 GMT

GET
H2 200 jquery-migrate.min.js Show response
sudantribune.com/wp-includes/js/jquery/ 11 KB
4 KB 26ms
25ms Script
application/x-javascript 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 01 Jun 2022 10:38:45 GMT
server: cloudflare
age: 1059
etag: "2bd8-629741b5-134086d;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e8d9e86939-FRA
content-length: 4169
expires: Mon, 13 Jun 2022 08:25:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
72 KB 79ms
30ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TCSW32R6J3

Requested by

Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b180feb6d156c226f44dc417a7835bb6826fdeb255bc08d46d98b1be28e2074e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72933
x-xss-protection: 0
expires: Tue, 30 Aug 2022 17:56:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 102ms
52ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-4732459-2

Requested by

Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4a359a111e32fe4d99429716ada96eeb6f83733534c3c7d84195711bf6479a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41982
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 16:17:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Aug 2022 17:56:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
57 KB 114ms
64ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0291318216404608

Requested by

Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4589b62a2cf679299ad53cb5f944bbde53c7b10313b017ac55f9008101d37520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudantribune.com/
Origin: https://sudantribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57613
x-xss-protection: 0
server: cafe
etag: 10737839481082659117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 17:56:55 GMT

GET
H2 200 st_logo.png
sudantribune.com/wp-content/themes/sudantribune/images/ 6 KB
6 KB 41ms
41ms Image
image/webp 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudantribune.com/wp-content/themes/sudantribune/images/st_logo.png
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66e2fa49809c9039afe311b0e5c5241ca0b4b177a608ed67c1f6fd846483e2ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
cf-cache-status: HIT
age: 509984
cf-polished: origFmt=png, origSize=14528
content-disposition: inline; filename="st_logo.webp"
content-length: 5898
last-modified: Sun, 03 Oct 2021 20:07:50 GMT
server: cloudflare
etag: "38c0-615a0d96-146139f;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 31 Aug 2022 20:17:11 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e99afc6939-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 regenerator-runtime.min.js Show response
sudantribune.com/wp-includes/js/dist/vendor/ 6 KB
2 KB 21ms
21ms Script
application/x-javascript 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 01 Jun 2022 10:38:45 GMT
server: cloudflare
age: 1059
etag: "194b-629741b5-13406b7;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e95a846939-FRA
content-length: 2457
expires: Mon, 13 Jun 2022 08:25:54 GMT

GET
H2 200 wp-polyfill.min.js Show response
sudantribune.com/wp-includes/js/dist/vendor/ 19 KB
7 KB 22ms
19ms Script
application/x-javascript 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 01 Jun 2022 10:38:45 GMT
server: cloudflare
age: 1059
etag: "4ac6-629741b5-13406c9;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e96a9b6939-FRA
content-length: 7095
expires: Mon, 13 Jun 2022 08:25:54 GMT

GET
H2 200 index.js Show response
sudantribune.com/wp-content/plugins/contact-form-7/includes/js/ 21 KB
7 KB 28ms
25ms Script
application/x-javascript 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-content/plugins/contact-form-7/includes/js/index.js
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32dd00604df8db3415240d450341558b6827b1e02dc0f211d8a6d9a4287c522e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Aug 2022 09:25:33 GMT
server: cloudflare
age: 1059
etag: "5591-62fa110d-14a00d5;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e96a9e6939-FRA
content-length: 6564
expires: Mon, 22 Aug 2022 11:05:55 GMT

GET
H2 200 modernizr.min.js Show response
sudantribune.com/wp-content/themes/sudantribune/js/ 5 KB
2 KB 23ms
21ms Script
application/x-javascript 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-content/themes/sudantribune/js/modernizr.min.js
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2b63b89d3e642887f882b0fc40965bb7a9f93682d17831d626f052a20ebcf35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Oct 2021 12:35:31 GMT
server: cloudflare
age: 1059
etag: "14d0-6172b013-14613b1;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e96aa26939-FRA
content-length: 2349
expires: Mon, 13 Jun 2022 08:25:54 GMT

GET
H2 200 owl-carousel.min.js Show response
sudantribune.com/wp-content/themes/sudantribune/js/ 42 KB
11 KB 22ms
20ms Script
application/x-javascript 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-content/themes/sudantribune/js/owl-carousel.min.js
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863f31698192e87c3f25979fab14e6c426e45e904e3dbabee24cbcb0fa1a1fd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Oct 2021 12:35:31 GMT
server: cloudflare
age: 1059
etag: "a716-6172b013-14613b2;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e96aa56939-FRA
content-length: 10935
expires: Mon, 13 Jun 2022 08:25:54 GMT

GET
H2 200 viewportchecker.min.js Show response
sudantribune.com/wp-content/themes/sudantribune/js/ 3 KB
1 KB 17ms
17ms Script
application/x-javascript 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-content/themes/sudantribune/js/viewportchecker.min.js
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1eb94b540b32c31b933c5ddb705eaa88ebaa501364dc70713214181d996f0893

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Oct 2021 12:35:31 GMT
server: cloudflare
age: 4367
etag: "a92-6172b013-14613b7;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e97ab86939-FRA
content-length: 995
expires: Mon, 29 Aug 2022 07:35:15 GMT

GET
H2 200 velocity.min.js Show response
sudantribune.com/wp-content/themes/sudantribune/js/ 44 KB
16 KB 24ms
24ms Script
application/x-javascript 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-content/themes/sudantribune/js/velocity.min.js
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73888a917e850824ffc2109e20466c8d22d8247046925b6377a10d7f289e2c8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Oct 2021 12:35:31 GMT
server: cloudflare
age: 1059
etag: "aef8-6172b013-14613b5;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e98ad36939-FRA
content-length: 16012
expires: Mon, 13 Jun 2022 08:25:54 GMT

GET
H2 200 velocity.ui.min.js Show response
sudantribune.com/wp-content/themes/sudantribune/js/ 13 KB
3 KB 21ms
21ms Script
application/x-javascript 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-content/themes/sudantribune/js/velocity.ui.min.js
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b32f570cedbb2def5429db02684c06752a8f587d8a0a58d9a1111d162bb3d781

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Oct 2021 12:35:31 GMT
server: cloudflare
age: 1059
etag: "34f6-6172b013-14613b6;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e98ad56939-FRA
content-length: 3025
expires: Mon, 13 Jun 2022 08:25:54 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
sudantribune.com/wp-content/themes/sudantribune/js/ 20 KB
7 KB 30ms
29ms Script
application/x-javascript 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-content/themes/sudantribune/js/jquery.magnific-popup.min.js
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Oct 2021 12:35:31 GMT
server: cloudflare
age: 1059
etag: "4ef8-6172b013-14613ab;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e99af76939-FRA
content-length: 7346
expires: Mon, 13 Jun 2022 08:25:54 GMT

GET
H2 200 theia-sticky-sidebar.min.js Show response
sudantribune.com/wp-content/themes/sudantribune/js/ 5 KB
2 KB 28ms
28ms Script
application/x-javascript 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-content/themes/sudantribune/js/theia-sticky-sidebar.min.js
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Oct 2021 12:35:31 GMT
server: cloudflare
age: 1059
etag: "1535-6172b013-14613b4;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e99afa6939-FRA
content-length: 1775
expires: Mon, 13 Jun 2022 08:25:54 GMT

GET
H2 200 jquery.lazy.min.js Show response
sudantribune.com/wp-content/themes/sudantribune/js/ 5 KB
2 KB 37ms
37ms Script
application/x-javascript 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-content/themes/sudantribune/js/jquery.lazy.min.js
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Oct 2021 12:35:31 GMT
server: cloudflare
age: 1059
etag: "139f-6172b013-14613aa;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e99afb6939-FRA
content-length: 2332
expires: Mon, 13 Jun 2022 08:25:54 GMT

GET
H2 200 jquery.newsTicker.min.js Show response
sudantribune.com/wp-content/themes/sudantribune/js/ 4 KB
1 KB 18ms
17ms Script
application/x-javascript 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-content/themes/sudantribune/js/jquery.newsTicker.min.js
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8dc6a157ad70bfed83a655e508234cf8f9b136d56fea918d05216338f314e6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Oct 2021 12:35:31 GMT
server: cloudflare
age: 1059
etag: "e53-6172b013-14613ad;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e9bb1b6939-FRA
content-length: 1224
expires: Mon, 13 Jun 2022 08:25:54 GMT

GET
H2 200 str-scripts.js Show response
sudantribune.com/wp-content/themes/sudantribune/js/ 43 KB
9 KB 25ms
24ms Script
application/x-javascript 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-content/themes/sudantribune/js/str-scripts.js
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f4e48eae258c511c0a9d8fbe52702eb1b8fd6a81c8214e2ceb8c32a16c43950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 22 Dec 2021 21:15:43 GMT
server: cloudflare
age: 1059
etag: "ac0e-61c3957f-14613b3;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e9bb1d6939-FRA
content-length: 8695
expires: Mon, 13 Jun 2022 08:25:54 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
1000 B 73ms
23ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdIEOIdAAAAAFYJWfLsh0mSPaIvYkbF3wy3gwxo

Requested by

Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a44389c89b8bfe1809978cf8d85029c69ab3418643a79fcd0215216d5bc5a7bf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 1; mode=block
expires: Tue, 30 Aug 2022 17:56:55 GMT

GET
H2 200 index.js Show response
sudantribune.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 999 B
637 B 19ms
19ms Script
application/x-javascript 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Aug 2022 09:25:33 GMT
server: cloudflare
age: 1059
etag: "3e7-62fa110d-14a0115;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e9bb306939-FRA
content-length: 507
expires: Mon, 22 Aug 2022 11:06:00 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 75ms
46ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://sudantribune.com/
Origin: https://sudantribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 742f67e9bdb59025-FRA

GET
H2 200 wp-emoji-release.min.js Show response
sudantribune.com/wp-includes/js/ 18 KB
5 KB 24ms
24ms Script
application/x-javascript 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 01 Jun 2022 10:38:45 GMT
server: cloudflare
age: 6555
etag: "48b9-629741b5-1340795;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e9cb366939-FRA
content-length: 5004
expires: Wed, 17 Aug 2022 18:38:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 996 B
879 B 26ms
24ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Kufi+Arabic:wght@400;700&display=swap

Requested by

Host: sudantribune.com
URL: https://sudantribune.com/wp-content/themes/sudantribune/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8312bbafc4ee712027eab4ebd5d9edae29315a57674be8551cb9813a4e0dd8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 17:56:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Aug 2022 17:56:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Aug 2022 17:56:55 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 60ms
14ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C600%2C700%7CSource+Sans+Pro%3A400%2C600%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sudantribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 513033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 19:26:22 GMT

GET
DATA 200
OK truncated
/ 280 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4790a50604ec306c0dafb7e90b82966fb3b6ed8769cc7178cf96619b8201bdd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ui-icons.ttf
sudantribune.com/wp-content/themes/sudantribune/fonts/ 32 KB
17 KB 28ms
27ms Font
application/x-font-ttf 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sudantribune.com/wp-content/themes/sudantribune/fonts/ui-icons.ttf?ig4it5
Requested by: Host: sudantribune.com
URL: https://sudantribune.com/wp-content/themes/sudantribune/css/font-icons.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e91fe7708d4cdc67b29bfab032e90b285c8b7f102d4338bceac55712a7928f4

Request headers

Referer: https://sudantribune.com/wp-content/themes/sudantribune/css/font-icons.css
Origin: https://sudantribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Oct 2021 12:35:31 GMT
server: cloudflare
age: 522
etag: "7f6c-6172b013-146137c;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-font-ttf
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 742f67e98acc6939-FRA
content-length: 17062
expires: Thu, 09 Jun 2022 00:22:48 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 51ms
18ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C600%2C700%7CSource+Sans+Pro%3A400%2C600%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sudantribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 513033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 19:26:22 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 60ms
28ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C600%2C700%7CSource+Sans+Pro%3A400%2C600%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sudantribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 03:24:20 GMT
x-content-type-options: nosniff
age: 484355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 03:24:20 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ 391 KB
156 KB 75ms
24ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdIEOIdAAAAAFYJWfLsh0mSPaIvYkbF3wy3gwxo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30a31bd4c38a2400b0e4aeb83da4f028cca84568378d1deedc236406792f1baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudantribune.com/
Origin: https://sudantribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 15:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159350
x-xss-protection: 0
last-modified: Sun, 21 Aug 2022 22:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 15:34:37 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
338 B 75ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-TCSW32R6J3&gtm=2oe8t0&_p=1483977933&_gaz=1&gdid=dZTNiMT&cid=1224149863.1661882216&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661882216&sct=1&seg=0&dl=https%3A%2F%2Fsudantribune.com%2FBREAKING-NEWS-SPLA-minister-killed%2C26975%2Fr%2Fn%2Fr%2Fn%2Fr%2FnSince&dt=Page%20not%20found%20-%20Sudan%20Tribune&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TCSW32R6J3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 17:56:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sudantribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
347 B 56ms
19ms Ping
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TCSW32R6J3&cid=1224149863.1661882216&gtm=2oe8t0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TCSW32R6J3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 17:56:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sudantribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-4732459-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TCSW32R6J3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca2dec4a524821c698dde641740eac37a53fb04328e07bb9a8ed526dab425de0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42006
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 16:17:44 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Aug 2022 17:56:56 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 86ms
52ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TCSW32R6J3&cid=1224149863.1661882216&gtm=2oe8t0&aip=1&z=264836670

Requested by

Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 17:56:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 48ms
13ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4732459-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3059
date: Tue, 30 Aug 2022 17:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 30 Aug 2022 19:05:57 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/ 343 KB
121 KB 101ms
73ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0291318216404608&plah=sudantribune.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0291318216404608

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb568542327d4264166e9839781916f91331fc0bae0bb29397ee3ebb4cc66ed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123441
x-xss-protection: 0
server: cafe
etag: 7010565757551956371
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 17:56:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/ Frame 2488 10 KB
5 KB 80ms
23ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0291318216404608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudantribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 23:16:15 GMT
etag: 8616628553774171045
expires: Mon, 12 Sep 2022 23:16:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame CC1D 42 KB
22 KB 67ms
38ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdIEOIdAAAAAFYJWfLsh0mSPaIvYkbF3wy3gwxo&co=aHR0cHM6Ly9zdWRhbnRyaWJ1bmUuY29tOjQ0Mw..&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=invisible&cb=5ic55k403j9n

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

19a22692945d88984b620e60e95d9e5f13c87cb51be79b641e7132a83f0f73e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D6wxuxQRDWtZUdlYbO4Jmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sudantribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22052
content-security-policy: script-src 'report-sample' 'nonce-D6wxuxQRDWtZUdlYbO4Jmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 17:56:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 49ms
20ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1483977933&t=pageview&_s=1&dl=https%3A%2F%2Fsudantribune.com%2FBREAKING-NEWS-SPLA-minister-killed%2C26975%2Fr%2Fn%2Fr%2Fn%2Fr%2FnSince&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Sudan%20Tribune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1884443393&gjid=2085870542&cid=1224149863.1661882216&tid=UA-4732459-2&_gid=1808969224.1661882216&_r=1&gtm=2ou8t0&did=dZTNiMT&gdid=dZTNiMT&z=888579063

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudantribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 17:56:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sudantribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 58ms
20ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4732459-2&cid=1224149863.1661882216&jid=1884443393&gjid=2085870542&_gid=1808969224.1661882216&_u=YADAAUAAAAAAAC~&z=1413020080

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sudantribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Aug 2022 17:56:56 GMT
content-type: text/plain
access-control-allow-origin: https://sudantribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ Frame CC1D 52 KB
24 KB 66ms
15ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdIEOIdAAAAAFYJWfLsh0mSPaIvYkbF3wy3gwxo&co=aHR0cHM6Ly9zdWRhbnRyaWJ1bmUuY29tOjQ0Mw..&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=invisible&cb=5ic55k403j9n

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:42:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Sun, 21 Aug 2022 22:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 17:42:38 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ Frame CC1D 391 KB
156 KB 78ms
27ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30a31bd4c38a2400b0e4aeb83da4f028cca84568378d1deedc236406792f1baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 15:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159350
x-xss-protection: 0
last-modified: Sun, 21 Aug 2022 22:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 15:34:37 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
648 B 109ms
24ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sudantribune.com&callback=_gfp_s_&client=ca-pub-0291318216404608

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0291318216404608&plah=sudantribune.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

eef05d03e7b6fd2a80c7e53b996ac6297d7beaa1a6d39df8e95c6e83ee52ef91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 65ms
21ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sudantribune.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Aug 2022 17:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 58ms
23ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sudantribune.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Aug 2022 17:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 47ms
46ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsudantribune.com%2FBREAKING-NEWS-SPLA-minister-killed%2C26975%2Fr%2Fn%2Fr%2Fn%2Fr%2FnSince&tn=DIV&cls=grecaptcha-badge&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: sudantribune.com
URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 17:56:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D7A9 69 KB
17 KB 171ms
143ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0291318216404608&output=html&adk=1812271804&adf=3025194257&lmt=1661882216&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsudantribune.com%2FBREAKING-NEWS-SPLA-minister-killed%2C26975%2Fr%2Fn%2Fr%2Fn%2Fr%2FnSince&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661882216092&bpp=6&bdt=282&idt=197&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3699215483701&frm=20&pv=2&ga_vid=1224149863.1661882216&ga_sid=1661882216&ga_hid=1483977933&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068920&oid=2&pvsid=914991964320575&tmod=1036739973&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=213

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

729dd550e1b3ffe7a11593afbdd8a80397a8ea252c0acbb86391605fe91b29c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudantribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 17211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 17:56:56 GMT
expires: Tue, 30 Aug 2022 17:56:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B1B7 23 KB
10 KB 214ms
191ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0291318216404608&output=html&h=280&adk=3685186759&adf=2810334022&pi=t.aa~a.108489206~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1661882216&rafmt=1&to=qs&pwprc=8386737607&psa=0&format=1200x280&url=https%3A%2F%2Fsudantribune.com%2FBREAKING-NEWS-SPLA-minister-killed%2C26975%2Fr%2Fn%2Fr%2Fn%2Fr%2FnSince&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661882216098&bpp=2&bdt=288&idt=210&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3699215483701&frm=20&pv=1&ga_vid=1224149863.1661882216&ga_sid=1661882216&ga_hid=1483977933&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=73&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068920&oid=2&pvsid=914991964320575&tmod=1036739973&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PAgQz2KaqD&p=https%3A//sudantribune.com&dtd=212

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bdf15bede9bf7057f869c51d2d974bc7884e94fabd0de08c802e3f51d03b076

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudantribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9821
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 17:56:56 GMT
expires: Tue, 30 Aug 2022 17:56:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame CC1D 2 KB
2 KB 14ms
14ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 601028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 30 Aug 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CC1D 15 KB
15 KB 42ms
14ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 3015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Aug 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CC1D 15 KB
15 KB 44ms
16ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 70537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame CC1D 102 B
134 B 23ms
23ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=3TZgZIog-UsaFDv31vC4L9R_

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5f431019dbc02c29358a84d7071317fa5c496bf3f934e5f0bcc65a3ae68a5620

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdIEOIdAAAAAFYJWfLsh0mSPaIvYkbF3wy3gwxo&co=aHR0cHM6Ly9zdWRhbnRyaWJ1bmUuY29tOjQ0Mw..&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=invisible&cb=5ic55k403j9n
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 30 Aug 2022 17:56:56 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame CC1D 31 KB
18 KB 60ms
59ms XHR
application/json 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdIEOIdAAAAAFYJWfLsh0mSPaIvYkbF3wy3gwxo

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e588f774da85c4047151c3347fb938a08ce43e158a4e1ca860826c6fde2515c2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdIEOIdAAAAAFYJWfLsh0mSPaIvYkbF3wy3gwxo&co=aHR0cHM6Ly9zdWRhbnRyaWJ1bmUuY29tOjQ0Mw..&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=invisible&cb=5ic55k403j9n
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 30 Aug 2022 17:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18426
x-xss-protection: 1; mode=block
expires: Tue, 30 Aug 2022 17:56:56 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/ 149 KB
53 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

155b63f11efca2e97f980791a6c5bc0cc3483cdd4091017b2daf5f5e3858c54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54512
x-xss-protection: 0
server: cafe
etag: 1653217403446333759
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Aug 2022 17:56:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame B1B7 3 KB
1 KB 67ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0291318216404608&output=html&h=280&adk=3685186759&adf=2810334022&pi=t.aa~a.108489206~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1661882216&rafmt=1&to=qs&pwprc=8386737607&psa=0&format=1200x280&url=https%3A%2F%2Fsudantribune.com%2FBREAKING-NEWS-SPLA-minister-killed%2C26975%2Fr%2Fn%2Fr%2Fn%2Fr%2FnSince&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661882216098&bpp=2&bdt=288&idt=210&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3699215483701&frm=20&pv=1&ga_vid=1224149863.1661882216&ga_sid=1661882216&ga_hid=1483977933&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=73&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068920&oid=2&pvsid=914991964320575&tmod=1036739973&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PAgQz2KaqD&p=https%3A//sudantribune.com&dtd=212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:47:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 17:47:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame B1B7 17 KB
8 KB 65ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 17:54:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B1B7 141 KB
44 KB 76ms
28ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44757
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661773661488070"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 17:56:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B1B7 0
0 58ms
58ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C762RaE8OY9D3FoaQygXk3LfICsme0rFc9eqhhogBwI23ARABIABglcKmgrAHggEXY2EtcHViLTAyOTEzMTgyMTY0MDQ2MDigAdW20uoDyAEJqQLqZJz5xcywPqgDAaoEhgJP0D4iK-8lCBsSQkl2B7I2AO5zmpGMPbs4aOuc4PU1rIN3lzeVgQ_2EO_HLMgiFWxkD23ttQM6WqnoSwE2vGOuYs4FUmF-jdRo9V3tNxhB-Qyn1QnFhSyqah5PyDoMyoxEk3lJUBggXsstIxNJ7RnasSiC8Pvc5pOtNvGGQqAsFw6YGR0K5fUmRLhXi2Pxqw36wotNJuqdKAi9O45TvDC3CMSWu1IgVYk9LkCr2jpAr-lQWjBQe69kj3Tn9xrllqw5J7D2TqS4KRNNTvIvW7XFRY4kiO1T8rZzTIlXkhj1-MVHadJIpC-_rhojkkZQytVy9dUudVtUhJ02X-mt3NsBZ9cXfV49gAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTAyOTEzMTgyMTY0MDQ2MDgYAA&sigh=6Jz3MNNJh5U&uach_m=[UACH]&cid=CAQSGwCsnQUxDf9TLeRuv-pjftmqDbSI2HN8E7RpZxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0291318216404608&output=html&h=280&adk=3685186759&adf=2810334022&pi=t.aa~a.108489206~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1661882216&rafmt=1&to=qs&pwprc=8386737607&psa=0&format=1200x280&url=https%3A%2F%2Fsudantribune.com%2FBREAKING-NEWS-SPLA-minister-killed%2C26975%2Fr%2Fn%2Fr%2Fn%2Fr%2FnSince&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661882216098&bpp=2&bdt=288&idt=210&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3699215483701&frm=20&pv=1&ga_vid=1224149863.1661882216&ga_sid=1661882216&ga_hid=1483977933&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=73&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068920&oid=2&pvsid=914991964320575&tmod=1036739973&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PAgQz2KaqD&p=https%3A//sudantribune.com&dtd=212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 30 Aug 2022 17:56:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 30 Aug 2022 17:56:56 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame B1B7 0
0 56ms
16ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPi0Ecz6RLAJmAKdg2ICAgAAADL9AMZ43UA9EGhPDmO5PejvmCVO6hbdIgASAAA&wp=Yw5PaAAFu9AKsogGAA3uZANQrG1TJWLFfDMCMw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:56 GMT
server: Kestrel
server-processing-duration-in-ticks: 210742
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A5DC 170 KB
53 KB 168ms
132ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yw5PaAAFu9AKsogGAA3uZANQrG1TJWLFfDMCMw&u=%7CKglIOBpwlNot6GUHEXKSW04KSOsp%2F6ftHgoiAIapXIg%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4JdLNIKaOnb5OzEWkIpq6r1BJdkqejnNl5wdET7w9LynkdBqXWJ-1Sk1CFvDilBDhXrnkOkTst6TWxhcdy8MSdGX2awMwY8wbbA2ViF98-zMm9wHgmB_y9TMvgJphUgOCiMdI1tyRCWcVckE2smWi7Apo2W_L0iCKJuPt3piVOZIqYkys311ejBenwj8GYCnzObTRqoOuLx2uAfDBfeNWV1WK1vpg4MV2ZWEBOVCwTDVR6xm2A1S7l9LrmigJk9PacyY-dnz47bXTUqaqnWE5_NoEwJHMHKvpXaGZwNVpzPUMXEuuVwoifc9xIY8AjtjhC2sxCq4lpYriqIGTYFDxh-x79alGijEv4IxtlvCcIf9lgL-AwsT7bp4MG9O8CH3c4BrYM4MsV0cN-8zG90PKQDBdyana1Y1VPbKC9h8iONpmfXasqaDfj0UgHdUboohLtzHuTDUF7R7pkLzrI-lqx7CkqtpzWwlNMGXzonetaZ9MZPRto9OHOgN8u7ywqRyc6HcK5co3oEFbrxlvp-uvSReWEsDiWYuxaNeFGJv5qn9EeYAqXO8RyTcpiipUdNFg2Yvbp2wbJAHgkRr_AduXKdEfyoleBPXJY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4mrCaE8OY9D3FoaQygXk3LfICsme0rFc9eqhhogBwI23ARABIABglcKmgrAHggEXY2EtcHViLTAyOTEzMTgyMTY0MDQ2MDigAdW20uoDyAEJqQLqZJz5xcywPqgDAaoEiQJP0D4iK-8lCBsSQkl2B7I2AO5zmpGMPbs4aOuc4PU1rIN3lzeVgQ_2EO_HLMgiFWxkD23ttQM6WqnoSwE2vGOuYs4FUmF-jdRo9V3tNxhB-Qyn1QnFhSyqah5PyDoMyoxEk3lJUBggXsstIxNJ7RnasSiC8Pvc5pOtNvGGQqAsFw6YGR0K5fUmRLhXi2Pxqw36wotNJuqdKAi9O45TvDC3CMSWu1IgVYk9LkCr2jpAr-lQWjBQe69kj3Tn9xrllqw5J7D2TqS4KRNNTvIvW7XFRY4kiO1T8rZzTIlXkhj1-IdFSEDPK7OsEYY3MZZtbC174d-Yf3VMBin-Yk9fY8Utf1K9-U2CmmPHgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YzoMCvNEhhoCAFCF5825iD1zI3A%26client%3Dca-pub-0291318216404608%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

61bd5d2d11974a40aa4b79b5f7c2a771656c4ed13bdf623249dd9a849e056bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 17:56:55 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=_3qtVmExq9b0OHWo2tWVAmelsn573m92n2csUcPQQEk9imNyD9cwrjKIF4r_nFuZ1l2IVbOW0EqWKRle3a5jfj3XQBlc1snq1bUYnP83tlPeXYufEGbAz5SqypxguaKkkcO4-Eo6Ay1Vq_3H8mCYvmBeh_FiS_wOfD7mEi1yQfwapYw7Xmc1qXJjrWIlO3098tbWjgqTdCInPBZ24Rxz-RCZh38pcW1mlddsOQLGa7091xcW-GnlVdkrhimnoRDo9pw7dQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 109684289
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame B1B7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5115b76e6abe7f8434b1057cc479889a09c61d78f8bd98fbc75814f8f26d9879

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 55ms
24ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sudantribune.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Aug 2022 17:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 50ms
23ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sudantribune.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Aug 2022 17:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/ Frame 9431 10 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudantribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66140
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 23:34:36 GMT
etag: 8616628553774171045
expires: Mon, 12 Sep 2022 23:34:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 4F6B 170 KB
53 KB 125ms
125ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yw5PaAAFg8kK4DYPAA_wvHB59ipVO2NuNXl0pQ&u=%7CKglIOBpwlNqLEyJhORWcprezKPzgn0zAzM8twu6wI7w%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4JdLNIKaOnb5OzEWkIpq6r1BJdkqejnNl5wdET7w9LynkdBqXWJ-1Ske462UrEU9Qr2aQvLgfmDh04Exh1_G_nD8it2FC4SU6e4ywzKtthPbm-h0McqUp_wgdt-9PiCMjpbCuJXtVfqMmUn5FREcips9ZnkHCSX-ZAntu2d35MKmgYGAo7JG2RG6hb1WFHicn8Ba8slnWdB6nzkpHLKyW_jCZ-TPVLlCJUEd2UFCzJXXzK2QYZeyi-3Z8PAKC8ePSnCj3UgQUCPAvyOSA8-6HP4MT1Pc-WUnYqbOFrqXBWPmMuVaF_KLdazEdbBSY5wO3Fxp6G690_Hpys2-KgbCVUsSg_GQUk5FIvRYlLxmgTPxd303GEIsymSYHgLM_h7ZVYOAXbqbvgnIJgXa0S6YL38yMGnO_5f1Dgq8mR-tjNfqiQaf79wCQQaccqQio77BTDlSZ7cXaJQG8WmjEXefoxgBJsoh7J6qtrnxDKGJsxiXbWOn-CgaDYWiEx0U9SzZ2yZSO84Q37zc_sYXGIdBMowQIi-cM64zJn-2mFIac1Cd5KPYrGriA8udVf3TJbfRhcdhCCC9aYcclz8FfFbYJoHLo9F70KyV9c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQCgpaE8OY8mHFo_sgAe84b_4Bsme0rFcpfyT93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMDI5MTMxODIxNjQwNDYwOKAB1bbS6gPIAQmpAu8aTxNh0rA-qAMBqgSJAk_QZZTjxIMzJd1TGzbILnYxb-OBP7r1ItKef74NX26IpV3J7G9_Qr3H6GgRNY9uVFmEq-q2japCmKJVEV4ammCWgPQUyDIhSdY4jS7FCwIyIZk1_0uwhnaYp5DcI07qjzGJ8sJRQMibQL02exdHv5qgid-2FAsKeooJ132vEkFfAC04n3KcnSIqdVhnAEugYqSOEe2PgG6ktvSJ0lo40SqqKcV1mvh1VAM3gbCbCXHITEVRxKMul6ifpPd_nI2oZ1meKfV0q3eWH7WZ1aiC_hpCojWZMrr8E33yWHlVO0eaiMtYr_oJXUoIE1q-lgplTOQ-29it6sMvHw97f9ImY9pPDmgnEXFyN0yABu-dgaTXla2bG6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_17gybZLfxqb_fzU6whPqtFw9xgVw%26client%3Dca-pub-0291318216404608%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

316aced2729115d320de8fec8754db235fdd7ab4cc1dd4b15f6081e17e7d28a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 17:56:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=rnMd-WExq9b0OHWoUaagF3tHgHHMotjTog6IDE5JC3j5Pc318aDX3-jbUgN4eKQZUzp_AoNnQJTtLHfvoqr9-T6FJgC3RIqYh4VHXXxzfoKH4C0-G-wT7qZMTr3t5MCqMenK060D_qvx9KmnEW1bOkuNA9Vo6jIi1pOYYnfvyKVK1dO1KWak2Rllc9qekly7GyUMvMGZPqCsizm0bSXquEd8BuJSF3_kZGVn-C8JqNp2EhhLs0HQoaVPeeV-SPBMmlXufw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 100035842
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 9431 3 KB
1 KB 45ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 17:53:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 9431 17 KB
7 KB 42ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Sep 2022 17:54:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9431 141 KB
44 KB 61ms
33ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44757
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661773661488070"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 17:56:56 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A5DC 2 KB
1 KB 319ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yw5PaAAFu9AKsogGAA3uZANQrG1TJWLFfDMCMw&u=%7CKglIOBpwlNot6GUHEXKSW04KSOsp%2F6ftHgoiAIapXIg%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4JdLNIKaOnb5OzEWkIpq6r1BJdkqejnNl5wdET7w9LynkdBqXWJ-1Sk1CFvDilBDhXrnkOkTst6TWxhcdy8MSdGX2awMwY8wbbA2ViF98-zMm9wHgmB_y9TMvgJphUgOCiMdI1tyRCWcVckE2smWi7Apo2W_L0iCKJuPt3piVOZIqYkys311ejBenwj8GYCnzObTRqoOuLx2uAfDBfeNWV1WK1vpg4MV2ZWEBOVCwTDVR6xm2A1S7l9LrmigJk9PacyY-dnz47bXTUqaqnWE5_NoEwJHMHKvpXaGZwNVpzPUMXEuuVwoifc9xIY8AjtjhC2sxCq4lpYriqIGTYFDxh-x79alGijEv4IxtlvCcIf9lgL-AwsT7bp4MG9O8CH3c4BrYM4MsV0cN-8zG90PKQDBdyana1Y1VPbKC9h8iONpmfXasqaDfj0UgHdUboohLtzHuTDUF7R7pkLzrI-lqx7CkqtpzWwlNMGXzonetaZ9MZPRto9OHOgN8u7ywqRyc6HcK5co3oEFbrxlvp-uvSReWEsDiWYuxaNeFGJv5qn9EeYAqXO8RyTcpiipUdNFg2Yvbp2wbJAHgkRr_AduXKdEfyoleBPXJY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4mrCaE8OY9D3FoaQygXk3LfICsme0rFc9eqhhogBwI23ARABIABglcKmgrAHggEXY2EtcHViLTAyOTEzMTgyMTY0MDQ2MDigAdW20uoDyAEJqQLqZJz5xcywPqgDAaoEiQJP0D4iK-8lCBsSQkl2B7I2AO5zmpGMPbs4aOuc4PU1rIN3lzeVgQ_2EO_HLMgiFWxkD23ttQM6WqnoSwE2vGOuYs4FUmF-jdRo9V3tNxhB-Qyn1QnFhSyqah5PyDoMyoxEk3lJUBggXsstIxNJ7RnasSiC8Pvc5pOtNvGGQqAsFw6YGR0K5fUmRLhXi2Pxqw36wotNJuqdKAi9O45TvDC3CMSWu1IgVYk9LkCr2jpAr-lQWjBQe69kj3Tn9xrllqw5J7D2TqS4KRNNTvIvW7XFRY4kiO1T8rZzTIlXkhj1-IdFSEDPK7OsEYY3MZZtbC174d-Yf3VMBin-Yk9fY8Utf1K9-U2CmmPHgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1YzoMCvNEhhoCAFCF5825iD1zI3A%26client%3Dca-pub-0291318216404608%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 17:56:57 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame A5DC 2 KB
1 KB 327ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 17:56:57 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A5DC 308 B
636 B 337ms
36ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 25 Aug 2023 17:56:57 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A5DC 293 B
622 B 315ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 25 Aug 2023 17:56:57 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame A5DC 43 B
348 B 320ms
19ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=lPyeilgLZnpK0PxU1OnM9rwR6ZnbhDQ-pTu1wZdRs-F-wWiy3UEk--EyRWvAzjmtmSZ3IEA5_LyKC-f_hzUDecDmb2JDgq2vnMp6Q8kQ6kh7Wkl7nftsMOImZfw_FuaDrb7Uki2w--3EuDsc65x14eBbRmy8P11AwZqEDjz29doKXexgzftKBHotX4MqY_8iGZ1ZbY55YDKdBuS-5LYAD2ApwhEnfsi5XBB0-K7rsgOAQBfq1_utdry5e0VzBdTxfGo-nCOkZxzgs2u9aJFpcJ3J_lb9_l20IE6mC2zAmI2JnXEFzYspXadOvKmTHvoMqLilzOTYX4NjkhL8us7wIivgIE4cdUZ9TkhkOeZPWkc-8zpzQ4vQtWylPpcvkNUOaOsJcTghJjH-zDOkNw_KdjKTb92IxsPmf6kOdhFPh1iJCu08

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 17:56:56 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3143645
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A5DC 12 KB
5 KB 310ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 511071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pt1x81HMfhjnEY6QRS8FsFEGF5kJkDM3LQD88ISW6%2BH372tDa0zUi547EvBbXHoIT2sKbWnk9qCgEgmGhwPWEPNdj3QVecOSHZAuLjcJotWPybAnSbvXtFbZRXdW%2Br0BSN5Cjqy7M43T65thB2F6dnHE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 742f67f05eb89000-FRA
expires: Sun, 20 Aug 2023 17:56:57 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A5DC 12 KB
6 KB 302ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 17:56:57 GMT

GET
H2 200 3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame A5DC 68 KB
68 KB 327ms
45ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10ec0"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 17:56:57 GMT

GET
H2 200 e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame A5DC 68 KB
68 KB 298ms
16ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10f14"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 17:56:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A5DC 24 KB
24 KB 274ms
20ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=7450&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F7450%2F211022%2F45f963b9b4db4061b7e96b7b9b33fb3d_img_horizontal_1.png&v=3&w=1200&s=aIsSsacyWVs96MWgv5ZIoipd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e861d3c3bf074c8b832c72921647e53513a1493a855cbfe43820933cbeb35dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:56 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28928244
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 24138
expires: Mon, 31 Jul 2023 13:34:21 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A5DC 0
128 B 266ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=_3qtVmExq9b0OHWo2tWVAmelsn573m92n2csUcPQQEk9imNyD9cwrjKIF4r_nFuZ1l2IVbOW0EqWKRle3a5jfj3XQBlc1snq1bUYnP83tlPeXYufEGbAz5SqypxguaKkkcO4-Eo6Ay1Vq_3H8mCYvmBeh_FiS_wOfD7mEi1yQfwapYw7Xmc1qXJjrWIlO3098tbWjgqTdCInPBZ24Rxz-RCZh38pcW1mlddsOQLGa7091xcW-GnlVdkrhimnoRDo9pw7dQ&sds=2&rev=82604&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 30 Aug 2022 17:56:56 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A5DC 2 KB
1 KB 19ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 17:56:57 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A5DC 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 17:56:57 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4F6B 2 KB
1 KB 37ms
37ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yw5PaAAFg8kK4DYPAA_wvHB59ipVO2NuNXl0pQ&u=%7CKglIOBpwlNqLEyJhORWcprezKPzgn0zAzM8twu6wI7w%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4JdLNIKaOnb5OzEWkIpq6r1BJdkqejnNl5wdET7w9LynkdBqXWJ-1Ske462UrEU9Qr2aQvLgfmDh04Exh1_G_nD8it2FC4SU6e4ywzKtthPbm-h0McqUp_wgdt-9PiCMjpbCuJXtVfqMmUn5FREcips9ZnkHCSX-ZAntu2d35MKmgYGAo7JG2RG6hb1WFHicn8Ba8slnWdB6nzkpHLKyW_jCZ-TPVLlCJUEd2UFCzJXXzK2QYZeyi-3Z8PAKC8ePSnCj3UgQUCPAvyOSA8-6HP4MT1Pc-WUnYqbOFrqXBWPmMuVaF_KLdazEdbBSY5wO3Fxp6G690_Hpys2-KgbCVUsSg_GQUk5FIvRYlLxmgTPxd303GEIsymSYHgLM_h7ZVYOAXbqbvgnIJgXa0S6YL38yMGnO_5f1Dgq8mR-tjNfqiQaf79wCQQaccqQio77BTDlSZ7cXaJQG8WmjEXefoxgBJsoh7J6qtrnxDKGJsxiXbWOn-CgaDYWiEx0U9SzZ2yZSO84Q37zc_sYXGIdBMowQIi-cM64zJn-2mFIac1Cd5KPYrGriA8udVf3TJbfRhcdhCCC9aYcclz8FfFbYJoHLo9F70KyV9c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQCgpaE8OY8mHFo_sgAe84b_4Bsme0rFcpfyT93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMDI5MTMxODIxNjQwNDYwOKAB1bbS6gPIAQmpAu8aTxNh0rA-qAMBqgSJAk_QZZTjxIMzJd1TGzbILnYxb-OBP7r1ItKef74NX26IpV3J7G9_Qr3H6GgRNY9uVFmEq-q2japCmKJVEV4ammCWgPQUyDIhSdY4jS7FCwIyIZk1_0uwhnaYp5DcI07qjzGJ8sJRQMibQL02exdHv5qgid-2FAsKeooJ132vEkFfAC04n3KcnSIqdVhnAEugYqSOEe2PgG6ktvSJ0lo40SqqKcV1mvh1VAM3gbCbCXHITEVRxKMul6ifpPd_nI2oZ1meKfV0q3eWH7WZ1aiC_hpCojWZMrr8E33yWHlVO0eaiMtYr_oJXUoIE1q-lgplTOQ-29it6sMvHw97f9ImY9pPDmgnEXFyN0yABu-dgaTXla2bG6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_17gybZLfxqb_fzU6whPqtFw9xgVw%26client%3Dca-pub-0291318216404608%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 17:56:57 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4F6B 2 KB
1 KB 21ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 17:56:57 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4F6B 308 B
636 B 17ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 25 Aug 2023 17:56:57 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 4F6B 293 B
621 B 22ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 25 Aug 2023 17:56:57 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 4F6B 43 B
347 B 19ms
18ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=jdp-s_gx192t4nLvBd7ACBF1GhjwAmcGtNCk3z0RdBGhXrPN13IhyTqAsFEDZCMtWkuRhijmUnvl0HC-Qplt4ta11N4FASZy5clNx1UM6pIehVmfgXi86uH2_8iascak31Mkkv7ckH87S-D_ydBYSfBbN5lf3AYr-TmoSlDiQ69mKlHeK-kLreiO9vmUlS1dHZvlgFYPz7fWHOD3uBVot0kaKRcTrItoRwizfdvbLal4YqDGzqspL9gUMkYXXyoL27cyJU4fTGpUPf4wrL9fTGVTmieEfjxMU8e4G-FgfX9z-YdAvKvVhk1zeTcPrcPqG8Qdn_XJEKOUIIdX-AIbFpKZOas3zSqiKFWGgRXFYuAQ8RP_rV-5_jJSILEJQLHgzOIc3LAUNfwElrsk061eGimeZ1n_kxpNgCxnqoM9VnXT77WR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 17:56:56 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2762529
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4F6B 12 KB
5 KB 12ms
12ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 511071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZGmnp%2FTLIzKg%2FGzUvHN%2FGz4IFTAWMYZgNdPu9e7tor0CcK1x8zxzgxFz5iabsCl1kM3cb2BBTtI9ALXXk0OUMTgFKVmkBTU%2FQ1u1YszkiIiHiVjYKzgiUdw6tlQ80S0xrWp3sAbGHVXu7C5N5AAqH0G"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 742f67f06ecb9000-FRA
expires: Sun, 20 Aug 2023 17:56:57 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 4F6B 12 KB
6 KB 21ms
21ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 17:56:57 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4F6B 0
127 B 14ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=rnMd-WExq9b0OHWoUaagF3tHgHHMotjTog6IDE5JC3j5Pc318aDX3-jbUgN4eKQZUzp_AoNnQJTtLHfvoqr9-T6FJgC3RIqYh4VHXXxzfoKH4C0-G-wT7qZMTr3t5MCqMenK060D_qvx9KmnEW1bOkuNA9Vo6jIi1pOYYnfvyKVK1dO1KWak2Rllc9qekly7GyUMvMGZPqCsizm0bSXquEd8BuJSF3_kZGVn-C8JqNp2EhhLs0HQoaVPeeV-SPBMmlXufw&sds=2&rev=82604&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 30 Aug 2022 17:56:56 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4F6B 2 KB
1 KB 23ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 17:56:57 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4F6B 2 KB
1 KB 21ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 17:56:57 GMT

GET
H2 200 3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 4F6B 68 KB
68 KB 23ms
22ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10ec0"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 17:56:57 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 96ms
69ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220829&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2be804da6793b5d47c0a814d47442c1c2e678fb0d98deb5dbff41498da7fbeb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Aug 2022 17:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11087
x-xss-protection: 0

POST
H2 200 rum Show response
sudantribune.com/cdn-cgi/ 0
265 B 20ms
20ms XHR
text/plain 2606:4700:10::6816:4bfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sudantribune.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4bfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
content-type: application/json

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://sudantribune.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 742f67f0eeb56939-FRA
vary: Origin

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 17:56:57 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7C04 13 KB
5 KB 15ms
13ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudantribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 481
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 17:48:56 GMT
expires: Wed, 30 Aug 2023 17:48:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2708 783 B
536 B 24ms
23ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

91a6542c581525a6f33879bcfda5910efbc82f5ee5e56e5b5cd56ee297114812

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P5j_8xHS-26i1C8K3CPbiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sudantribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-P5j_8xHS-26i1C8K3CPbiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 30 Aug 2022 17:56:57 GMT
expires: Tue, 30 Aug 2022 17:56:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C04 36 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/woHX-vsUocJZKT3Xlr8m3oSeq6S0iuLiA_v8-B2MNhs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c281d7fafb14a1c259293dd796bf26de849eaba4b48ae2e203fbfcf81d8c361b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 19:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 600116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15802
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 19:15:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2708 0
0 47ms
47ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220829&jk=914991964320575&rc=05AMjm62WIq0RtgnmuP9bq-idghr90_ZBx4DqqiTF6uGZ0uGApaqXEo0HF9JD64SqTZYMNmAcy4F2gzINazwxLkNqwZeXGOscUaPUD9ns6KWpQdKfneu5MMquONTS30oocIh1GUNTSam5LsyhN_KQa2g_f-nWJ22gWAAhEa29DJRpMioxnGBEBFyDlxn9HNx9zyX8NsZdv-2U57Jo6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7C04 0
10 B 13ms
12ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TZcw-Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:56:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B1B7 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdIElmC4Gfm26_bd81fvdBWv9nHMNKibKJ9LyWKIP3uOgmxHJs0b-2lbEIQFz2ES0FQNHuhF7cuBpnWd38C03tpshj&sig=Cg0ArKJSzNJGovmVsUv8EAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220829&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3685186759&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661882216311&rpt=363&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 17:56:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A5DC 0
127 B 13ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 30 Aug 2022 17:56:56 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
51ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220829&jk=914991964320575&bg=!MjGlMXXNAAaXrHhMt6w7ACkAdvg8Wk8qks-BcnsG-DwG6W3ju0V1OWAU4ax2TvHogHFaYSHqqvDRuwIAAABIUgAAAAdoAQeZAtqsMYcBtvuaMPdZYIU8bd-1PFYRRHv3KzIY4gJbTY6ulXwXKBEJWXaTWiwsAWsut1VVV95xP5zdU2kdzQ2vuHz5rtRjeP_X7Ivuq7SUzOM8OFY-WEmOadeC9KJE1U2LG75dsCz-xbAH0Jz2N0vF6iSRUwdn3npmbWhhAODk-h3Ax_KSP3PLIey3ccR9ksSCC5SkUWs3ysnxiL2BMiuYEYRN6nmM-L2XhsPGkgHM47-aCj_zTc8WVxJvyoffj83oFwA-EXHaGj7j9zKO01tDDie2VkXnikInRIdCZtYADJA2eyxlEqXfeINZd2e7PYYdIHHIEHGCs6x-1xZ4ZjbStrbY4p8mAQom74ZXGLGHF2OW5UIv0uZZjV0x3-m1KNefiSzCTQkblOwi2g9a4tRoICogR8WWP1IrNuf9LLTKJOM28y6l19qyXoakRl55pKYD0HJBCrobERdt_H0trEDSkanc81TjFZCUWqtUBHx6U2Dglb7AhxAvVjfdjlWdIf-NIs9-0lXIVVXWwxn3g53kDSFGjamHR2oc3Pi25dBY75t5x3Uq8r9Ou_3usDJ5Sm3HlDueGDU4G_TgAFu-FSTBq_IrBCERn86lxgqkUPwCIYfzPnbWXEFjTbaczs2-p-Au3CWXfRWeQ4kNl7gWmCQ_4lfWdxNXqLkNPGn0ST6-GAzUMMuhgy8XypLfqHm2MXH00MkzGTL9GYdU3aqf_5qaBtXVMxTznovDIl4VTgWZ2EJlFGv_AqWNVMcqjhH45wLvXbvd5ozhEzDOPtVvFgdGS3TgkdhxEmIRopp3O9CghpGY5N6otjIMaIC3_QZffvItpIDSMZZY9zES4siYAsf_th8jag2g8Nf6-vTrEWD6oWLKgeA5itQHyEcTrcIF5fE9NRa_mLGeSgPRzADr-PyinC9AYiRaqwSopgcyYxyFD5AR-gNfguvfBCMDI3yxzwKfQRmSL5eNnTlagfLg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sudantribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 09:57:14	Name: _GRECAPTCHA Value: 09AMjm62UScYd3x0UqUgTzzuvhYO44uig4HowPqWjPx72ovJiIlf516SL9vtmH0o_3fsQxcfJ12egGaQ8CMP60OHs
.sudantribune.com/	1970-01-20 05:38:04	Name: __cf_bm Value: _k9wOfOogpefEN9WG6L8_bQhcF.gJjdFQQ2pTg6g5lQ-1661882215-0-AX+gkTX/H02jYyi6PoWFUWlUOpC46KQiZJ3thSWEQaPeHgL5c7V2rYLKdUeCzDncH0mghYaahku/owRBtIu3flQ=
sudantribune.com/	1970-01-20 14:23:38	Name: pll_language Value: en
.sudantribune.com/	1970-01-20 15:14:02	Name: _ga_TCSW32R6J3 Value: GS1.1.1661882216.1.0.1661882216.60.0.0
.sudantribune.com/	1970-01-20 15:14:02	Name: _ga Value: GA1.2.1224149863.1661882216
.sudantribune.com/	1970-01-20 05:39:28	Name: _gid Value: GA1.2.1808969224.1661882216
.sudantribune.com/	1970-01-20 05:38:02	Name: _gat_gtag_UA_4732459_2 Value: 1
.sudantribune.com/	1970-01-20 14:59:38	Name: __gads Value: ID=3e6ec36f07d0644d-227f2f980cce0050:T=1661882216:RT=1661882216:S=ALNI_Maz1vLnswyGok6KT2lhM583HhaBVw
.doubleclick.net/	1970-01-20 14:59:38	Name: IDE Value: AHWqTUm5ZgKTfaF3xRFOLowI9F-TvsnZ8Ak6TC7eu9MY4lMddvVx6sUkhYuu9oFJ0fc

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sudantribune.com/BREAKING-NEWS-SPLA-minister-killed,26975/r/n/r/n/r/nSince Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0291318216404608&output=html&h=280&adk=3685186759&adf=2810334022&pi=t.aa~a.108489206~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1661882216&rafmt=1&to=qs&pwprc=8386737607&psa=0&format=1200x280&url=https%3A%2F%2Fsudantribune.com%2FBREAKING-NEWS-SPLA-minister-killed%2C26975%2Fr%2Fn%2Fr%2Fn%2Fr%2FnSince&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661882216098&bpp=2&bdt=288&idt=210&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3699215483701&frm=20&pv=1&ga_vid=1224149863.1661882216&ga_sid=1661882216&ga_hid=1483977933&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=73&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068920&oid=2&pvsid=914991964320575&tmod=1036739973&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PAgQz2KaqD&p=https%3A//sudantribune.com&dtd=212 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
region1.analytics.google.com
rtb.fr.eu.criteo.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sudantribune.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.sudantribune.com
142.250.186.98
178.250.0.160
178.250.2.135
178.250.2.150
2001:4860:4802:32::36
2606:4700:10::6816:4bfb
2606:4700:440e::ac40:9c1a
2606:4700::6811:190e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:813::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9d
2a02:2638:1::3
2a02:2638::2
2a02:2638::b
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
155b63f11efca2e97f980791a6c5bc0cc3483cdd4091017b2daf5f5e3858c54f
19a22692945d88984b620e60e95d9e5f13c87cb51be79b641e7132a83f0f73e9
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bdf15bede9bf7057f869c51d2d974bc7884e94fabd0de08c802e3f51d03b076
1e03aa26e3e60ab01094995b59a63fc896927538aca8a68beee9c7e7e1e1114a
1e706e8e4da71dca6cdeab6d0faf70c0963e5c7cf5290a5ed123cb729723c732
1eb94b540b32c31b933c5ddb705eaa88ebaa501364dc70713214181d996f0893
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
2be804da6793b5d47c0a814d47442c1c2e678fb0d98deb5dbff41498da7fbeb8
30a31bd4c38a2400b0e4aeb83da4f028cca84568378d1deedc236406792f1baf
316aced2729115d320de8fec8754db235fdd7ab4cc1dd4b15f6081e17e7d28a6
32dd00604df8db3415240d450341558b6827b1e02dc0f211d8a6d9a4287c522e
3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
4589b62a2cf679299ad53cb5f944bbde53c7b10313b017ac55f9008101d37520
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5115b76e6abe7f8434b1057cc479889a09c61d78f8bd98fbc75814f8f26d9879
5582fcb25f3bde2a2ecd75b0c0464370a8a8fa59bc3520d1e442875fe55ed1ce
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5f431019dbc02c29358a84d7071317fa5c496bf3f934e5f0bcc65a3ae68a5620
61bd5d2d11974a40aa4b79b5f7c2a771656c4ed13bdf623249dd9a849e056bf0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a
66e2fa49809c9039afe311b0e5c5241ca0b4b177a608ed67c1f6fd846483e2ba
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
729dd550e1b3ffe7a11593afbdd8a80397a8ea252c0acbb86391605fe91b29c8
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
73888a917e850824ffc2109e20466c8d22d8247046925b6377a10d7f289e2c8f
7e91fe7708d4cdc67b29bfab032e90b285c8b7f102d4338bceac55712a7928f4
863f31698192e87c3f25979fab14e6c426e45e904e3dbabee24cbcb0fa1a1fd8
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f4e48eae258c511c0a9d8fbe52702eb1b8fd6a81c8214e2ceb8c32a16c43950
91a6542c581525a6f33879bcfda5910efbc82f5ee5e56e5b5cd56ee297114812
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a44389c89b8bfe1809978cf8d85029c69ab3418643a79fcd0215216d5bc5a7bf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b180feb6d156c226f44dc417a7835bb6826fdeb255bc08d46d98b1be28e2074e
b32f570cedbb2def5429db02684c06752a8f587d8a0a58d9a1111d162bb3d781
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c281d7fafb14a1c259293dd796bf26de849eaba4b48ae2e203fbfcf81d8c361b
ca2dec4a524821c698dde641740eac37a53fb04328e07bb9a8ed526dab425de0
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
d2b63b89d3e642887f882b0fc40965bb7a9f93682d17831d626f052a20ebcf35
d5c6d519d07e2de3c0c98f8dd9995ce077402f683e13caf6013d52faa16c5443
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d8312bbafc4ee712027eab4ebd5d9edae29315a57674be8551cb9813a4e0dd8d
d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e
d8dc6a157ad70bfed83a655e508234cf8f9b136d56fea918d05216338f314e6f
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4790a50604ec306c0dafb7e90b82966fb3b6ed8769cc7178cf96619b8201bdd
e4a359a111e32fe4d99429716ada96eeb6f83733534c3c7d84195711bf6479a9
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e588f774da85c4047151c3347fb938a08ce43e158a4e1ca860826c6fde2515c2
e861d3c3bf074c8b832c72921647e53513a1493a855cbfe43820933cbeb35dca
eef05d03e7b6fd2a80c7e53b996ac6297d7beaa1a6d39df8e95c6e83ee52ef91
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7af8ad5d6659ab08a56400b3c86832926d67a8b4e6dd5b10f25725b605b0613
fb568542327d4264166e9839781916f91331fc0bae0bb29397ee3ebb4cc66ed8
fbcf0a8a17a2ae1826d71f338e905d70efe1da598aae72f3355ac3b581fdaefa
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

sudantribune.com Open in urlscan Pro 2606:4700:10::6816:4bfb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

100 %HTTPS

84 %IPv6

15 Domains

26 Subdomains

26 IPs

4 Countries

1647 kBTransfer

4084 kBSize

9 Cookies

3 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sudantribune.com Open in urlscan Pro
2606:4700:10::6816:4bfb Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

100 %
HTTPS

84 %
IPv6

15
Domains

26
Subdomains

26
IPs

4
Countries

1647 kB
Transfer

4084 kB
Size

9
Cookies

110 HTTP transactions
2 data transactions