nour.redatv.site Open in urlscan Pro
172.67.170.41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nour.redatv.site/
Effective URL:
https://nour.redatv.site/
Submission: On November 05 via api (November 5th 2024, 12:02:49 pm UTC) from NL — Scanned from NL

Summary HTTP 49 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 49 HTTP transactions. The main IP is 172.67.170.41, located in United States and belongs to CLOUDFLARENET, US. The main domain is nour.redatv.site.
TLS certificate: Issued by WE1 on October 31st 2024. Valid for: 3 months.

This is the only time nour.redatv.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	172.67.170.41 172.67.170.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
7	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
3	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
5	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
49	11

25 172.67.170.41 (United States)

ASN13335 (CLOUDFLARENET, US)

nour.redatv.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

shempaurdou.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	redatv.site nour.redatv.site	3 MB
7	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116	197 KB
5	gstatic.com fonts.gstatic.com	127 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 233245 ep2.adtrafficquality.google — Cisco Umbrella Rank: 204383	19 KB
3	shempaurdou.net shempaurdou.net	36 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10912	544 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	107 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
49	9

	Domain	Requested by
25	nour.redatv.site	nour.redatv.site
7	pagead2.googlesyndication.com	nour.redatv.site pagead2.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
3	shempaurdou.net	nour.redatv.site shempaurdou.net
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	my.rtmark.net	shempaurdou.net
1	www.googletagmanager.com	nour.redatv.site
1	fonts.googleapis.com	nour.redatv.site
49	10

This site contains links to these domains. Also see Links.

Domain
pay.degof.com
www.yalla-live.ai
cover.livehd7.io

Subject Issuer	Validity	Valid
redatv.site WE1	`2024-10-31` - `2025-01-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
shempaurdou.net R10	`2024-10-09` - `2025-01-07`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
rtmark.net R11	`2024-08-30` - `2024-11-28`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://nour.redatv.site/
Frame ID: CF41DB887B4E004B7A3B9033079AE806
Requests: 42 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: EB124D3C060A92FDDAD842FDB81655BD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1110367686843425&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730808163&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fnour.redatv.site%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730808163738&bpp=2&bdt=590&idt=182&shv=r20241030&mjsv=m202410290101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=6383176384671&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088482%2C95344190%2C31088607%2C95345788%2C95345962%2C95345967&oid=2&pvsid=2249723609251739&tmod=300755934&nvt=1&fsapi=1&fc=1920&brdim=380%2C380%2C380%2C380%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=214
Frame ID: B54104379A6BC92CE1A3E47DEF3B6778
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1110367686843425&output=html&h=600&slotname=9124532544&adk=1923978339&adf=3426762526&pi=t.ma~as.9124532544&w=300&abgtt=6&lmt=1730808163&format=300x600&url=https%3A%2F%2Fnour.redatv.site%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730808163740&bpp=1&bdt=592&idt=226&shv=r20241030&mjsv=m202410290101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6383176384671&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088482%2C95344190%2C31088607%2C95345788%2C95345962%2C95345967&oid=2&pvsid=2249723609251739&tmod=300755934&nvt=1&fc=1920&brdim=380%2C380%2C380%2C380%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=233
Frame ID: 96770659915A1ACEBCDCC1ECB03BF99C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1110367686843425&output=html&h=250&slotname=7319608235&adk=1472379845&adf=3584444257&pi=t.ma~as.7319608235&w=300&abgtt=6&lmt=1730808163&format=300x250&url=https%3A%2F%2Fnour.redatv.site%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730808163741&bpp=1&bdt=594&idt=239&shv=r20241030&mjsv=m202410290101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6383176384671&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=924&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088482%2C95344190%2C31088607%2C95345788%2C95345962%2C95345967&oid=2&pvsid=2249723609251739&tmod=300755934&nvt=1&fc=1920&brdim=380%2C380%2C380%2C380%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&fsb=1&dtd=248
Frame ID: 31E7BB8491991CF4135F047E1ACD66DE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1110367686843425&output=html&h=600&slotname=9125668018&adk=1000017821&adf=2198137118&pi=t.ma~as.9125668018&w=160&abgtt=6&lmt=1730808164&format=160x600&url=https%3A%2F%2Fnour.redatv.site%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730808163741&bpp=1&bdt=593&idt=258&shv=r20241030&mjsv=m202410290101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C300x600%2C300x250&nras=1&correlator=6383176384671&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1142&ady=1739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088482%2C95344190%2C31088607%2C95345788%2C95345962%2C95345967&oid=2&pvsid=2249723609251739&tmod=300755934&nvt=1&fc=1920&brdim=380%2C380%2C380%2C380%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=260
Frame ID: 04905B37A3EB94DD9CB9F60D1BCD4C14
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 2FCB4A27D73FF713C67AD66135102F09
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VisitorsCoverage Insurance for USA visitors, Int'l Travel medical Insurance, Visitor Health Insurance

Page URL History Show full URLs

http://nour.redatv.site/ HTTP 307
https://nour.redatv.site/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

49
Requests

96 %
HTTPS

40 %
IPv6

9
Domains

10
Subdomains

11
IPs

3
Countries

3811 kB
Transfer

5600 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://pay.degof.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.yalla-live.ai/
Title: Yalla live

Search URL Search Domain Scan URL

URL: https://cover.livehd7.io/
Title: Home

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nour.redatv.site/ HTTP 307
https://nour.redatv.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
nour.redatv.site/
Redirect Chain

http://nour.redatv.site/
https://nour.redatv.site/

63 KB
14 KB

89ms
37ms

Document
text/html

172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nour.redatv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3d7a0e3606c2e0e9cc0ec2c5e8c042249dcb838b2ab7230b87bc93843182437

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ddcb24b4981a003-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Nov 2024 12:02:43 GMT
link: <https://nour.redatv.site/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0RlazswY1qHozPbW6D53mcWjhlnyjK7KeEpz5d56U6QWvU4nUDbBDCjPMZCUm2jQ0jPelPM3OcKf9fBI1MIEKZqtOQlDeo9iaYEmo5bwy%2B%2BpS2%2BsJhkNp08R5Ybi4kWRkIni"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=18281&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4140&recv_bytes=4443&delivery_rate=37767&cwnd=12000&unsent_bytes=0&cid=db94c63a560074ed&ts=50&x=1" cfHdrFlush;dur=0

Redirect headers

Location: https://nour.redatv.site/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 style.min.css
nour.redatv.site/wp-includes/css/dist/block-library/ 110 KB
15 KB 50ms
48ms Stylesheet
text/css 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nour.redatv.site/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by: Host: nour.redatv.site
URL: https://nour.redatv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 1691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CFRz2k2OsPfeJVrohbdoOE2ZnbSUuha9Vnd2AnGzlMb40z7LyX%2FOdIJtRVSnc7InWX2nI8sdqqUKcuTPJlfbxR76tJCAsHuaQi25m2Scjkn9bofwag7bmTzWjqKemXwge2CE"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb24bfa4da003-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20777&sent=34&recv=21&lost=0&retrans=1&sent_bytes=26487&recv_bytes=6691&delivery_rate=587295&cwnd=21600&unsent_bytes=0&cid=db94c63a560074ed&ts=148&x=1", cfHdrFlush;dur=0
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: text/css
last-modified: Wed, 11 Sep 2024 04:20:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 style.css
nour.redatv.site/wp-content/themes/smart-mag/ 201 KB
40 KB 61ms
59ms Stylesheet
text/css 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nour.redatv.site/wp-content/themes/smart-mag/style.css?ver=10.2.1
Requested by: Host: nour.redatv.site
URL: https://nour.redatv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04997151350401bd478f9cb11d24847fd76c1d29b36b9ba12adbd13969d24a6c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 1691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=raEbY%2BQzo4WJ539tOPKVJHEU8L%2BddttMayMA4EBgv6ZIXbDyf%2BdS3bfGXCSwxgB4TcgZooQ49KZixi8TYHKMTmxUX4Jwvt1iHEmOnf6aEb1%2F4xqbdplmOwV2gNTH5QSoUFJ2"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb24bfa50a003-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20938&sent=45&recv=22&lost=3&retrans=4&sent_bytes=38231&recv_bytes=6736&delivery_rate=8375&cwnd=15119&unsent_bytes=0&cid=db94c63a560074ed&ts=160&x=1", cfHdrFlush;dur=6
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: text/css
last-modified: Tue, 15 Oct 2024 08:18:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 lightbox.css
nour.redatv.site/wp-content/themes/smart-mag/css/ 7 KB
3 KB 116ms
115ms Stylesheet
text/css 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nour.redatv.site/wp-content/themes/smart-mag/css/lightbox.css?ver=10.2.1
Requested by: Host: nour.redatv.site
URL: https://nour.redatv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9ecc55173b58cf9ab841c18c232def14055ac9fdc3380f093f0360280601637

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 1691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OpvvBSeawn1S1Pe9Sk7KSZyFLsxlhPK3oD%2FT7E7vUtcV%2FUq5%2Fv%2FAHJkQ5X9n4bFdKX9iJsVHxwLwJxtnFLAi6GCu58efxdwuAKEmtyZSZ%2B9u2M6U3JptM0jZ0b4luUYDKIjg"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb24bfa54a003-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20938&sent=45&recv=22&lost=3&retrans=4&sent_bytes=38231&recv_bytes=6736&delivery_rate=8375&cwnd=15119&unsent_bytes=0&cid=db94c63a560074ed&ts=153&x=1", cfHdrFlush;dur=13
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: text/css
last-modified: Tue, 15 Oct 2024 08:18:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 icons.css
nour.redatv.site/wp-content/themes/smart-mag/css/icons/ 5 KB
2 KB 48ms
47ms Stylesheet
text/css 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nour.redatv.site/wp-content/themes/smart-mag/css/icons/icons.css?ver=10.2.1
Requested by: Host: nour.redatv.site
URL: https://nour.redatv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d99f7fd32a76a9abaeb002ec977025b52dfa6e96f26c15419f2bbc3f3c30a496

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 1691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4P3C6lBNWIc2XIdn%2BfyrpiJQxX5MKN3vpnPXaC3Umj5caw2mXEs32Nsys9x9E9DFEqo9Q1auyXUM4swZ9gLjlX0snFL0Sx6rSswARGgMrwOflEjH6x9H0mvFM4tCptMVHHq%2B"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb24bfa55a003-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20777&sent=32&recv=21&lost=0&retrans=1&sent_bytes=24766&recv_bytes=6691&delivery_rate=587295&cwnd=21600&unsent_bytes=0&cid=db94c63a560074ed&ts=148&x=1", cfHdrFlush;dur=0
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: text/css
last-modified: Tue, 15 Oct 2024 08:18:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 18 KB
2 KB 160ms
79ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C500%2C600%2C700%7CBarlow%3A400%2C500%2C600%2C700%7CFira+Sans+Condensed%3A400%2C500%2C600%2C700&display=swap

Requested by

Host: nour.redatv.site
URL: https://nour.redatv.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c46f77af23bb4e9ed3177b8e1fafb2ba5e90fdb022d91b067bb447286f4d157a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 12:02:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 05 Nov 2024 12:02:43 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 jquery.min.js Show response
nour.redatv.site/wp-includes/js/jquery/ 86 KB
31 KB 116ms
115ms Script
application/javascript 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nour.redatv.site/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: nour.redatv.site
URL: https://nour.redatv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 1691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5X9h7ddKnEzYxFAjLYxqbBM6FNzSeYEO0mmS%2FDBCC3JWRgGNeZeDjd0Ksh38LAXx%2BfrkILdmNIstPY%2FheJXhEsWvEnmB5EJ27pSnCbVZq6d2Ir6Csibi6hgP56nxZVZlF%2FzN"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb24bfa56a003-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20777&sent=44&recv=21&lost=0&retrans=1&sent_bytes=37735&recv_bytes=6691&delivery_rate=587295&cwnd=21600&unsent_bytes=0&cid=db94c63a560074ed&ts=149&x=1", cfHdrFlush;dur=17
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: application/javascript
last-modified: Wed, 08 Nov 2023 04:13:43 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 jquery-migrate.min.js Show response
nour.redatv.site/wp-includes/js/jquery/ 13 KB
5 KB 48ms
47ms Script
application/javascript 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nour.redatv.site/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: nour.redatv.site
URL: https://nour.redatv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 1691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i4VY6JZfN%2BdR3ZKbbhqXPoHs9GLyz76oJvqhCGYoAfm%2BERPTPdt0a8ALhA8aqV0cAEZ4r6px3eczPQ7PGmGMGpCxwZSh4SIjTYVczFrZ2lxtgLnNnMR8imfmWZVD%2BqIh2AxC"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb24bfa59a003-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20777&sent=27&recv=21&lost=0&retrans=1&sent_bytes=19044&recv_bytes=6691&delivery_rate=587295&cwnd=21600&unsent_bytes=0&cid=db94c63a560074ed&ts=147&x=1", cfHdrFlush;dur=0
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: application/javascript
last-modified: Sat, 21 Oct 2023 04:03:17 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 320 KB
107 KB 251ms
65ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YDW3H8FDQR

Requested by

Host: nour.redatv.site
URL: https://nour.redatv.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c32e446180888cc9eb973578b9278eef8e96f709a11bbf425738f9fd3eead141

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 05 Nov 2024 12:02:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108848
x-xss-protection: 0
server: Google Tag Manager

GET 10ecd95f-af09-4b13-8827-ca88b8d207d1
https://nour.redatv.site/ Frame 0
0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 158 KB
53 KB 135ms
73ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1110367686843425

Requested by

Host: nour.redatv.site
URL: https://nour.redatv.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

cf81a87c0de1f6adf96322f41ecf024c666626f3a2bf371269fa9f468572cbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nour.redatv.site
Referer: https://nour.redatv.site/

Response headers

content-encoding: br
etag: 6411469523681520673
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 12:02:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53804
x-xss-protection: 0
server: cafe

GET
H2 200 7628968 Show response
shempaurdou.net/5/ 74 KB
33 KB 112ms
59ms Script
application/javascript 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shempaurdou.net/5/7628968
Requested by: Host: nour.redatv.site
URL: https://nour.redatv.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: d6230bb2bbe8201c283eb6da29b754be0347a1c2c913cba4166804fd490feb08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

access-control-max-age: 86400
content-encoding: gzip
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: application/javascript
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache, no-cache
access-control-allow-credentials: true
x-trace-id: 72fa73d5acaa983397ea7c2bc3711067
access-control-allow-origin: *
server: nginx

GET
H3 200 lazyload.js Show response
nour.redatv.site/wp-content/themes/smart-mag/js/ 8 KB
4 KB 116ms
115ms Script
application/javascript 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nour.redatv.site/wp-content/themes/smart-mag/js/lazyload.js?ver=10.2.1
Requested by: Host: nour.redatv.site
URL: https://nour.redatv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8448db5f7eec2ca651c7e3d56bfc603ce53880f81c79b3ea7ade4fb2d7dec18b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 1691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eAQqFescCVngDFnr%2BuYMTT5WLpqJLXwVjSMp1nkKf46EDm0KTiYV9XX9n3UgZPCXkCvX3jgd2bNkvOQdKYygmi%2FHxw0Kejsm5ZbJSqFOQ9umI9SYqg%2B7e3uK7Lvr6HuUvFUn"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb24c4ac9a003-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20757&sent=73&recv=42&lost=3&retrans=4&sent_bytes=69690&recv_bytes=8772&delivery_rate=743394&cwnd=16319&unsent_bytes=0&cid=db94c63a560074ed&ts=197&x=1", cfHdrFlush;dur=0
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 08:18:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 jquery.mfp-lightbox.js Show response
nour.redatv.site/wp-content/themes/smart-mag/js/ 20 KB
8 KB 116ms
115ms Script
application/javascript 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nour.redatv.site/wp-content/themes/smart-mag/js/jquery.mfp-lightbox.js?ver=10.2.1
Requested by: Host: nour.redatv.site
URL: https://nour.redatv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 1691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iu5OynYtvAsvoVzSelJQALLd7b25RwC4NK4l91E%2BwzIr8Y1AmlXEDOa%2FwJHbqG%2FF1137RLew%2FDZSmc3RAgIIAlsuULXfvoFpj19BTcUB5qjoIpUpEhPuLYFaYiAwYzgvsNbE"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb24c4acba003-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18335&sent=85&recv=48&lost=3&retrans=4&sent_bytes=83823&recv_bytes=9043&delivery_rate=905742&cwnd=16319&unsent_bytes=0&cid=db94c63a560074ed&ts=203&x=1", cfHdrFlush;dur=0
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 08:18:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 jquery.sticky-sidebar.js Show response
nour.redatv.site/wp-content/themes/smart-mag/js/ 12 KB
4 KB 113ms
112ms Script
application/javascript 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nour.redatv.site/wp-content/themes/smart-mag/js/jquery.sticky-sidebar.js?ver=10.2.1
Requested by: Host: nour.redatv.site
URL: https://nour.redatv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2660d2ba27141ecebe732da9795d68254bb155fbf87a88d817d4da4528b9a83c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 1691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qd6V6sFCIYvyjtdbxp3cEeoQzap%2B1wa6aZ4%2F%2Fgi4UDOGU8%2BDjVdqo4d3EDGVXI8GJheXWmjvk%2F1HUU9I5Hx8QZ4OHz5abnWDRN%2BwRwIXs0IiEPP6T9NwctOuRifrQ4%2BkSFo8"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb24c4acda003-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20757&sent=73&recv=42&lost=3&retrans=4&sent_bytes=69690&recv_bytes=8772&delivery_rate=743394&cwnd=16319&unsent_bytes=0&cid=db94c63a560074ed&ts=199&x=1", cfHdrFlush;dur=1
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 08:18:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 theme.js Show response
nour.redatv.site/wp-content/themes/smart-mag/js/ 53 KB
17 KB 155ms
147ms Script
application/javascript 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nour.redatv.site/wp-content/themes/smart-mag/js/theme.js?ver=10.2.1
Requested by: Host: nour.redatv.site
URL: https://nour.redatv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55a08c529bb99ad4a1ee25c32d443c7d416fa10975557ad32908feb58d6f51e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 1691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2BbSA%2BodpDGxVDOl%2B16PQ1rzS5pETl2%2F1v9ZYt5Z3MRAGBdRKt8wpNdAycdZ0qZsE5uY9xIVya0DwhIKt6Gfk1uUHmdqbWqPHj8Py5idiPXXhx6vnmTGU1NKBkMVzqpzQKEd"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb24c5ae8a003-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18335&sent=85&recv=48&lost=3&retrans=4&sent_bytes=83823&recv_bytes=9043&delivery_rate=905742&cwnd=16319&unsent_bytes=0&cid=db94c63a560074ed&ts=209&x=1", cfHdrFlush;dur=0
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 08:18:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v18/ 29 KB
29 KB 106ms
23ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C500%2C600%2C700%7CBarlow%3A400%2C500%2C600%2C700%7CFira+Sans+Condensed%3A400%2C500%2C600%2C700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nour.redatv.site
Referer: https://fonts.googleapis.com/

Response headers

age: 505524
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:37:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:37:19 GMT
last-modified: Tue, 02 May 2023 15:28:35 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29588
x-xss-protection: 0
server: sffe

GET
H3 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 152ms
71ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nour.redatv.site
Referer: https://fonts.googleapis.com/

Response headers

age: 505042
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:45:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:45:21 GMT
last-modified: Tue, 19 Apr 2022 19:35:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21796
x-xss-protection: 0
server: sffe

GET
H3 200 ts-icons.woff2
nour.redatv.site/wp-content/themes/smart-mag/css/icons/fonts/ 12 KB
12 KB 84ms
83ms Font
font/woff2 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nour.redatv.site/wp-content/themes/smart-mag/css/icons/fonts/ts-icons.woff2?v3.1
Requested by: Host: nour.redatv.site
URL: https://nour.redatv.site/wp-content/themes/smart-mag/css/icons/icons.css?ver=10.2.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab2f11096463285c343ca4d67a5e04df3ec228916332ebd9d95a8783d014e2dd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nour.redatv.site
Referer: https://nour.redatv.site/wp-content/themes/smart-mag/css/icons/icons.css?ver=10.2.1

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NQIcOEpu7bQQ6%2FMtkcb%2BxGTsqvc36wT3%2Fn6yk6lEtEEjQJUuKL21RjbYiR4rhh%2FZa%2Fze4N9qwgxH6YhxYE9d6Cl%2BSVjOC7Zt%2FFrhxIkr21Ts9%2Bf2JdMK5CI55jI1yEXLJy9P"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb24e5dc5a003-AMS
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20221&sent=169&recv=78&lost=3&retrans=4&sent_bytes=176282&recv_bytes=12693&delivery_rate=371140&cwnd=19919&unsent_bytes=0&cid=db94c63a560074ed&ts=526&x=1", cfHdrFlush;dur=47
content-length: 11940
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: font/woff2
last-modified: Tue, 15 Oct 2024 08:18:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 171ms
90ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nour.redatv.site
Referer: https://fonts.googleapis.com/

Response headers

age: 506147
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:26:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:26:56 GMT
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21144
x-xss-protection: 0
server: sffe

GET
H3 200 wEOsEADFm8hSaQTFG18FErVhsC9x-tarWU3IuMR0cg.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 23 KB
23 KB 130ms
49ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWU3IuMR0cg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

458af683b8dbd6454c2ab93f5d228801d4c9edb8a8a8930c28563c6406a849f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nour.redatv.site
Referer: https://fonts.googleapis.com/

Response headers

age: 506391
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:22:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:22:52 GMT
last-modified: Thu, 21 Apr 2022 16:46:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23784
x-xss-protection: 0
server: sffe

GET
H3 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 32 KB
32 KB 111ms
31ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://nour.redatv.site
Referer: https://fonts.googleapis.com/

Response headers

age: 506196
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:26:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:26:07 GMT
last-modified: Tue, 02 May 2023 15:52:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33116
x-xss-protection: 0
server: sffe

GET
H3 200 TinySnap-2024-03-11-21.36.40.png
nour.redatv.site/wp-content/uploads/2024/03/ 200 KB
200 KB 42ms
41ms Image
image/png 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nour.redatv.site/wp-content/uploads/2024/03/TinySnap-2024-03-11-21.36.40.png
Requested by: Host: nour.redatv.site
URL: https://nour.redatv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e19168b679c4a0f53722b01deceb69cb4e55c8849ec2e04ac1ffca9efd63516

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xPuIpoWiwqhwJjhW5Tdn%2FaUhB2YpGmL%2FQgUIt4kxXI9A1mwgbzRKpyv%2Bcp%2FxrjWoVkG1JatmMWa%2Fdbb2Virzd27l5fDZSqk6DwJaHVn9vNHMoiOvzVaPXHGwNxEAcrmuKGWD"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb24e5dbea003-AMS
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20221&sent=152&recv=78&lost=3&retrans=4&sent_bytes=156363&recv_bytes=12693&delivery_rate=371140&cwnd=19919&unsent_bytes=0&cid=db94c63a560074ed&ts=524&x=1", cfHdrFlush;dur=0
content-length: 204461
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: image/png
last-modified: Tue, 26 Mar 2024 05:54:26 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 TinySnap-2024-03-11-21.43.20.png
nour.redatv.site/wp-content/uploads/2024/03/ 386 KB
386 KB 55ms
50ms Image
image/png 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nour.redatv.site/wp-content/uploads/2024/03/TinySnap-2024-03-11-21.43.20.png
Requested by: Host: nour.redatv.site
URL: https://nour.redatv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d9f79bea134545bdc36192719be16aef8fd70907c2cb2d8471955e9b57dc178

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kqCwu0HDQQAU3M5BjSXusvThw5nUrUE5YiCRIsL%2BTp3vNM2AxpnOocGUEbLCsWNa5P2YIUfDBGGwEqoXjgOwi%2FLL2PCbk6D%2Fq4wbcyoLk9iGNvWfvPb%2FsJ%2FOPT2IgASxfQgP"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb24e5dbfa003-AMS
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20221&sent=169&recv=78&lost=3&retrans=4&sent_bytes=176282&recv_bytes=12693&delivery_rate=371140&cwnd=19919&unsent_bytes=0&cid=db94c63a560074ed&ts=525&x=1", cfHdrFlush;dur=16
content-length: 394907
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: image/png
last-modified: Tue, 26 Mar 2024 05:54:30 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 TinySnap-2024-03-11-21.46.03-768x350.png
nour.redatv.site/wp-content/uploads/2024/03/ 274 KB
275 KB 56ms
52ms Image
image/png 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nour.redatv.site/wp-content/uploads/2024/03/TinySnap-2024-03-11-21.46.03-768x350.png
Requested by: Host: nour.redatv.site
URL: https://nour.redatv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 556c0614d8ff1d3424580b3070f3b2c53a352b9c074082e5b48a9b31116c84cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=08GppP3igt0wRLHnIvQUmgJ9S%2BxxHYE8GGf4FAPInd7fJ30txsJ0VLMeU9IgWu9k0vWyCA8CRue4TFChka%2Bz1pt5zbYLyCm8jWlPqKz32MZ4VFmxfVV06uIPJDynSpB3lXTF"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb24e5dc0a003-AMS
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20221&sent=169&recv=78&lost=3&retrans=4&sent_bytes=176282&recv_bytes=12693&delivery_rate=371140&cwnd=19919&unsent_bytes=0&cid=db94c63a560074ed&ts=525&x=1", cfHdrFlush;dur=17
content-length: 280800
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: image/png
last-modified: Tue, 26 Mar 2024 05:54:33 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 TinySnap-2024-03-11-21.49.26.png
nour.redatv.site/wp-content/uploads/2024/03/ 214 KB
215 KB 67ms
63ms Image
image/png 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nour.redatv.site/wp-content/uploads/2024/03/TinySnap-2024-03-11-21.49.26.png
Requested by: Host: nour.redatv.site
URL: https://nour.redatv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03291edb38f3adf3e591f7b04da47b663b533cf4c5af4cbc394f4005b5935df5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2BNlYCTTIZk76Fb2J0ogCzbWHRS%2FZU4VYxgJld5ZqmmOwVgqIu66MXjAn%2F%2FwY2YDRCMr6U%2FAhIzHgpPkAhghSJ96JbKBABe78W8MYr3%2BkJr1aa51YT3Jg%2BqOHysdQKqqzAPs"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb24e5dc2a003-AMS
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20221&sent=169&recv=78&lost=3&retrans=4&sent_bytes=176282&recv_bytes=12693&delivery_rate=371140&cwnd=19919&unsent_bytes=0&cid=db94c63a560074ed&ts=525&x=1", cfHdrFlush;dur=33
content-length: 219413
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: image/png
last-modified: Tue, 26 Mar 2024 05:54:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 TinySnap-2024-03-11-21.47.01.png
nour.redatv.site/wp-content/uploads/2024/03/ 335 KB
336 KB 69ms
65ms Image
image/png 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nour.redatv.site/wp-content/uploads/2024/03/TinySnap-2024-03-11-21.47.01.png
Requested by: Host: nour.redatv.site
URL: https://nour.redatv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aafc33a2e3787d027de4f7e08ba09f8ca1cf5868beed34cbcc4e99434bbe1eb5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5erch1gQSsSsKyqIDVQr3FQQeFp0Zxjcg7Bk5NaUmO4wXlyFaF1xtHIebXJDfDahwdvVrTS3OGtiaMbB6zC41af9pY52HfiKi9HAhL%2Bal4kwFBFzkNUUZshvYXnwFqFpUhgF"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb24e5dc3a003-AMS
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20221&sent=169&recv=78&lost=3&retrans=4&sent_bytes=176282&recv_bytes=12693&delivery_rate=371140&cwnd=19919&unsent_bytes=0&cid=db94c63a560074ed&ts=527&x=1", cfHdrFlush;dur=31
content-length: 342942
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: image/png
last-modified: Tue, 26 Mar 2024 05:54:39 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 TinySnap-2024-03-11-21.51.02-768x319.png
nour.redatv.site/wp-content/uploads/2024/03/ 207 KB
208 KB 85ms
82ms Image
image/png 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nour.redatv.site/wp-content/uploads/2024/03/TinySnap-2024-03-11-21.51.02-768x319.png
Requested by: Host: nour.redatv.site
URL: https://nour.redatv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6bcfad200c4c484b35b184ddf4f4424df41de42e1095e623c33f7c02ee6b4bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HGFVYocc2YxJMs14FKlWh%2BCFEGZ9XZgIu5Vc2PPKWb9cDgu4SBgkwsBryv%2FdTKGDEZx9q5dvFQt47vk87RXdr9Pc%2FTTovOvRtEtZy5sxdsI0VWghdrSLbj22YraULfzpUIB6"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb24e5dc4a003-AMS
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20221&sent=169&recv=78&lost=3&retrans=4&sent_bytes=176282&recv_bytes=12693&delivery_rate=371140&cwnd=19919&unsent_bytes=0&cid=db94c63a560074ed&ts=526&x=1", cfHdrFlush;dur=45
content-length: 212093
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: image/png
last-modified: Tue, 26 Mar 2024 05:54:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 wp-emoji-release.min.js Show response
nour.redatv.site/wp-includes/js/ 18 KB
5 KB 805ms
803ms Script
application/javascript 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nour.redatv.site/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
Requested by: Host: nour.redatv.site
URL: https://nour.redatv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0tH6Rqy08Ki8Y4skjf9kCaR66M%2BnwcAzBmM72Z%2FAQvW6At6QI0UEa8AVaX6kIT%2FMMscks5Ak8w%2BuAphXBWs4GsX7hIgk6b5fSur4WTfs3rPNU%2FYMzwv%2F%2B1VF83X%2BTwXfRqrv"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb24e7e00a003-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20161&sent=199&recv=82&lost=3&retrans=4&sent_bytes=207492&recv_bytes=13125&delivery_rate=712028&cwnd=19919&unsent_bytes=0&cid=db94c63a560074ed&ts=565&x=1", cfHdrFlush;dur=22
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 04:14:19 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 112ms
14ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=00810b40d5d94345e09853cc18fcb2f2

Requested by

Host: shempaurdou.net
URL: https://shempaurdou.net/5/7628968

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f675ac86c668bffd7ff6673415abd878aa67ac76e323f8e7f2371c3ad94e2f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

strict-transport-security: max-age=1
access-control-expose-headers: Authorization
timing-allow-origin: *, *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://nour.redatv.site
content-length: 65
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410290101/ 434 KB
145 KB 80ms
75ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1110367686843425&plah=nour.redatv.site&bust=31088607

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1110367686843425

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

6eef76486e39738092c9b16594353fa7583ab390e9e5283860cfc6ddff97d757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

content-encoding: br
etag: 6767834374579709514
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 12:02:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147963
x-xss-protection: 0
server: cafe

GET
H2 200 wrr
shempaurdou.net/ 2 B
0 67ms
21ms Fetch
text/plain 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://shempaurdou.net/wrr?z=7628968&p_rid=ebc9213b-1baa-4da7-b6d2-74b1520a4127&rb=mawzJq8GF4tZrkYlq3Ftiz98ls4ynSxvofuAvQRxIBFtoNqxpidnjtjm1gaApENFpvKoPAHsRDoiymPtzx6WQzwoc-UF6AnZs-FB43fEVIcS_8bJoRy4FDnwUlVEwru_GD_f9jdG3nX7_TUGlNWLyj48vXdU346Zk8ozPgQJpPhmfBkC3SqmypLUKQZqbwTtoYXbyHLT_LDtzWSxnAIWVX7YBn-h_CeDiU_BTLKJQNeVqi2lnSQR0WJP0vhR3SdpQmkelFTgT596Z5ORkG87kmrWztgElNVwD3WgnXjINu_KkFeSKpY9gn3G4AZ9blw9qGDlCw==&is_mobile=false&jsp=1&fs=0&cf=0&sw=1600&sh=1200&wih=1200&wiw=1600&ww=1600&wh=1285&sah=1200&wx=380&wy=380&cw=1600&wfc=0&pl=https%3A%2F%2Fnour.redatv.site%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FAmsterdam&bto=-60&tt=1&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.983.0&navlng=nl-NL&vsbl=true&pnt=0&pnrc=0&bml=1&bmi=1&wasm=1&dmn=shempaurdou.net&userId=00810b40d5d94345e09853cc18fcb2f2

Requested by

Host: shempaurdou.net
URL: https://shempaurdou.net/5/7628968

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: text/plain
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 94da77437585634337c8ebfdff669c30
access-control-allow-origin: https://nour.redatv.site
content-length: 2
server: nginx

GET
H2 200 / Show response
shempaurdou.net/ 2 KB
3 KB 25ms
24ms Fetch
application/json 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://shempaurdou.net/?rb=mawzJq8GF4tZrkYlq3Ftiz98ls4ynSxvofuAvQRxIBFtoNqxpidnjtjm1gaApENFpvKoPAHsRDoiymPtzx6WQzwoc-UF6AnZs-FB43fEVIcS_8bJoRy4FDnwUlVEwru_GD_f9jdG3nX7_TUGlNWLyj48vXdU346Zk8ozPgQJpPhmfBkC3SqmypLUKQZqbwTtoYXbyHLT_LDtzWSxnAIWVX7YBn-h_CeDiU_BTLKJQNeVqi2lnSQR0WJP0vhR3SdpQmkelFTgT596Z5ORkG87kmrWztgElNVwD3WgnXjINu_KkFeSKpY9gn3G4AZ9blw9qGDlCw%3D%3D&request_ab2=0&zoneid=7628968&js_build=iclick-v1.983.0&jsp=1&fs=0&cf=0&sw=1600&sh=1200&wih=1200&wiw=1600&ww=1600&wh=1285&sah=1200&wx=380&wy=380&cw=1600&wfc=0&pl=https%3A%2F%2Fnour.redatv.site%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FAmsterdam&bto=-60&tt=1&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.983.0&navlng=nl-NL&vsbl=true&pnt=0&pnrc=0&bs=ebc9213b-1baa-4da7-b6d2-74b1520a4127&wasm=1&userId=00810b40d5d94345e09853cc18fcb2f2&is_mobile=false&m=link

Requested by

Host: shempaurdou.net
URL: https://shempaurdou.net/5/7628968

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

fd8da349c2fa3f3d28322187b3490cb1c77548d6f5e0996272d37e1018b2c264

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

access-control-max-age: 86400
content-encoding: gzip
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: application/json
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 1e35b20f3282f142caccfd3414a4bc16
access-control-allow-origin: https://nour.redatv.site
server: nginx

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 95ms
25ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YDW3H8FDQR&gtm=45je4au0v9199013639za200&_p=1730808163473&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=369598609.1730808164&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730808163&sct=1&seg=0&dl=https%3A%2F%2Fnour.redatv.site%2F&dt=VisitorsCoverage%20Insurance%20for%20USA%20visitors%2C%20Int%27l%20Travel%20medical%20Insurance%2C%20Visitor%20Health%20Insurance&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=872
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YDW3H8FDQR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://nour.redatv.site
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 12:02:43 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20241030/r20190131/ Frame EB12 0
0 124ms
26ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1110367686843425&plah=nour.redatv.site&bust=31088607

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nour.redatv.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 38718
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4124
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 01:17:26 GMT
etag: 7893594074132303741
expires: Tue, 19 Nov 2024 01:17:26 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame B541 0
0 141ms
58ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1110367686843425&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730808163&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fnour.redatv.site%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730808163738&bpp=2&bdt=590&idt=182&shv=r20241030&mjsv=m202410290101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=6383176384671&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088482%2C95344190%2C31088607%2C95345788%2C95345962%2C95345967&oid=2&pvsid=2249723609251739&tmod=300755934&nvt=1&fsapi=1&fc=1920&brdim=380%2C380%2C380%2C380%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=214

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nour.redatv.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 12:02:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 9677 0
0 115ms
49ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1110367686843425&output=html&h=600&slotname=9124532544&adk=1923978339&adf=3426762526&pi=t.ma~as.9124532544&w=300&abgtt=6&lmt=1730808163&format=300x600&url=https%3A%2F%2Fnour.redatv.site%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730808163740&bpp=1&bdt=592&idt=226&shv=r20241030&mjsv=m202410290101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6383176384671&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088482%2C95344190%2C31088607%2C95345788%2C95345962%2C95345967&oid=2&pvsid=2249723609251739&tmod=300755934&nvt=1&fc=1920&brdim=380%2C380%2C380%2C380%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=233

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nour.redatv.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 12:02:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 31E7 0
0 102ms
51ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1110367686843425&output=html&h=250&slotname=7319608235&adk=1472379845&adf=3584444257&pi=t.ma~as.7319608235&w=300&abgtt=6&lmt=1730808163&format=300x250&url=https%3A%2F%2Fnour.redatv.site%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730808163741&bpp=1&bdt=594&idt=239&shv=r20241030&mjsv=m202410290101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6383176384671&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1072&ady=924&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088482%2C95344190%2C31088607%2C95345788%2C95345962%2C95345967&oid=2&pvsid=2249723609251739&tmod=300755934&nvt=1&fc=1920&brdim=380%2C380%2C380%2C380%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&fsb=1&dtd=248

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nour.redatv.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 12:02:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 0490 0
0 93ms
56ms Document
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1110367686843425&output=html&h=600&slotname=9125668018&adk=1000017821&adf=2198137118&pi=t.ma~as.9125668018&w=160&abgtt=6&lmt=1730808164&format=160x600&url=https%3A%2F%2Fnour.redatv.site%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730808163741&bpp=1&bdt=593&idt=258&shv=r20241030&mjsv=m202410290101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C300x600%2C300x250&nras=1&correlator=6383176384671&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1142&ady=1739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088482%2C95344190%2C31088607%2C95345788%2C95345962%2C95345967&oid=2&pvsid=2249723609251739&tmod=300755934&nvt=1&fc=1920&brdim=380%2C380%2C380%2C380%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=260

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nour.redatv.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 12:02:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
12 KB 123ms
46ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241030&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

f7d86160f62596d206ca1da7be208ef410b8bcaef86e9f579f06bd7ab17277aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12749
date: Tue, 05 Nov 2024 12:02:44 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 cropped-Coperate-32x32.png
nour.redatv.site/wp-content/uploads/2023/08/ 1 KB
2 KB 29ms
29ms Other
image/png 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nour.redatv.site/wp-content/uploads/2023/08/cropped-Coperate-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c59e1117f17246a03c8085e3e206a181c81f8bf930b28c536075d2506118a60a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 1213
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vCUiOR15n07H99N7bFq8ko3LM4glWOIKzVnMAomlKUNhgY54NKhbW%2FtWQ8k4IIbdoXnliaBVFV4rgHV4FbZdOdwAwzu90oOLKm55h6IB2FEFx3KJZiBMXbFVWc48RzTpBqjZ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb253ecdfa003-AMS
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16969&sent=1621&recv=260&lost=3&retrans=4&sent_bytes=1871570&recv_bytes=21608&delivery_rate=3706126&cwnd=64319&unsent_bytes=0&cid=db94c63a560074ed&ts=1417&x=1", cfHdrFlush;dur=0
content-length: 1363
date: Tue, 05 Nov 2024 12:02:44 GMT
content-type: image/png
last-modified: Wed, 02 Aug 2023 20:32:24 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 TinySnap-2024-03-11-21.27.52.png
nour.redatv.site/wp-content/uploads/2024/03/ 363 KB
364 KB 42ms
38ms Image
image/png 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nour.redatv.site/wp-content/uploads/2024/03/TinySnap-2024-03-11-21.27.52.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a723d42dc60e3738ab53025456c02e4a4cf9ad22fbd4b02c246da42844cf6aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vbhr13E%2FDCz00kUq4pK8b8PRB6GkoXNchzCUUxahYs%2BA%2BhGulACrjpfLTxfjrGETrmsBzFQyYWD140WtzF7fgoGMzz0rrgrp713VHWHzj%2BMcHKbBQVAXdHnk%2BCsAZDjdu79s"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb2546d8fa003-AMS
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16866&sent=1624&recv=262&lost=3&retrans=4&sent_bytes=1873618&recv_bytes=22111&delivery_rate=20896&cwnd=64319&unsent_bytes=0&cid=db94c63a560074ed&ts=1502&x=1", cfHdrFlush;dur=0
content-length: 371681
date: Tue, 05 Nov 2024 12:02:44 GMT
content-type: image/png
last-modified: Tue, 26 Mar 2024 05:54:20 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 162ms
37ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 12:02:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 12:02:44 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H3 200 TinySnap-2024-03-11-21.48.05-768x519.png
nour.redatv.site/wp-content/uploads/2024/03/ 670 KB
671 KB 206ms
205ms Image
image/png 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nour.redatv.site/wp-content/uploads/2024/03/TinySnap-2024-03-11-21.48.05-768x519.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c09c663bb253dd0b71843a8b312c732425ad6e97ff5739df17f47c6fafd3921e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jNRDzzfm7xTHY9q2cZIetuAx0qKSeAPVNJDyQnwOxMsA7VkXDm2z8ZjyYKK5r1embyOE3%2FcwIdSzY8tl%2B9XFFKB6y7%2Btqh3AXpUchOMvfbk5ZHGlv4Eq%2BxB6IrZ64HElbWWm"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb2552e8ba003-AMS
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19478&sent=1945&recv=293&lost=3&retrans=4&sent_bytes=2254666&recv_bytes=23930&delivery_rate=2923519&cwnd=70319&unsent_bytes=0&cid=db94c63a560074ed&ts=1625&x=1", cfHdrFlush;dur=0
content-length: 686442
date: Tue, 05 Nov 2024 12:02:44 GMT
content-type: image/png
last-modified: Tue, 26 Mar 2024 05:54:36 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 2FCB 0
0 148ms
27ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nour.redatv.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 11:24:04 GMT
expires: Tue, 05 Nov 2024 12:14:04 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 TinySnap-2024-03-11-21.48.05-768x519.png
nour.redatv.site/wp-content/uploads/2024/03/ 670 KB
0 0ms
0ms Image
image/png 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nour.redatv.site/wp-content/uploads/2024/03/TinySnap-2024-03-11-21.48.05-768x519.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c09c663bb253dd0b71843a8b312c732425ad6e97ff5739df17f47c6fafd3921e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jNRDzzfm7xTHY9q2cZIetuAx0qKSeAPVNJDyQnwOxMsA7VkXDm2z8ZjyYKK5r1embyOE3%2FcwIdSzY8tl%2B9XFFKB6y7%2Btqh3AXpUchOMvfbk5ZHGlv4Eq%2BxB6IrZ64HElbWWm"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb2552e8ba003-AMS
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19478&sent=1945&recv=293&lost=3&retrans=4&sent_bytes=2254666&recv_bytes=23930&delivery_rate=2923519&cwnd=70319&unsent_bytes=0&cid=db94c63a560074ed&ts=1625&x=1", cfHdrFlush;dur=0
content-length: 686442
date: Tue, 05 Nov 2024 12:02:44 GMT
content-type: image/png
last-modified: Tue, 26 Mar 2024 05:54:36 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 TinySnap-2024-03-11-21.32.06.png
nour.redatv.site/wp-content/uploads/2024/03/ 251 KB
252 KB 35ms
34ms Image
image/png 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nour.redatv.site/wp-content/uploads/2024/03/TinySnap-2024-03-11-21.32.06.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ea055c28b692de16b22810ded66838f153a2df0820771b688d37d281e233e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CfOLQOD%2BBVIQ5TSZTNBNbVmqfYNT0lbdRqHUHS6OZ%2BijSFPZPbPjKtb%2Bzp3aEKUDIzTTjEe604kaPf18klBWdsTg7uQi9h%2FTfSUsmnHm8Z6%2Bi2v4zheQUYPOFW%2FkPb2gcKKt"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb25c78a0a003-AMS
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20877&sent=2658&recv=400&lost=106&retrans=110&sent_bytes=3079440&recv_bytes=29313&delivery_rate=569409&cwnd=21679&unsent_bytes=0&cid=db94c63a560074ed&ts=2791&x=1", cfHdrFlush;dur=0
content-length: 257398
date: Tue, 05 Nov 2024 12:02:45 GMT
content-type: image/png
last-modified: Tue, 26 Mar 2024 05:54:22 GMT
vary: Accept-Encoding
server: cloudflare

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

GET
H3 200 TinySnap-2024-03-11-21.33.56.png
nour.redatv.site/wp-content/uploads/2024/03/ 254 KB
254 KB 153ms
118ms Image
image/png 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nour.redatv.site/wp-content/uploads/2024/03/TinySnap-2024-03-11-21.33.56.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aea4132a07905b4229bda7bc4b65f84c974360b50daec2c370dc5e711c00abc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://nour.redatv.site/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 127
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UgGQZ62O9rofsoOjoUdcCxIHGVgzAfLiTYUmh2KGi4n4J%2BVddsZOLk9CR0vix282NHy8lACd4fTowM0FsiVrdR5unMN6UBh5xdcSnLqy7M%2B4B4FSQW8hU8K8fFJQd16isWjv"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddcb25dda50a003-AMS
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30225&sent=2787&recv=412&lost=106&retrans=110&sent_bytes=3228635&recv_bytes=30267&delivery_rate=1024718&cwnd=27679&unsent_bytes=0&cid=db94c63a560074ed&ts=3005&x=1", cfHdrFlush;dur=19
content-length: 259660
date: Tue, 05 Nov 2024 12:02:46 GMT
content-type: image/png
last-modified: Tue, 26 Mar 2024 05:54:24 GMT
vary: Accept-Encoding
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nour.redatv.site
URL: blob:https://nour.redatv.site/10ecd95f-af09-4b13-8827-ca88b8d207d1

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241030&jk=2249723609251739&bg=!yMuly4TNAAbaVSD0-lU7ADQBe5WfONUC4KQu0g1suHHcKnbmWzkcEloJe9HS3Ah5_142mVClaa0LMALwkzxWeDyviVmOAgAAALBSAAAAAmgBB34ANiG8E_bFegoaCPk9qNxB6ncwuKURu3TNVAGX5bG6W7AKFuHwgScBGzc5lThoR0TtVlehqG-CNAoArClir7-yebs_ZWpIBgxckj1VvOnP32OcjzTX90JRzcWKZi20LvOzjkxXKLF84tbj8lYUufzIkiBvZTR5h0_6lrxmKI1wPAnLfRup5aTMKHLtRLMJ8m-5PGMP7ycBczDPUtZKScHSDOV8e-5YvjFyyGlykEGdgZOk5Z6xWQsHkT5MPo7HoV0mShh9SZeLt7-utmS66EXko0HQXvKFWJgYEkbNoDjDvtWzJOXTFu2ZApG3SiYfjJWI8qiKVZYnRhHG8BlsgQNRARXMuy80h8PKLZ7w1PsRjm3SiXEfifI9jHGv9UAAC2Wjo5_abkhnx3yCeH5fHUzQ3vkfi8O0MZ3kbzCFFV0u0BJUD77qhU41urQY2To04Z74glmIAYZ3-CAUM1eJqed-GZEkjUTvKtBmaLf1Ym_4mwo-sKzrPpBF8YyXJEc2cAutXF6ekIoaLs7QaJV1b_xqJePWnCsaXY1ETzjq-JhFclryWZyzKy2bi_Qn1K-WpNS8_mv3ubXMCzfCJIDLlL3WKjHGwMaPF7hbf4Sz5NNR9HiqgA25ad3DtqdSyPDXNtXeDYkVIAMkWY1_920NVqymq1MbD7bXv-yKJjANdE_GZ4cIiipbgMZq5luq_06f3ixDK6N-mR_jRZux3IOkCb3k5XE8Gh_VWvcAve3hYQnv4BqQYAc8xPdgydbhCOgjsITykEbReXNE8fX5N43R9GEMzPRfCfyH1kGsgh-9V8gmMD7gfptRrbj9MoqU40slvZSTGHR3eAyetLajCc03cDcnpAZj9xNwkKmTHTvbzfSqwvFLWY53D5vQ1ZqQ8PEhAmeFSToPUIg0GMADzmWSIKa0O5GwBMIHEoUaNz30TlbEAbrF-2YY_0pkTMXXuI9JtkTIod2v4lTNDxD3eAqMoWo0_EEquuOdoPvaRpWnwrtJk4_BCLmmLzKxRu8Z1lKOnYYK-v5isWh5gjc4VQAk2GT-OkDgKoPtgeQ7DzOH7z1MOVwOWviybplwgJr9U3Zz6qVAzrTkqoe4OeWnjX7h97zGuA7yHsHC4Dw7jOA-4Av_GylychiwgjeE5aT3z-uHvAi05kbLgCst3k7Sn8DhgUcU_th4_65e14HyUYE

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
shempaurdou.net/	1970-01-21 09:32:24	Name: OAID Value: 00810b40d5d94345e09853cc18fcb2f2
shempaurdou.net/	1970-01-21 09:32:24	Name: oaidts Value: 1730808163
my.rtmark.net/	1970-01-21 09:32:24	Name: ID Value: 00810b40d5d94345e09853cc18fcb2f2
nour.redatv.site/	1970-01-21 00:46:48	Name: prefetchAd_7628968 Value: true
shempaurdou.net/	1970-01-21 00:56:52	Name: syncedCookie Value: true
.redatv.site/	1970-01-21 10:22:48	Name: _ga_YDW3H8FDQR Value: GS1.1.1730808163.1.0.1730808163.0.0.0
.redatv.site/	1970-01-21 10:22:48	Name: _ga Value: GA1.1.369598609.1730808164

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://nour.redatv.site/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A080321AE4110000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://nour.redatv.site/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A010331AE4110000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
my.rtmark.net
nour.redatv.site
pagead2.googlesyndication.com
region1.google-analytics.com
shempaurdou.net
www.googletagmanager.com
ep1.adtrafficquality.google
nour.redatv.site
139.45.195.8
139.45.197.243
142.250.185.66
142.250.186.99
172.67.170.41
2001:4860:4802:34::36
216.58.206.34
2a00:1450:4001:802::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:830::2008
03291edb38f3adf3e591f7b04da47b663b533cf4c5af4cbc394f4005b5935df5
04997151350401bd478f9cb11d24847fd76c1d29b36b9ba12adbd13969d24a6c
2660d2ba27141ecebe732da9795d68254bb155fbf87a88d817d4da4528b9a83c
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
39ea055c28b692de16b22810ded66838f153a2df0820771b688d37d281e233e5
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
458af683b8dbd6454c2ab93f5d228801d4c9edb8a8a8930c28563c6406a849f3
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
556c0614d8ff1d3424580b3070f3b2c53a352b9c074082e5b48a9b31116c84cf
5e19168b679c4a0f53722b01deceb69cb4e55c8849ec2e04ac1ffca9efd63516
6a723d42dc60e3738ab53025456c02e4a4cf9ad22fbd4b02c246da42844cf6aa
6d9f79bea134545bdc36192719be16aef8fd70907c2cb2d8471955e9b57dc178
6eef76486e39738092c9b16594353fa7583ab390e9e5283860cfc6ddff97d757
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
8448db5f7eec2ca651c7e3d56bfc603ce53880f81c79b3ea7ade4fb2d7dec18b
a9ecc55173b58cf9ab841c18c232def14055ac9fdc3380f093f0360280601637
aafc33a2e3787d027de4f7e08ba09f8ca1cf5868beed34cbcc4e99434bbe1eb5
ab2f11096463285c343ca4d67a5e04df3ec228916332ebd9d95a8783d014e2dd
aea4132a07905b4229bda7bc4b65f84c974360b50daec2c370dc5e711c00abc8
b55a08c529bb99ad4a1ee25c32d443c7d416fa10975557ad32908feb58d6f51e
b6bcfad200c4c484b35b184ddf4f4424df41de42e1095e623c33f7c02ee6b4bb
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
c09c663bb253dd0b71843a8b312c732425ad6e97ff5739df17f47c6fafd3921e
c32e446180888cc9eb973578b9278eef8e96f709a11bbf425738f9fd3eead141
c3d7a0e3606c2e0e9cc0ec2c5e8c042249dcb838b2ab7230b87bc93843182437
c46f77af23bb4e9ed3177b8e1fafb2ba5e90fdb022d91b067bb447286f4d157a
c59e1117f17246a03c8085e3e206a181c81f8bf930b28c536075d2506118a60a
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf81a87c0de1f6adf96322f41ecf024c666626f3a2bf371269fa9f468572cbcf
d6230bb2bbe8201c283eb6da29b754be0347a1c2c913cba4166804fd490feb08
d99f7fd32a76a9abaeb002ec977025b52dfa6e96f26c15419f2bbc3f3c30a496
f675ac86c668bffd7ff6673415abd878aa67ac76e323f8e7f2371c3ad94e2f60
f7d86160f62596d206ca1da7be208ef410b8bcaef86e9f579f06bd7ab17277aa
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
fd8da349c2fa3f3d28322187b3490cb1c77548d6f5e0996272d37e1018b2c264
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

nour.redatv.site Open in urlscan Pro 172.67.170.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

96 %HTTPS

40 %IPv6

9 Domains

10 Subdomains

11 IPs

3 Countries

3811 kBTransfer

5600 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nour.redatv.site Open in urlscan Pro
172.67.170.41 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

96 %
HTTPS

40 %
IPv6

9
Domains

10
Subdomains

11
IPs

3
Countries

3811 kB
Transfer

5600 kB
Size

7
Cookies

49 HTTP transactions
0 data transactions