urlscan.io logo urlscan.io
SecurityTrails logo

dearsafrica.org Open in urlscan Pro
129.232.251.154  Public Scan

Go To Rescan Add Verdict Report
URL: https://dearsafrica.org/telegram/
Submission: On April 20 via api from ZA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 8 countries across 32 domains to perform 193 HTTP transactions. The main IP is 129.232.251.154, located in South Africa and belongs to xneelo, ZA. The main domain is dearsafrica.org.
TLS certificate: Issued by R3 on March 16th 2023. Valid for: 3 months.
This is the only time dearsafrica.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 129.232.251.154 37153 (xneelo)
28 2600:9000:205... 16509 (AMAZON-02)
1 13.32.99.51 16509 (AMAZON-02)
3 2600:9000:20e... 16509 (AMAZON-02)
18 2a00:1450:400... 15169 (GOOGLE)
4 13 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 52.59.45.125 16509 (AMAZON-02)
22 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 13.32.121.81 16509 (AMAZON-02)
6 2600:9000:215... 16509 (AMAZON-02)
34 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2620:116:800d... 16509 (AMAZON-02)
1 1 185.29.132.245 30419 (MEDIAMATH...)
2 25 142.250.186.66 15169 (GOOGLE)
2 2 151.101.66.49 54113 (FASTLY)
3 3 35.186.193.173 15169 (GOOGLE)
4 4 18.194.221.34 16509 (AMAZON-02)
2 35.186.253.211 15169 (GOOGLE)
1 2 104.111.217.42 16625 (AKAMAI-AS)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 34.160.236.64 15169 (GOOGLE)
5 5 37.157.3.30 198622 (ADFORM)
2 2 185.64.189.115 62713 (AS-PUBMATIC)
2 2 51.89.9.251 16276 (OVH)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.71.131.137 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 35.190.0.66 15169 (GOOGLE)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 185.80.39.216 27381 (CASALE-MEDIA)
193 31
2    129.232.251.154 (South Africa)

ASN37153 (xneelo, ZA)
PTR: dedi129.jnb3.host-h.net
dearsafrica.org
28    2600:9000:2057:400:6:6970:9500:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.dearsafrica.org
1    13.32.99.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-51.fra60.r.cloudfront.net
platform-api.sharethis.com
3    2600:9000:20eb:ae00:16:4bdd:dd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.dearsafrica.org
18    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
13    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:9000:206f:4200:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    52.59.45.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-45-125.eu-central-1.compute.amazonaws.com
l.sharethis.com
22    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
12    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    13.32.121.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-81.fra60.r.cloudfront.net
count-server.sharethis.com
6    2600:9000:2156:f000:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-cdn.sharethis.com
34    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
25    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
4    18.194.221.34 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-221-34.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com
sync.teads.tv
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
5    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    85.114.159.118 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2a05:d018:d29:3601:c9a:40f3:f9e6:2273 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
Apex Domain
Subdomains		 Transfer
52 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
586 KB
46 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
185 KB
33 dearsafrica.org
dearsafrica.org
assets.dearsafrica.org
cdn.dearsafrica.org
1 MB
16 google.com
www.google.com — Cisco Umbrella Rank: 16
adservice.google.com — Cisco Umbrella Rank: 130
47 KB
14 gstatic.com
www.gstatic.com
fonts.gstatic.com
448 KB
10 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5368
buttons-config.sharethis.com — Cisco Umbrella Rank: 6788
l.sharethis.com — Cisco Umbrella Rank: 5697
count-server.sharethis.com — Cisco Umbrella Rank: 12507
platform-cdn.sharethis.com — Cisco Umbrella Rank: 11028
52 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
292 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 908
3 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 427
2 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
200 KB
3 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 50702
1 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
3 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 5261
818 B
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679
2 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1248
s.tribalfusion.com — Cisco Umbrella Rank: 2774
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1124
676 B
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 1037
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1341
r.turn.com — Cisco Umbrella Rank: 4617
869 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1703
461 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1886
486 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1020
823 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1063
797 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
256 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
716 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1325
761 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 7904
557 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2062
588 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
265 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 4805
104 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1646
213 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 744
877 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1132
606 B
193 32
Domain Requested by
34 tpc.googlesyndication.com googleads.g.doubleclick.net
dearsafrica.org
pagead2.googlesyndication.com
tpc.googlesyndication.com
28 assets.dearsafrica.org dearsafrica.org
assets.dearsafrica.org
25 cm.g.doubleclick.net 2 redirects dearsafrica.org
googleads.g.doubleclick.net
21 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
dearsafrica.org
18 pagead2.googlesyndication.com dearsafrica.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
13 www.google.com 4 redirects dearsafrica.org
www.gstatic.com
www.google.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
12 www.gstatic.com www.google.com
www.gstatic.com
googleads.g.doubleclick.net
6 www.googletagservices.com googleads.g.doubleclick.net
6 platform-cdn.sharethis.com dearsafrica.org
5 c1.adform.net 5 redirects
4 x.bidswitch.net 4 redirects
4 connect.facebook.net dearsafrica.org
connect.facebook.net
3 gcm.ctnsnet.com 3 redirects
3 fonts.googleapis.com googleads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
3 cdn.dearsafrica.org dearsafrica.org
2 ssum-sec.casalemedia.com 2 redirects
2 onetag-sys.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 sync.teads.tv 1 redirects dearsafrica.org
2 rtb.openx.net googleads.g.doubleclick.net
2 sync-tm.everesttech.net 2 redirects
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 www.facebook.com dearsafrica.org
2 fonts.gstatic.com www.google.com
2 dearsafrica.org dearsafrica.org
1 pr-bh.ybp.yahoo.com 1 redirects
1 p.rfihub.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 match.adsrvr.org googleads.g.doubleclick.net
1 s.tribalfusion.com dearsafrica.org
1 a.tribalfusion.com 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 odr.mookie1.com googleads.g.doubleclick.net
1 r.turn.com dearsafrica.org
1 ad.turn.com 1 redirects
1 sync.mathtag.com 1 redirects
1 count-server.sharethis.com platform-api.sharethis.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 platform-api.sharethis.com dearsafrica.org
193 44

This site contains links to these domains. Also see Links.

Domain
dearsouthafrica.co.za
t.me
telegram.org
www.facebook.com
wordpress.org
Subject Issuer Validity Valid
dearsafrica.org
R3		 2023-03-16 -
2023-06-14		 3 months crt.sh
*.dearsouthafrica.co.za
Amazon RSA 2048 M02		 2023-04-14 -
2024-05-12		 a year crt.sh
sharethis.com
Amazon RSA 2048 M01		 2023-02-28 -
2023-07-18		 5 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-27 -
2023-04-27		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh

This page contains 27 frames:

Primary Page: https://dearsafrica.org/telegram/
Frame ID: B4A2AD1E7446F0221F5A0AC4EEAEC3A8
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20190131/zrt_lookup.html
Frame ID: 3709EB6973F93C836E7D9F85D97B4E46
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=250&slotname=3788341704&adk=1411966868&adf=1108648429&pi=t.ma~as.3788341704&w=330&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=330x250&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539851&bpp=6&bdt=1490&idt=199&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&correlator=6567709478477&frm=20&pv=2&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=342&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=S81ha8BJfy&p=https%3A//dearsafrica.org&dtd=214
Frame ID: E44526DC0BBC776C2E1FBD753686F74F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=280&slotname=3788341704&adk=905624607&adf=2260843720&pi=t.ma~as.3788341704&w=531&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=531x280&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539857&bpp=1&bdt=1496&idt=217&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&prev_fmts=330x250&correlator=6567709478477&frm=20&pv=1&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=727&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=XQ4pzXQXFM&p=https%3A//dearsafrica.org&dtd=219
Frame ID: 4BE8B9665465C272C3DE0808A4B5E683
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&adk=1812271804&adf=3025194257&lmt=1681962540&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962540494&bpp=3&bdt=2133&idt=3&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2323b346cdc9eb43-220f6d2ba1dd0027%3AT%3D1681962540%3ART%3D1681962540%3AS%3DALNI_MaRH6njP7SwuePHZwAsmHyI9bLz9A&gpic=UID%3D00000bd84862a4b0%3AT%3D1681962540%3ART%3D1681962540%3AS%3DALNI_Mav2Z74ZW3U6d0v0BLY8TxqZYzepA&prev_fmts=330x250%2C531x280&nras=1&correlator=6567709478477&frm=20&pv=1&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=17
Frame ID: AF4A526F9933A08994FA5E04AB90C532
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8C521AFAAA55C8967E553A8E52F39DEE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsJWcaAAAAAIodDZu4PV1f9EGu6Jli5LsPAEq_&co=aHR0cHM6Ly9kZWFyc2FmcmljYS5vcmc6NDQz&hl=en-GB&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=dt884vuv0wes
Frame ID: 2E1A7719F3082B88AA0588A53BC4411B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BC6D7B05070B9F30499FA5D0897CE08F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: 0B9C1F2CDD706E40EE501F285B67727D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: B5D622A44F73409BAE31511203DEB62D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Frame ID: CA82BCAA2811A0864034A2BC58B81F07
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6F450D76AA6CE921AA51964A94A8ED15
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Frame ID: BA6EE0BA085386B24DF9E61F99A6DF55
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Frame ID: 53B7194528819F00BFB31583FE55ABDC
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7EF369ECC27A77F5765BABF4641EC445
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E1AE7504B920707EF6672A1E5D2E20F9
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 84C8EEF0F02F252E73AEF7AD945E16EF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A0074535D338DB13FFD645751DBD3CCE
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1744E7AFFD63E8D6FE8D131B00EDAF74
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: F8237C2C9721DDCC6D2710B6049E5840
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: 8829FC4185065DC8B6273519C9147B7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 989DBF42B8FE89EB0158A1D297C57D16
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7EF5403A40B3D986B437403CB7E3E83E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Frame ID: 4655151AF55D2E888D72AAA9150A2F1B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: FCDB6E875F7D75199E07E02C7887EC40
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3C5D50EC11FDEB574DA6A4C26BE9B353
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E50F3C3AC951B553F048A0D8922BCB73
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DearSA Telegram Channel - Dear South Africa

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

193
Requests

89 %
HTTPS

52 %
IPv6

32
Domains

44
Subdomains

31
IPs

8
Countries

2941 kB
Transfer

7216 kB
Size

31
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 84
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 133
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHifwiioHKCIed8sBL4SflY&google_cver=1&google_push=Aer7DvIaZY5-dvTOuE2hfwGzObHxHXofwMAJqgEmKTDObjjbIixjk2XX3jGnPUuiMFglmGEVPnhrHnUDuqRYVE96dDgv5-bhPlDM-R67 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvIaZY5-dvTOuE2hfwGzObHxHXofwMAJqgEmKTDObjjbIixjk2XX3jGnPUuiMFglmGEVPnhrHnUDuqRYVE96dDgv5-bhPlDM-R67
Request Chain 134
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKHZzI7odGDx8zQnX6nuXoY&google_cver=1&google_push=Aer7DvLHbDRHxo_EB7yZS3deTo7AZutVotu0_peNl0TCGKWuXj442hmWHhUA5tZ0JLpMhmAgFeDgdSFmRdYDZFXJ-PA3bkC7Gskyyg1y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKHZzI7odGDx8zQnX6nuXoY&google_push=Aer7DvLHbDRHxo_EB7yZS3deTo7AZutVotu0_peNl0TCGKWuXj442hmWHhUA5tZ0JLpMhmAgFeDgdSFmRdYDZFXJ-PA3bkC7Gskyyg1y
Request Chain 135
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEN2OKCC-x-xQAW_UmFlRmQo&google_cver=1&google_push=Aer7DvInCIYYao1BdKkDInAUhr2ZbHw_Wv6_kYPraFhh5mvt0bRbS2rasnF8bs4VbRJZPQWM44n5_M4Gd857vdFK4ofXozEz7Ne3O1Vx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvInCIYYao1BdKkDInAUhr2ZbHw_Wv6_kYPraFhh5mvt0bRbS2rasnF8bs4VbRJZPQWM44n5_M4Gd857vdFK4ofXozEz7Ne3O1Vx&google_hm=DSY1vcieTY6Pg3aZfG-eq6s
Request Chain 136
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEED7sI3MXtYMDPsXupa_iBA&google_cver=1&google_push=Aer7DvLOtYQxM5PNn_EPv9--DtSfGcT9-dRCOCRLQROPeTQnjaKJlaZI5ghLhsa6Jhzp7YP5cw8sl5szmYupdGpzoGHAn7TpSflPEU01 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEED7sI3MXtYMDPsXupa_iBA&google_cver=1&google_push=Aer7DvLOtYQxM5PNn_EPv9--DtSfGcT9-dRCOCRLQROPeTQnjaKJlaZI5ghLhsa6Jhzp7YP5cw8sl5szmYupdGpzoGHAn7TpSflPEU01 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvLOtYQxM5PNn_EPv9--DtSfGcT9-dRCOCRLQROPeTQnjaKJlaZI5ghLhsa6Jhzp7YP5cw8sl5szmYupdGpzoGHAn7TpSflPEU01&google_hm=i9OPDVc_Tq2iL1XFH-rSGg==
Request Chain 138
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPNneN48IiHfgdBDTui8gB0&google_cver=1&google_push=Aer7DvJAU3jN6H3qxAvS_S6k6bNwTZAEJ3ptne0VsneGdT59u4mV5bUYluDt4L6VDwm0I-u3tDP--Cv6AEgKy4ojw4cQ5YKfLBiT7g03rA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvJAU3jN6H3qxAvS_S6k6bNwTZAEJ3ptne0VsneGdT59u4mV5bUYluDt4L6VDwm0I-u3tDP--Cv6AEgKy4ojw4cQ5YKfLBiT7g03rA HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 150
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHxIHvgbtlL51-PwR-pEpEI&google_cver=1&google_push=Aer7DvKeMeeo9dVCnySPV3EtRG4Aa53_6d5lqV84CmPtf97iAprc003m8PPrq1QoWcaohKTONmB3L78Ndsqnmx1nyOcJLEdX61z9A2iu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODA0Mzk0MjE4ODI5MTIwMTMyNg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHxIHvgbtlL51-PwR-pEpEI&google_cver=1
Request Chain 151
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKlHG3D69OIpIBgOUyfomr8&google_cver=1&google_push=Aer7DvK_GdUinpzUPXg-ZRea-O2j1a2KbcS6YfQzlhhcE6TScU-bmsaxMTdmYmsioRFi2wO9YtC8mMPZ7B7vnZzxw495qDjVp8dJn6Lw HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvK_GdUinpzUPXg-ZRea-O2j1a2KbcS6YfQzlhhcE6TScU-bmsaxMTdmYmsioRFi2wO9YtC8mMPZ7B7vnZzxw495qDjVp8dJn6Lw&google_hm=RyHNGt9x1SNxZNiNCITw7A
Request Chain 153
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIpS8AX8NkZTjSvEnZUiaMQ&google_cver=1&google_push=Aer7DvI9D7uKs_Qhfxn_C0uDJBC9gw-7nJtxCChtgYilq59W1x1fcyv1hEmfNY5VaOb3wBAYI6nv0KFHYjJlhxqOHccyUzcGBIJTiQU6 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIpS8AX8NkZTjSvEnZUiaMQ&google_cver=1&google_push=Aer7DvI9D7uKs_Qhfxn_C0uDJBC9gw-7nJtxCChtgYilq59W1x1fcyv1hEmfNY5VaOb3wBAYI6nv0KFHYjJlhxqOHccyUzcGBIJTiQU6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1OTA3OTY3NzIzNDEyNzk2Mg&google_push=Aer7DvI9D7uKs_Qhfxn_C0uDJBC9gw-7nJtxCChtgYilq59W1x1fcyv1hEmfNY5VaOb3wBAYI6nv0KFHYjJlhxqOHccyUzcGBIJTiQU6
Request Chain 155
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGSMriWGBjU_Q___3AijZZg&google_cver=1&google_push=Aer7DvIWKA8m3nlLXtpgOJaU97-MPgQ6qF37oPhwXFGIX2Epj4wmXKUCFuNlhPUTxQokpBmuN13S4UBFZo02iZ47w8OkPNa_7g3trYF_ HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGSMriWGBjU_Q___3AijZZg&google_cver=1&google_push=Aer7DvIWKA8m3nlLXtpgOJaU97-MPgQ6qF37oPhwXFGIX2Epj4wmXKUCFuNlhPUTxQokpBmuN13S4UBFZo02iZ47w8OkPNa_7g3trYF_&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jl4lp5OURXWHunIKpgGVDg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvIWKA8m3nlLXtpgOJaU97-MPgQ6qF37oPhwXFGIX2Epj4wmXKUCFuNlhPUTxQokpBmuN13S4UBFZo02iZ47w8OkPNa_7g3trYF_
Request Chain 156
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDjPXDGmFgpVKHqxWTl-baw&google_cver=1&google_push=Aer7DvL8wcyBy7IDGx8atJAj7i_YQjHgZ2kbk_q1vPLKRl0w_AMl6pIT8AbIJc51BxPgTONepwvpEalos5m5-O-lHu0Jix39P6HkrHs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvL8wcyBy7IDGx8atJAj7i_YQjHgZ2kbk_q1vPLKRl0w_AMl6pIT8AbIJc51BxPgTONepwvpEalos5m5-O-lHu0Jix39P6HkrHs
Request Chain 165
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHr1pXeyXHYkwEV1k2u_rRs&google_cver=1&google_push=Aer7DvJ_VU-5J8GV2ZYiSvbh3l1s3juSvAzieAyEAh91TNLwzHeWaTBJPiXHLOkotoeJqsD8kWygr73ETxvNn9GLhaet7IfUqEdsM96s&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJ_VU-5J8GV2ZYiSvbh3l1s3juSvAzieAyEAh91TNLwzHeWaTBJPiXHLOkotoeJqsD8kWygr73ETxvNn9GLhaet7IfUqEdsM96s%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHr1pXeyXHYkwEV1k2u_rRs&google_cver=1&google_push=Aer7DvJ_VU-5J8GV2ZYiSvbh3l1s3juSvAzieAyEAh91TNLwzHeWaTBJPiXHLOkotoeJqsD8kWygr73ETxvNn9GLhaet7IfUqEdsM96s&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJ_VU-5J8GV2ZYiSvbh3l1s3juSvAzieAyEAh91TNLwzHeWaTBJPiXHLOkotoeJqsD8kWygr73ETxvNn9GLhaet7IfUqEdsM96s%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 167
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEN2OKCC-x-xQAW_UmFlRmQo&google_cver=1&google_push=Aer7DvLSxjfp6_1ec_jHqWAltrNqWm21Eilk_WZtmpE67lc5MLodPHq2ztEYBhIrJcxPkDPCdPqqQfjK6qm6AQGRf1pqrS_SQDndxdXg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvLSxjfp6_1ec_jHqWAltrNqWm21Eilk_WZtmpE67lc5MLodPHq2ztEYBhIrJcxPkDPCdPqqQfjK6qm6AQGRf1pqrS_SQDndxdXg&google_hm=DSY1vcieTY6Pg3aZfG-eq6s
Request Chain 168
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPhLN1kmBG6W3ZLLh8JRWEc&google_cver=1&google_push=Aer7DvKuKipJvrKdtIKL0FkM6dHC2I5MPcdddr7F2Pr7DJeQfDqZDxnNSALTItu-syYcxQeiKyj6AxiDnpH4k1vCoQUnsfLppiY5kj9_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMzk3NDExMDk4NzIyMTEzOQ%3D%3D&google_push=Aer7DvKuKipJvrKdtIKL0FkM6dHC2I5MPcdddr7F2Pr7DJeQfDqZDxnNSALTItu-syYcxQeiKyj6AxiDnpH4k1vCoQUnsfLppiY5kj9_
Request Chain 169
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEKxzHXbnFWQRYf8G3r9AgKQ&google_cver=1&google_push=Aer7DvJ623bNDNF4IyqQJ_S5eWI4ZnL32rdd_F8KUAXaStx-WMi_z6lWaDBZd-pg7TNYLlBdCTyVt8fmHLwRDEZML0u0RH4YViqR9Hoi HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NTXSpvm8T56dhtpa0LAwJw2&google_push=Aer7DvJ623bNDNF4IyqQJ_S5eWI4ZnL32rdd_F8KUAXaStx-WMi_z6lWaDBZd-pg7TNYLlBdCTyVt8fmHLwRDEZML0u0RH4YViqR9Hoi
Request Chain 170
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIpS8AX8NkZTjSvEnZUiaMQ&google_cver=1&google_push=Aer7DvJW2xoopglKTOxhiyOrgeb_eqyGVc7Z67iOKSTy7M3iOxVb5E4F--lNRguAxId6i-mmTwX5r8KIgcFvC8xuTBvtYxyznGeYFpRq HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIpS8AX8NkZTjSvEnZUiaMQ&google_cver=1&google_push=Aer7DvJW2xoopglKTOxhiyOrgeb_eqyGVc7Z67iOKSTy7M3iOxVb5E4F--lNRguAxId6i-mmTwX5r8KIgcFvC8xuTBvtYxyznGeYFpRq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMzkwOTQ2MTU0ODk4MTUxNg&google_push=Aer7DvJW2xoopglKTOxhiyOrgeb_eqyGVc7Z67iOKSTy7M3iOxVb5E4F--lNRguAxId6i-mmTwX5r8KIgcFvC8xuTBvtYxyznGeYFpRq
Request Chain 174
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 177
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKHZzI7odGDx8zQnX6nuXoY&google_cver=1&google_push=Aer7DvK_6JyiRudvVOYrRVWEFb0zDClNc7fQFloSYhion8jJwmhiNPWmqIQ-2LrOZVzo2IyT2ibyZS-Dn3oeZ1cpymCPBlbIksAhsw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkVDMkxRQUVEeXV4RGdBbg==&google_gid=CAESEKHZzI7odGDx8zQnX6nuXoY&google_cver=1&google_push=Aer7DvK_6JyiRudvVOYrRVWEFb0zDClNc7fQFloSYhion8jJwmhiNPWmqIQ-2LrOZVzo2IyT2ibyZS-Dn3oeZ1cpymCPBlbIksAhsw
Request Chain 178
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEN2OKCC-x-xQAW_UmFlRmQo&google_cver=1&google_push=Aer7DvJ5bSQ-s4QW38Xq4Z8O1eEjlHJh4PRsH7vkmz0x84MhCTBBm2z4P7yv4bgmUqjWmjK7BfuZWr8aD-4XtG7vCPhjlyeyK_27 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvJ5bSQ-s4QW38Xq4Z8O1eEjlHJh4PRsH7vkmz0x84MhCTBBm2z4P7yv4bgmUqjWmjK7BfuZWr8aD-4XtG7vCPhjlyeyK_27&google_hm=DSY1vcieTY6Pg3aZfG-eq6s
Request Chain 179
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEED7sI3MXtYMDPsXupa_iBA&google_cver=1&google_push=Aer7DvKAkmIwp42cCLm04HjwgQRSgFbOnfNAmUwz4Gy4SGZvI_BjLR5X26HjESgwnt0CAkuVfP9vtMHMcQXF8vRsIeapQsoaXQltQg HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5141210824598612579&expires=30&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvKAkmIwp42cCLm04HjwgQRSgFbOnfNAmUwz4Gy4SGZvI_BjLR5X26HjESgwnt0CAkuVfP9vtMHMcQXF8vRsIeapQsoaXQltQg&google_hm=i9OPDVc_Tq2iL1XFH-rSGg==
Request Chain 180
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDcpMaqqju9eD-gLSQFXsOM&google_cver=1&google_push=Aer7DvLv5k0-stDrZ0_eEMEpOhIh0r2MAFxiyvSvAnqk61FzyreoYk81YRvnXXyGx2WzVqQjnGAh-IJyPpzQtc_sWLmnXHiTj6rQPw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLv5k0-stDrZ0_eEMEpOhIh0r2MAFxiyvSvAnqk61FzyreoYk81YRvnXXyGx2WzVqQjnGAh-IJyPpzQtc_sWLmnXHiTj6rQPw&google_hm=eS1FekxNVzFORTJwRkdWOERzdzVFaEdoSXJ4WmRUMkVzMH5B
Request Chain 181
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIpS8AX8NkZTjSvEnZUiaMQ&google_cver=1&google_push=Aer7DvI7t8itdEnYUCBRZYaatGo_SqYG6dKbfcgENYR2T5rVxqqGGiYg12YqyONqsA6A3M1PTuiyqhFVG4a28DTx-Ieb1ozTe90nyA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMzkwOTQ2MTU0ODk4MTUxNg&google_push=Aer7DvI7t8itdEnYUCBRZYaatGo_SqYG6dKbfcgENYR2T5rVxqqGGiYg12YqyONqsA6A3M1PTuiyqhFVG4a28DTx-Ieb1ozTe90nyA
Request Chain 182
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKFHi4ZryMfWMW0W_uzLVD0&google_cver=1&google_push=Aer7DvLly9bQbZD0PnzLLcmp2K-MxKD_PQiRmx_vUhwRVGdN7uRAQkOunLbkGVnn1Mg87pNVNzpE50CxyHOFC_cwxa6B71nxSuAkEQ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKFHi4ZryMfWMW0W_uzLVD0&google_push=Aer7DvLly9bQbZD0PnzLLcmp2K-MxKD_PQiRmx_vUhwRVGdN7uRAQkOunLbkGVnn1Mg87pNVNzpE50CxyHOFC_cwxa6B71nxSuAkEQ&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKFHi4ZryMfWMW0W_uzLVD0&google_hm=ZEC2LjT2l4Be43jax8GsNAAACJMAAAAB&google_nid=index&google_push=Aer7DvLly9bQbZD0PnzLLcmp2K-MxKD_PQiRmx_vUhwRVGdN7uRAQkOunLbkGVnn1Mg87pNVNzpE50CxyHOFC_cwxa6B71nxSuAkEQ
Request Chain 183
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDjPXDGmFgpVKHqxWTl-baw&google_cver=1&google_push=Aer7DvK8XOD9LXsk70y-sTkpTb-4n_gkOcv8x-H_ueUS_aJdFNf4cGQ8-iLCVErgvW8drfpiOBSeGBTbZVPvCa2Vp2PXUF9EX6TTAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvK8XOD9LXsk70y-sTkpTb-4n_gkOcv8x-H_ueUS_aJdFNf4cGQ8-iLCVErgvW8drfpiOBSeGBTbZVPvCa2Vp2PXUF9EX6TTAw
Request Chain 185
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

193 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dearsafrica.org/telegram/ 		94 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
129.232.251.154 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
dedi129.jnb3.host-h.net
Software
Apache /
Resource Hash
8da2f8a788f4bbf95aa3543f6c7fb021830489796b8545e01cf83b0d7b09e911

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=3, must-revalidate
content-encoding
gzip
content-length
27270
content-type
text/html; charset=UTF-8
date
Thu, 20 Apr 2023 03:48:58 GMT
server
Apache
vary
Accept-Encoding,Cookie
style.min.css
assets.dearsafrica.org/wp-includes/css/dist/block-library/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-includes/css/dist/block-library/style.min.css?ver=f4920696fab6b25cbfbdef2f1d9d6067
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 12:12:42 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Sun, 02 Apr 2023 11:52:51 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
56175
etag
"17ced-5f85914f60ac0-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
12736
x-amz-cf-id
qmzPeDV1LnZ31X9VxFEOADdGCGR2GR-l-6EkPZ_fzrNZ_Aw9maWV4A==
classic-themes.min.css
assets.dearsafrica.org/wp-includes/css/ 		291 B
561 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-includes/css/classic-themes.min.css?ver=f4920696fab6b25cbfbdef2f1d9d6067
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:48:58 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Sun, 02 Apr 2023 11:52:51 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
1123
etag
"123-5f85914f60ac0-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
210
x-amz-cf-id
r3r3itqwg9_A_FwRjbxMJVMpCMwx81AX7kk2IKszjogBEE1Z2TxXSA==
styles.css
assets.dearsafrica.org/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.5.1
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:48:59 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Fri, 24 Mar 2023 08:10:52 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
etag
"b2b-5f7a0ee83db00-gzip"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
1004
x-amz-cf-id
NLiWP4MhPF8AC829KQpja8_sdUciBbbHoL56n-OV4vhr5Rmk7_Drlw==
mu-style.css
assets.dearsafrica.org/wp-content/plugins/sharethis-share-buttons/css/ 		26 B
356 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=1670776224
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
f85e538e44687fc0feaa2f66a67831ec9f9b03446f115dec74b996da4a0a4a52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 08:28:08 GMT
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Sun, 11 Dec 2022 16:30:24 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
69650
etag
"1a-5ef8fe754a800"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
26
x-amz-cf-id
hsyOkDhTm6V_KxwKkwEkNUhe9po6DKaFJq7SXGUxdRutZpGHDIuvIQ==
font-libre-franklin.css
assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/fonts/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/fonts/font-libre-franklin.css?ver=20230328
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
02184fccc5b5201d2e518893591044f658e78a9db0bb20e0c3865681548cb82e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 12:12:42 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Sun, 02 Apr 2023 11:51:53 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
56176
etag
"2cd1-5f85911810840-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
755
x-amz-cf-id
XweLwfCKm_1g0dCn-NHpWlt3D357ftQ-FwynAH3PuK67lCb9pv17kQ==
style.css
assets.dearsafrica.org/wp-content/themes/twentyseventeen/ 		82 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/style.css?ver=20230328
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
ddb540cf22f5ebc0487cc5278510b771875384b8195b661d7d929d4d05bcc093

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 12:12:42 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Sun, 02 Apr 2023 11:51:53 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
56175
etag
"1498c-5f85911810840-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
16012
x-amz-cf-id
i_n1hTbteXMxy-8y9G3cT3Ec7E7O0Nt7QqYxSaCeQgq0yVxu8QBNZw==
blocks.css
assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/css/blocks.css?ver=20220912
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
37fa576d4c1a5e70993a211461fabe5e8473af031573b57dcfd7874bedb39d6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 12:12:42 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Sun, 02 Apr 2023 11:51:53 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
56175
etag
"29f9-5f85911810840-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
1949
x-amz-cf-id
d0wPDb-kXMNrgx4X-qIXgwntOsdMzfH-rs260pYTyfpP7VyUlmL3ug==
colors-dark.css
assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/css/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/css/colors-dark.css?ver=20191025
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
8fe90aba175ffd8e1a4e7e35b54de7dc3dfccec7a34131525d9fbe91e1278d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 12:12:42 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Sun, 02 Apr 2023 11:51:53 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
56175
etag
"4739-5f85911810840-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
2349
x-amz-cf-id
fPjn-UfjedA3zpqMWzfHBOnkJg2WdrY6iMqrNnECpIJ8pREwH5-bJA==
js_composer_front_custom.css
assets.dearsafrica.org/wp-content/uploads/js_composer/ 		553 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/uploads/js_composer/js_composer_front_custom.css?ver=6.10.0
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
9a07264b4b900fa0010e3e080909d33888b36815964b96601c3e68fc3a4dc5b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 12:12:42 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Sun, 16 Oct 2022 14:54:01 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
56175
etag
"8a3e0-5eb2807861440-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
49498
x-amz-cf-id
PaC6lpgm-kDiEl1Q5WUcuNm58AlJdBrCYbkV6xUHEHlVuKW0AaC1Zg==
Defaults.css
assets.dearsafrica.org/wp-content/uploads/smile_fonts/Defaults/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=3.19.13
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:48:58 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Tue, 24 Apr 2018 11:30:22 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
1123
etag
"6bf7-56a967ad56f80-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
4755
x-amz-cf-id
uAR803uIPpgXb68ja9XL78B-EoYReRuGo0mmapE6DUlSwP4XJJjQnw==
jquery.min.js
assets.dearsafrica.org/wp-includes/js/jquery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:48:58 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Sun, 02 Apr 2023 11:52:51 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
1994
etag
"15ed7-5f85914f60ac0-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
31049
x-amz-cf-id
ttTt98EUSVlr-TW5LJsovbUarrjQpCD20sJ75KxWoR_yGTXizBP98g==
jquery-migrate.min.js
assets.dearsafrica.org/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 12:12:45 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Sun, 02 Apr 2023 11:52:51 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
56173
etag
"3470-5f85914f60ac0-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4795
x-amz-cf-id
hlnDO5tQFPgM-kpmt1cqd8b7GQWQkoLmv280Pkf1zNW4e6w0260krg==
sharethis.js
platform-api.sharethis.com/js/ 		198 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js?ver=2.1.6
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-51.fra60.r.cloudfront.net
Software
/
Resource Hash
d7a1bdec6b5209de5be156a573409f2f9e30488cca22fb380d2234057c7973f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:44:32 GMT
content-encoding
gzip
via
1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P3
age
266
etag
W/"3184b-xStZrNgO3eG9+q9l3cRkzPWrPx0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
lqTY9w6emXZkwvGsYY0HAfZz9YpEQjIF4IGegKzp13dr_FVuhct2Xw==
Dear-South-Africa-cover-pic.jpg
cdn.dearsafrica.org/wp-content/uploads/2023/03/16150021/ 		767 KB
768 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.dearsafrica.org/wp-content/uploads/2023/03/16150021/Dear-South-Africa-cover-pic.jpg
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:ae00:16:4bdd:dd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7b136b24eecfa90c6cb4c5d86dc471cca986f61a73f9330e2c578e0c5384037

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 13:07:06 GMT
x-amz-version-id
gHWX.JDqKr2eQ4c_zMnBT_jEN10NgGXR
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 13:00:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
484914
etag
"ccaea987d1109353cbe4ab17cbdfc965"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
785553
x-amz-cf-id
te6favRecN8n9JruSl955K7ommzmiwvLp9STSMlTYBrdJbl-Y-RUBA==
cropped-D-logo.png
cdn.dearsafrica.org/wp-content/uploads/2022/11/27193642/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.dearsafrica.org/wp-content/uploads/2022/11/27193642/cropped-D-logo.png
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:ae00:16:4bdd:dd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0789236984b5b60fa6f796473e93c97ee99310911af9a0a3a95305034549733

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 08:39:49 GMT
x-amz-version-id
yG2qf62cs5KBPetYCfM_YFlxmDcIuUuQ
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
last-modified
Sun, 27 Nov 2022 17:36:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
1192150
etag
"0355d413a74f1a9e78075ecc46c24477"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9343
x-amz-cf-id
cLECLsBUparXIS2fa4MIDaUZSC5dBcw5ex_qaZKWUmoEcaWoPABG0w==
telegram-logo-transparent-s-150x150.png
cdn.dearsafrica.org/wp-content/uploads/2021/09/10190016/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.dearsafrica.org/wp-content/uploads/2021/09/10190016/telegram-logo-transparent-s-150x150.png
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:ae00:16:4bdd:dd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56735b66567ca6c378f79273b70e026041be1a28bfea0e8e1a4e92af26d23cb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 13:29:30 GMT
x-amz-version-id
CK1t7aknZoWkOdhwkArMYjevoI9ECT3V
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
last-modified
Fri, 10 Sep 2021 17:00:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
137970
etag
"d32cfeb944805782d4c136f61e4859ea"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11106
x-amz-cf-id
TtsOSp5J95uSPoiqdQQi2jBd0AEWlXjFt8V3m0U7xoNPeYMQSmBqOA==
expires
Sat, 10 Sep 2022 17:00:16 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		141 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7891e6bb22eae7c897e06efef59efc26a4e44cddde779a0a34b359f29e2c9b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:48:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48219
x-xss-protection
0
server
cafe
etag
14375594812393090111
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 20 Apr 2023 03:48:59 GMT
v4-shims.min.css
assets.dearsafrica.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/ 		34 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.10.0
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
cdfdf586f38cfb19c6264343cc6a64adce7ff0961834e96a2f912f01dc29e3f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:48:59 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Sun, 16 Oct 2022 14:53:31 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
etag
"865f-5eb2805bc50c0-gzip"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
4260
x-amz-cf-id
DW-54u5SI7_jIS5cRsPOi3kShOjlJuEJW7rDwJi0LVWddNw2V98ukw==
all.min.css
assets.dearsafrica.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.10.0
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
96aaab9a34711f1beef1c63071b992a7f3cb17654956cc09859d7a4dc71ab1f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:00 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Sun, 16 Oct 2022 14:53:31 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
etag
"da71-5eb2805bc50c0-gzip"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
12195
x-amz-cf-id
VyOTfHvt0EvDjMxHp-v3kUbD0_8pLpkxkK53cxLCOiOy-A7QaQo6nQ==
index.js
assets.dearsafrica.org/wp-content/plugins/contact-form-7/includes/swv/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.5.1
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 12:12:48 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Fri, 24 Mar 2023 08:10:52 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
56170
etag
"2801-5f7a0ee83db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3010
x-amz-cf-id
zKK9MU-L3kgkpzKjWURzOjsluVRgMvwF8WgxYiH-9o9qz1uTQ8ae5Q==
index.js
assets.dearsafrica.org/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.5.1
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:00 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Fri, 24 Mar 2023 08:10:52 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
etag
"328f-5f7a0ee83db00-gzip"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4182
x-amz-cf-id
jHBTUOZ9ZDrlVOSbYK3aFMeXyMe7xFueBOBVJDjLApDJv-TZ_XZG7w==
skip-link-focus-fix.js
assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/js/ 		683 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=20161114
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 12:12:49 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Sun, 02 Apr 2023 11:51:53 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
56170
etag
"2ab-5f85911810840-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
416
x-amz-cf-id
mQ4MbWInwnHHNokgcf1NNKP6tWK_OQymwjhNM5ddsIa9EqhlycoOaA==
navigation.js
assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/js/navigation.js?ver=20210122
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
1c98a8d8813ac4e8d1d79e5b5981c41ecce80bfdb7e55b70430e429690a0dbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:48:59 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Sun, 02 Apr 2023 11:51:53 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
11522
etag
"eb0-5f85911810840-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1161
x-amz-cf-id
MmWmqqN99MlYnbvh1gD8FKDM6P5QI0glZnQgJG-MQPlH1EPwwPxkdA==
global.js
assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/js/global.js?ver=20211130
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
75d7fd1066c67dfe078b0cf1fe3863d2b883076cb6f4e41988708179f7e18488

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 12:12:50 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Sun, 02 Apr 2023 11:51:53 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
56169
etag
"1e91-5f85911810840-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2638
x-amz-cf-id
gYQqHYloEill8J5UL66nYjO8vS7e0BcIFyeO7WBpMFsL2TTFkx-Yeg==
jquery.scrollTo.js
assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.3
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
74b88e3c74597c256390ff0cf19b7bc9c5427ca2b0651959c164b29253965871

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:48:59 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Sun, 02 Apr 2023 11:51:53 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
etag
"16b9-5f85911810840-gzip"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2414
x-amz-cf-id
xK2r9MckmaB8CtAQ3IeWvI_tJF9tVmcJwhSQXWse1-UB2ubZ6zzNKw==
js_composer_front.min.js
assets.dearsafrica.org/wp-content/plugins/js_composer/assets/js/dist/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.10.0
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
bf817ee4b2d4e9d98e05e1382d295f8f10fef43770cd4e291d924a5d0afc8cc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 04:45:47 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Sun, 16 Oct 2022 14:53:30 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
82992
etag
"4e52-5eb2805ad0e80-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5640
x-amz-cf-id
GxmBK57kA-aSZkyNg8zMQzDKqsvCtT2Xw6WGiecHagBzsi_eEz5QKA==
dwf.js
assets.dearsafrica.org/wp-content/plugins/gtranslate/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/plugins/gtranslate/js/dwf.js?ver=f4920696fab6b25cbfbdef2f1d9d6067
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
0dd87ad81cb47a3f7883744163a0833ccf1a60beec8cf1be4020091b6c50d54f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 08:28:09 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 07:50:35 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
69650
etag
"5083-5f6ffb73ee8c0-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6221
x-amz-cf-id
CexZs-cNBdzdc5s5XVgcna9F9IL0WlMW8oKcHDyqXuc1IosO90aTsg==
wp-emoji-release.min.js
assets.dearsafrica.org/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-includes/js/wp-emoji-release.min.js?ver=f4920696fab6b25cbfbdef2f1d9d6067
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 12:20:31 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Sun, 02 Apr 2023 11:52:50 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
55708
etag
"4904-5f85914e6c880-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5039
x-amz-cf-id
pafeCF9Cd2HRYFxijmZ63SQOYemo9hUHjaUYx4eUrZrXVIvfe7cGyQ==
api.js
www.google.com/recaptcha/ 		887 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfsJWcaAAAAAIodDZu4PV1f9EGu6Jli5LsPAEq_&hl=en-ZA
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eccf45df26221553a12a10101c031bcb43321c2a6b692eaae3d8bc243fa90c21
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
585
x-xss-protection
1; mode=block
expires
Thu, 20 Apr 2023 03:48:59 GMT
60a645dd700a9f0012979def.js
buttons-config.sharethis.com/js/ 		368 B
791 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/60a645dd700a9f0012979def.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=2.1.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d14f2497cfd1f8d4c1565de2a76ee5454599bc12196006e9776dec30de531ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:00 GMT
via
1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 20 May 2021 11:20:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"9d8f19d720a643daad188638a6d9eb9b"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
368
x-amz-cf-id
fdX65HOYtfEHKEl4c-V2Zk6VMABLosZ97M4Hh8pvMflXbZqF2Puoag==
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 20 Apr 2023 03:48:59 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27967
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
UdjbkDRiwJM2M1fLavER06CZiP9MvvhD2ghbqCsOM2ogN/fwO5bQVTxJ4aMvpqPqPtexj2y/a7Cpge2UNT+FWw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
pview
l.sharethis.com/ 		0
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=dearsafrica.org&location=%2Ftelegram%2F&product=unknown&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&source=sharethis-share-buttons-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=DearSA%20Telegram%20Channel%20-%20Dear%20South%20Africa&cms=unknown&publisher=60a645dd700a9f0012979def&sop=true&version=st_sop.js&lang=en&description=Join%20DearSA%E2%80%99s%20Telegram%20channel%20to%20receive%20instant%20updates%2C%20campaign%20notifications%20and%20access%20to%20exclusive%20content.&ua=&ua_mobile=false&ua_full_version_list=
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=2.1.6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.45.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-45-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Thu, 20 Apr 2023 03:48:59 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://dearsafrica.org
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
libre-franklin-latin-400-normal.woff2
assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/fonts/libre-franklin/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/fonts/libre-franklin/libre-franklin-latin-400-normal.woff2?ver=13
Requested by
Host: assets.dearsafrica.org
URL: https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/fonts/font-libre-franklin.css?ver=20230328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
6b49f91c87827ee6adc5a811c73e6a1b493adc72a8c0a832fc4c77e80c0226ed

Request headers

Referer
https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/fonts/font-libre-franklin.css?ver=20230328
Origin
https://dearsafrica.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:48:59 GMT
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified
Sun, 02 Apr 2023 11:51:53 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
1123
etag
"3748-5f85911810840"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
14152
x-amz-cf-id
ObsEqbQXxKFnuO8Z0R7oA-AymNhfAW4Aiic9h9CZfEVzaVmMzY9AUg==
libre-franklin-latin-800-normal.woff2
assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/fonts/libre-franklin/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/fonts/libre-franklin/libre-franklin-latin-800-normal.woff2?ver=13
Requested by
Host: assets.dearsafrica.org
URL: https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/fonts/font-libre-franklin.css?ver=20230328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
5b9f8309656f0c7dbd03d7646bd1ee4cfbe6721997150b3a60521f1e616f9776

Request headers

Referer
https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/fonts/font-libre-franklin.css?ver=20230328
Origin
https://dearsafrica.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:01:54 GMT
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified
Sun, 02 Apr 2023 11:51:53 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
age
53225
etag
"37b4-5f85911810840"
x-cache
Hit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
14260
x-amz-cf-id
2jb-zfntdSQF0luuW-bvZ5b8kCR4QNwdyLtqBmT8eFf-HdWT0ECkNA==
libre-franklin-latin-600-normal.woff2
assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/fonts/libre-franklin/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/fonts/libre-franklin/libre-franklin-latin-600-normal.woff2?ver=13
Requested by
Host: assets.dearsafrica.org
URL: https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/fonts/font-libre-franklin.css?ver=20230328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
332424fb2ddf89a7444e2eec115092c170270832cda90855732278868d7c6482

Request headers

Referer
https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/fonts/font-libre-franklin.css?ver=20230328
Origin
https://dearsafrica.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:00 GMT
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified
Sun, 02 Apr 2023 11:51:53 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
etag
"378c-5f85911810840"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
14220
x-amz-cf-id
Vxomiqfstd22mNGDHmpQMliijsDAUpOG4aqL41iOOs9fXh7_An7ADA==
libre-franklin-latin-300-normal.woff2
assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/fonts/libre-franklin/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/fonts/libre-franklin/libre-franklin-latin-300-normal.woff2?ver=13
Requested by
Host: assets.dearsafrica.org
URL: https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/fonts/font-libre-franklin.css?ver=20230328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
d64318e42a2c65a248f58ed2d5cb4159898e16c9a3684ef3c83a6507b02afaa7

Request headers

Referer
https://assets.dearsafrica.org/wp-content/themes/twentyseventeen/assets/fonts/font-libre-franklin.css?ver=20230328
Origin
https://dearsafrica.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:00 GMT
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified
Sun, 02 Apr 2023 11:51:53 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
etag
"373c-5f85911810840"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
14140
x-amz-cf-id
qaR7PcbcOqrh7b5pTWDxOw0foBquHC0A9pc-r1d6E2CtnsIrknsthQ==
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.102
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Apr 2023 03:48:59 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20722
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
1TkmFF0cF5QOoiU1Wwf3z1HiB9e53W+JMj2h4mUnqDwN1Q9OcWerZP/ynYli3Ek7aXMn0JdRM66ydgGTgf3viQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
352520535155375
connect.facebook.net/signals/config/ 		379 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/352520535155375?v=2.9.102&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
549659e7ff05165f2e9a676707b60642b803eca020bbca690a42bf327255dad6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 20 Apr 2023 03:48:59 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
wiSq4BWPOz6E5tU5X+qVg199cXJ6oi8L+U89NAXOioaSmk9gyMhnqazZT9rGeFuSEVXnAIbCjua7KI3Es3SOlw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/ 		345 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7336949526915499&plah=dearsafrica.org&bust=31074011
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f06de278c5d95689eb205e7064e29b4ebc879a3a25964b701aed7b23190b33c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:48:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118223
x-xss-protection
0
server
cafe
etag
16505783351247385945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 Apr 2023 03:48:59 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230417/r20190131/ Frame 3709 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230417/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dearsafrica.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
40381
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 16:35:58 GMT
etag
2378337311435320485
expires
Wed, 03 May 2023 16:35:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		397 B
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=dearsafrica.org&callback=_gfp_s_&client=ca-pub-7336949526915499
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7336949526915499&plah=dearsafrica.org&bust=31074011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fe2ae3eac86351d18833e6b99c96898f6b86bcceb1aff6cc2654b3ecde69936
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
254
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=dearsafrica.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7336949526915499&plah=dearsafrica.org&bust=31074011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dearsafrica.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7336949526915499&plah=dearsafrica.org&bust=31074011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E445 		100 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=250&slotname=3788341704&adk=1411966868&adf=1108648429&pi=t.ma~as.3788341704&w=330&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=330x250&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539851&bpp=6&bdt=1490&idt=199&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&correlator=6567709478477&frm=20&pv=2&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=342&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=S81ha8BJfy&p=https%3A//dearsafrica.org&dtd=214
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7336949526915499&plah=dearsafrica.org&bust=31074011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8df377dfa6d8c4df5a696b874261392fef0c1025e8e629d0ac353b56de864166
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dearsafrica.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
33214
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 03:49:00 GMT
expires
Thu, 20 Apr 2023 03:49:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4BE8 		100 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=280&slotname=3788341704&adk=905624607&adf=2260843720&pi=t.ma~as.3788341704&w=531&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=531x280&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539857&bpp=1&bdt=1496&idt=217&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&prev_fmts=330x250&correlator=6567709478477&frm=20&pv=1&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=727&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=XQ4pzXQXFM&p=https%3A//dearsafrica.org&dtd=219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7336949526915499&plah=dearsafrica.org&bust=31074011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d603002a80270f5a0960c6646b64c56a7bbf489ac640b5d34d7f5a73c1432029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dearsafrica.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
33082
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 03:49:00 GMT
expires
Thu, 20 Apr 2023 03:49:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fa-brands-400.woff2
assets.dearsafrica.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.dearsafrica.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: assets.dearsafrica.org
URL: https://assets.dearsafrica.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.10.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:6:6970:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
5054ab369966fea3657ac6af00c3bc47bdc9e7b5114e61d1764be06213ca9781

Request headers

Referer
https://assets.dearsafrica.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.10.0
Origin
https://dearsafrica.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:00 GMT
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified
Sun, 16 Oct 2022 14:53:31 GMT
server
Apache
x-amz-cf-pop
FRA6-C1
etag
"12668-5eb2805bc50c0"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
75368
x-amz-cf-id
TrmH3o3Pm-rteYH7lWzgva67pArAlzsvIR2TcuEs3TdTPAUVTmGdMg==
recaptcha__en_gb.js
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ 		406 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en_gb.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfsJWcaAAAAAIodDZu4PV1f9EGu6Jli5LsPAEq_&hl=en-ZA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8511c345649a2b0095992aa763caf18ea19bf39ef02d1078bc479a019f84dd89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dearsafrica.org/
Origin
https://dearsafrica.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 20:35:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166659
x-xss-protection
0
last-modified
Sun, 02 Apr 2023 18:01:18 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 18 Apr 2024 20:35:51 GMT
en.svg
dearsafrica.org/wp-content/plugins/gtranslate/flags/svg/ 		862 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dearsafrica.org/wp-content/plugins/gtranslate/flags/svg/en.svg
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
129.232.251.154 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
dedi129.jnb3.host-h.net
Software
Apache /
Resource Hash
de46013c87c1d6b0e4804a6bd8be50f2c5f961c5adbc42ba40b8913af33afe75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/telegram/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:00 GMT
last-modified
Thu, 16 Mar 2023 07:50:35 GMT
server
Apache
accept-ranges
bytes
etag
"35e-5f6ffb73ee8c0"
content-length
862
content-type
image/svg+xml
truncated
/ 		270 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=dearsafrica.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7336949526915499&plah=dearsafrica.org&bust=31074011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dearsafrica.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7336949526915499&plah=dearsafrica.org&bust=31074011
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AF4A 		486 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&adk=1812271804&adf=3025194257&lmt=1681962540&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962540494&bpp=3&bdt=2133&idt=3&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2323b346cdc9eb43-220f6d2ba1dd0027%3AT%3D1681962540%3ART%3D1681962540%3AS%3DALNI_MaRH6njP7SwuePHZwAsmHyI9bLz9A&gpic=UID%3D00000bd84862a4b0%3AT%3D1681962540%3ART%3D1681962540%3AS%3DALNI_Mav2Z74ZW3U6d0v0BLY8TxqZYzepA&prev_fmts=330x250%2C531x280&nras=1&correlator=6567709478477&frm=20&pv=1&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=17
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7336949526915499&plah=dearsafrica.org&bust=31074011
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce2dbd2686de9e7f4b69ff388c1a03f73fca2f339b5f217b2646ae240badaead
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dearsafrica.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
94287
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 03:49:01 GMT
expires
Thu, 20 Apr 2023 03:49:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
get_counts
count-server.sharethis.com/v2.0/ 		251 B
611 B 		Script
General
Check archive.org
Download Go to
Full URL
https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=2.1.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-81.fra60.r.cloudfront.net
Software
/
Resource Hash
b51ae7b8866a52766cec77a3e88c209f5b4c91a67c82e8c8404f86c382b0bc72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:00 GMT
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P1
etag
64a685c48d0b6bd367937b77bfd77ba5
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
content-length
251
apigw-requestid
DqFnBhZfIAMESCQ=
x-amz-cf-id
Lz5Hhf01MlTy6FkdtOSpOkGCP4xlyXpI3XisuYjDPQQnVM7vjw5lkA==
facebook.svg
platform-cdn.sharethis.com/img/ 		301 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:f000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 12:15:14 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
1472923
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
301
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
etag
"c6e9be45643e197ce1db1d7e24a99adc"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
St3zE48b9PL1mUH3dGBhlYoaOINHz93DRR_4NqaDF3z6PBrIjFL-Wg==
twitter.svg
platform-cdn.sharethis.com/img/ 		731 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:f000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 01:32:33 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
2254587
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
731
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
etag
"0af2fb38987598376c99e21af17ade45"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
jRvP_3dfKjV-BdW8yFF-I-A3ZiJEHM0DPqewm7e4rz5JyUzohEQoMw==
whatsapp.svg
platform-cdn.sharethis.com/img/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/whatsapp.svg
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:f000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 03:45:39 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
1526468
x-amz-server-side-encryption
AES256
etag
"afe7fc60ed757db39a88d2950fce69c9"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
832
x-amz-cf-id
bMiHt2kFHGmXiub7Osu6LQzvBJ4L6XxeOfW-2gijmmsSRxrRu3_TYg==
telegram.svg
platform-cdn.sharethis.com/img/ 		858 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/telegram.svg
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:f000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03e42b95e9049816d901eabbe2a2247deda61a85972e3a50e3c8274e6c5fe39b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:48:32 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 12 Aug 2022 01:07:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
29
x-amz-server-side-encryption
AES256
etag
"e3f5e90fa57764cd951db1b1bc688edd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
858
x-amz-cf-id
dcij9Phafdz6PMMjNDnfLEtNMsz1Au3qgnwvcmX-d542q4HtQxMz6Q==
messenger.svg
platform-cdn.sharethis.com/img/ 		372 B
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/messenger.svg
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:f000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 04:18:46 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
2091773
x-amz-server-side-encryption
AES256
etag
"a5aa43fa302867d3e888ac2f69b7b288"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
372
x-amz-cf-id
mvtfKdSGWRc7mq2E_AmV3I7j6KLkdEo7SvZ6nBHQ-WykAG3HACJThw==
email.svg
platform-cdn.sharethis.com/img/ 		343 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/email.svg
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:f000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 03:56:21 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
1498091
x-amz-server-side-encryption
AES256
etag
"5977437466e857c7ddcadda6f6d88c2a"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
343
x-amz-cf-id
1N8a9fwVuagqZlhRMTg1D4BynuhRSdbIUuVtIuK7YBjXKgRIa7ed6w==
11400597650621999767
tpc.googlesyndication.com/simgad/ Frame 4BE8 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11400597650621999767?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlXi4NQUrM50qxUWFQBll0ggUCa3A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=280&slotname=3788341704&adk=905624607&adf=2260843720&pi=t.ma~as.3788341704&w=531&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=531x280&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539857&bpp=1&bdt=1496&idt=217&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&prev_fmts=330x250&correlator=6567709478477&frm=20&pv=1&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=727&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=XQ4pzXQXFM&p=https%3A//dearsafrica.org&dtd=219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
791deb7394e238c31ebe7fade04592d5a73beb2e1d78634157c50b761e0f395a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 19:35:21 GMT
x-content-type-options
nosniff
age
202419
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6835
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 02:28:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 16 Apr 2024 19:35:21 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/ Frame 4BE8 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=280&slotname=3788341704&adk=905624607&adf=2260843720&pi=t.ma~as.3788341704&w=531&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=531x280&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539857&bpp=1&bdt=1496&idt=217&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&prev_fmts=330x250&correlator=6567709478477&frm=20&pv=1&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=727&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=XQ4pzXQXFM&p=https%3A//dearsafrica.org&dtd=219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:25:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
41017
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8756
x-xss-protection
0
server
cafe
etag
5179999606349116156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 May 2023 16:25:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 4BE8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=280&slotname=3788341704&adk=905624607&adf=2260843720&pi=t.ma~as.3788341704&w=531&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=531x280&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539857&bpp=1&bdt=1496&idt=217&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&prev_fmts=330x250&correlator=6567709478477&frm=20&pv=1&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=727&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=XQ4pzXQXFM&p=https%3A//dearsafrica.org&dtd=219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 01:59:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
6555
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 May 2023 01:59:45 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 4BE8 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=280&slotname=3788341704&adk=905624607&adf=2260843720&pi=t.ma~as.3788341704&w=531&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=531x280&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539857&bpp=1&bdt=1496&idt=217&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&prev_fmts=330x250&correlator=6567709478477&frm=20&pv=1&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=727&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=XQ4pzXQXFM&p=https%3A//dearsafrica.org&dtd=219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:05:12 GMT
x-content-type-options
nosniff
server
cafe
age
35028
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Thu, 20 Apr 2023 18:05:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 4BE8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=280&slotname=3788341704&adk=905624607&adf=2260843720&pi=t.ma~as.3788341704&w=531&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=531x280&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539857&bpp=1&bdt=1496&idt=217&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&prev_fmts=330x250&correlator=6567709478477&frm=20&pv=1&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=727&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=XQ4pzXQXFM&p=https%3A//dearsafrica.org&dtd=219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
41008
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8509
x-xss-protection
0
server
cafe
etag
3034682829645713766
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 May 2023 16:25:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4BE8 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=280&slotname=3788341704&adk=905624607&adf=2260843720&pi=t.ma~as.3788341704&w=531&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=531x280&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539857&bpp=1&bdt=1496&idt=217&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&prev_fmts=330x250&correlator=6567709478477&frm=20&pv=1&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=727&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=XQ4pzXQXFM&p=https%3A//dearsafrica.org&dtd=219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Apr 2023 03:49:00 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 4BE8 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=280&slotname=3788341704&adk=905624607&adf=2260843720&pi=t.ma~as.3788341704&w=531&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=531x280&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539857&bpp=1&bdt=1496&idt=217&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&prev_fmts=330x250&correlator=6567709478477&frm=20&pv=1&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=727&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=XQ4pzXQXFM&p=https%3A//dearsafrica.org&dtd=219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94f229715266533168e8bde4c66fc0b249d45e022cb9cc333495f4a68a702017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 01:59:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
6556
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13518
x-xss-protection
0
server
cafe
etag
3101116608242260287
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 May 2023 01:59:44 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4BE8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6lVvLLZAZNyJBuK8x_AP8LeW6AaTwJnNb62dyYj8EKyuiKT-OBABIP2SjWdgleKQgqAHoAGk3ZqLA8gBAqgDAcgDyQSqBOIBT9BydmIAeZs7OVo_Hx1lcsFs0am3xKK-mHlnva_RPOKq07WISezvhD4yenT2HSQAcBFDwp_onvKm5BtCWRv19LNsqBlrXK1y6l7KQ4lylRPu2WAQefSdFTYpYoEUf8K_HlxCNmk1Nvhvf-PpkCIX5Ke3ze2Jdi1Gn7sY6Lo_VFIy8IRvNkt1xjrVQr2zvk6ZJKHuQFUPAbDqFbxgaqu_xL9yaL_B7-o4Yhc5N2wAISy7A2kXV8zv-tKm0RUA5vOrOuXCt3a5w1DPQHkHB8QlcHPIYQ4NULEshf9XdcRbCfjZ_8AE97fc5ZsEkgUECAQYAZIFBAgFGASgBgKAB8Si5XSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDP1gjSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi03MzM2OTQ5NTI2OTE1NDk5GAA&sigh=QmLF4Nj1T30&uach_m=[UACH]&cid=CAQSGwBygQiDwLI2gXB6vCSnNy3yDTd207WMFvJi1hgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=280&slotname=3788341704&adk=905624607&adf=2260843720&pi=t.ma~as.3788341704&w=531&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=531x280&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539857&bpp=1&bdt=1496&idt=217&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&prev_fmts=330x250&correlator=6567709478477&frm=20&pv=1&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=727&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=XQ4pzXQXFM&p=https%3A//dearsafrica.org&dtd=219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=280&slotname=3788341704&adk=905624607&adf=2260843720&pi=t.ma~as.3788341704&w=531&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=531x280&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539857&bpp=1&bdt=1496&idt=217&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&prev_fmts=330x250&correlator=6567709478477&frm=20&pv=1&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=727&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=XQ4pzXQXFM&p=https%3A//dearsafrica.org&dtd=219
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 20 Apr 2023 03:49:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Apr 2023 03:49:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8C52 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=280&slotname=3788341704&adk=905624607&adf=2260843720&pi=t.ma~as.3788341704&w=531&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=531x280&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539857&bpp=1&bdt=1496&idt=217&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&prev_fmts=330x250&correlator=6567709478477&frm=20&pv=1&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=727&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=XQ4pzXQXFM&p=https%3A//dearsafrica.org&dtd=219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=280&slotname=3788341704&adk=905624607&adf=2260843720&pi=t.ma~as.3788341704&w=531&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=531x280&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539857&bpp=1&bdt=1496&idt=217&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&prev_fmts=330x250&correlator=6567709478477&frm=20&pv=1&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=727&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=XQ4pzXQXFM&p=https%3A//dearsafrica.org&dtd=219
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2855
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 03:01:25 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4BE8 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65dc4a7b107dcd9a3c8cfd19650394a7539e3f47c8ab72091e1145a6244dd0b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8C52
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=280&slotname=3788341704&adk=905624607&adf=2260843720&pi=t.ma~as.3788341704&w=531&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=531x280&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539857&bpp=1&bdt=1496&idt=217&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&prev_fmts=330x250&correlator=6567709478477&frm=20&pv=1&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=727&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=XQ4pzXQXFM&p=https%3A//dearsafrica.org&dtd=219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 03:49:00 GMT
expires
Thu, 20 Apr 2023 03:49:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 03:49:00 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame 2E1A 		47 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsJWcaAAAAAIodDZu4PV1f9EGu6Jli5LsPAEq_&co=aHR0cHM6Ly9kZWFyc2FmcmljYS5vcmc6NDQz&hl=en-GB&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=dt884vuv0wes
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en_gb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
07847efe9fad4be13de0f33c08a56fbac9572e75bc9ee1020c4ea356a195a84c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7-DZ8EJXygpTm3pDAFC3kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dearsafrica.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
26031
content-security-policy
script-src 'report-sample' 'nonce-7-DZ8EJXygpTm3pDAFC3kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 03:49:00 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3552030442047011578
tpc.googlesyndication.com/simgad/ Frame E445 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3552030442047011578?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkvGf2ckBxP-jNgrRPgMp_73jrIdQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=250&slotname=3788341704&adk=1411966868&adf=1108648429&pi=t.ma~as.3788341704&w=330&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=330x250&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539851&bpp=6&bdt=1490&idt=199&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&correlator=6567709478477&frm=20&pv=2&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=342&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=S81ha8BJfy&p=https%3A//dearsafrica.org&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7c8e2f2c84102e0220f49c2b49d4510d84b1afb4bf8ad4c857a7c66c560e8d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 11:28:12 GMT
x-content-type-options
nosniff
age
58848
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53791
x-xss-protection
0
last-modified
Fri, 30 Dec 2022 06:20:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 18 Apr 2024 11:28:12 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/ Frame E445 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=250&slotname=3788341704&adk=1411966868&adf=1108648429&pi=t.ma~as.3788341704&w=330&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=330x250&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539851&bpp=6&bdt=1490&idt=199&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&correlator=6567709478477&frm=20&pv=2&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=342&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=S81ha8BJfy&p=https%3A//dearsafrica.org&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:25:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
41017
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8756
x-xss-protection
0
server
cafe
etag
5179999606349116156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 May 2023 16:25:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame E445 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=250&slotname=3788341704&adk=1411966868&adf=1108648429&pi=t.ma~as.3788341704&w=330&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=330x250&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539851&bpp=6&bdt=1490&idt=199&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&correlator=6567709478477&frm=20&pv=2&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=342&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=S81ha8BJfy&p=https%3A//dearsafrica.org&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 01:59:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
6555
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 May 2023 01:59:45 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame E445 		67 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=250&slotname=3788341704&adk=1411966868&adf=1108648429&pi=t.ma~as.3788341704&w=330&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=330x250&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539851&bpp=6&bdt=1490&idt=199&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&correlator=6567709478477&frm=20&pv=2&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=342&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=S81ha8BJfy&p=https%3A//dearsafrica.org&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 18:05:12 GMT
x-content-type-options
nosniff
server
cafe
age
35028
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Thu, 20 Apr 2023 18:05:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame E445 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=250&slotname=3788341704&adk=1411966868&adf=1108648429&pi=t.ma~as.3788341704&w=330&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=330x250&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539851&bpp=6&bdt=1490&idt=199&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&correlator=6567709478477&frm=20&pv=2&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=342&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=S81ha8BJfy&p=https%3A//dearsafrica.org&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
41008
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8509
x-xss-protection
0
server
cafe
etag
3034682829645713766
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 May 2023 16:25:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E445 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=250&slotname=3788341704&adk=1411966868&adf=1108648429&pi=t.ma~as.3788341704&w=330&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=330x250&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539851&bpp=6&bdt=1490&idt=199&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&correlator=6567709478477&frm=20&pv=2&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=342&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=S81ha8BJfy&p=https%3A//dearsafrica.org&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Apr 2023 03:49:01 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame E445 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=250&slotname=3788341704&adk=1411966868&adf=1108648429&pi=t.ma~as.3788341704&w=330&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=330x250&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539851&bpp=6&bdt=1490&idt=199&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&correlator=6567709478477&frm=20&pv=2&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=342&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=S81ha8BJfy&p=https%3A//dearsafrica.org&dtd=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94f229715266533168e8bde4c66fc0b249d45e022cb9cc333495f4a68a702017
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 01:59:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
6556
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13518
x-xss-protection
0
server
cafe
etag
3101116608242260287
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 May 2023 01:59:44 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E445 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CuLK8LLZAZMraBdT47gPQqIewBrvrw-tv1bev2ukQ2tkeEAEg_ZKNZ2DtBKABh4O_9wPIAQKoAwHIA8kEqgTgAU_QlQqhVHtsavVvm5iiOL_fyRiijmWE1REK5NM0eACGNKrpoXeHrQoaMO66btJ69sj3_sSAOYnRivt4tvqNi-FPUyTrXuMJx29c4Z-dnGqBbKpQFShAdLtk2p4yWLBlxlpvjmKWp8txwWdSfS7vfjClezvUT7UYlc4qKeYFFk2MQDtM9paM_YRf5tKTTa9wKFbK9ScqgdNl1SVH_USoktQLVVZ2J1798sUAEH6RUjXJNm7ujp5FqS5eu2qxtjkw0hJfs16mPxKN3lUYZlOt5yiFbiIcnLcZzeo43HxYGQBIwASkwejAmASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHprv-hQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBChuQPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi03MzM2OTQ5NTI2OTE1NDk5GAA&sigh=fm6zmQnuCe8&uach_m=[UACH]&cid=CAQSGwBygQiD2Tlbx-nzvF0NAuRGGy4KxR9QVOKN9xgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=250&slotname=3788341704&adk=1411966868&adf=1108648429&pi=t.ma~as.3788341704&w=330&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=330x250&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539851&bpp=6&bdt=1490&idt=199&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&correlator=6567709478477&frm=20&pv=2&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=342&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=S81ha8BJfy&p=https%3A//dearsafrica.org&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=250&slotname=3788341704&adk=1411966868&adf=1108648429&pi=t.ma~as.3788341704&w=330&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=330x250&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539851&bpp=6&bdt=1490&idt=199&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&correlator=6567709478477&frm=20&pv=2&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=342&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=S81ha8BJfy&p=https%3A//dearsafrica.org&dtd=214
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 20 Apr 2023 03:49:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame 2E1A 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsJWcaAAAAAIodDZu4PV1f9EGu6Jli5LsPAEq_&co=aHR0cHM6Ly9kZWFyc2FmcmljYS5vcmc6NDQz&hl=en-GB&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=dt884vuv0wes
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 23:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sun, 02 Apr 2023 18:01:18 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 18 Apr 2024 23:06:27 GMT
recaptcha__en_gb.js
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame 2E1A 		406 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en_gb.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsJWcaAAAAAIodDZu4PV1f9EGu6Jli5LsPAEq_&co=aHR0cHM6Ly9kZWFyc2FmcmljYS5vcmc6NDQz&hl=en-GB&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=dt884vuv0wes
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8511c345649a2b0095992aa763caf18ea19bf39ef02d1078bc479a019f84dd89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 20:35:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166659
x-xss-protection
0
last-modified
Sun, 02 Apr 2023 18:01:18 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 18 Apr 2024 20:35:51 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame BC6D 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=250&slotname=3788341704&adk=1411966868&adf=1108648429&pi=t.ma~as.3788341704&w=330&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=330x250&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539851&bpp=6&bdt=1490&idt=199&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&correlator=6567709478477&frm=20&pv=2&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=342&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=S81ha8BJfy&p=https%3A//dearsafrica.org&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=250&slotname=3788341704&adk=1411966868&adf=1108648429&pi=t.ma~as.3788341704&w=330&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=330x250&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539851&bpp=6&bdt=1490&idt=199&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&correlator=6567709478477&frm=20&pv=2&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=342&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=S81ha8BJfy&p=https%3A//dearsafrica.org&dtd=214
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2855
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 03:01:25 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
pagead2.googlesyndication.com/bg/ Frame 0B9C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=280&slotname=3788341704&adk=905624607&adf=2260843720&pi=t.ma~as.3788341704&w=531&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=531x280&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539857&bpp=1&bdt=1496&idt=217&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&prev_fmts=330x250&correlator=6567709478477&frm=20&pv=1&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=727&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=XQ4pzXQXFM&p=https%3A//dearsafrica.org&dtd=219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 06:50:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
248305
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14077
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 06:50:35 GMT
truncated
/ Frame E445 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59df5409d69ed28fe36c0f1ed2cc50158faac96d084bd13907d78fb7d8b37b3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame BC6D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=250&slotname=3788341704&adk=1411966868&adf=1108648429&pi=t.ma~as.3788341704&w=330&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=330x250&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539851&bpp=6&bdt=1490&idt=199&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&correlator=6567709478477&frm=20&pv=2&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=342&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=S81ha8BJfy&p=https%3A//dearsafrica.org&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 03:49:01 GMT
expires
Thu, 20 Apr 2023 03:49:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 03:49:00 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 2E1A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 02:01:19 GMT
x-content-type-options
nosniff
age
92862
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 26 Apr 2023 02:01:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2E1A 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsJWcaAAAAAIodDZu4PV1f9EGu6Jli5LsPAEq_&co=aHR0cHM6Ly9kZWFyc2FmcmljYS5vcmc6NDQz&hl=en-GB&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=dt884vuv0wes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 10:31:06 GMT
x-content-type-options
nosniff
age
148675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Apr 2024 10:31:06 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2E1A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsJWcaAAAAAIodDZu4PV1f9EGu6Jli5LsPAEq_&co=aHR0cHM6Ly9kZWFyc2FmcmljYS5vcmc6NDQz&hl=en-GB&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=dt884vuv0wes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 10:31:04 GMT
x-content-type-options
nosniff
age
148677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Apr 2024 10:31:04 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/reactive_library_fy2021.js?bust=31074011
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7336949526915499&plah=dearsafrica.org&bust=31074011
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3ead83c86c66f06cf62e8f70af28b997a4ce1cf3f75c3743648e2c12ff49d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52055
x-xss-protection
0
server
cafe
etag
11077776113194923889
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 20 Apr 2023 03:49:01 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 2E1A 		105 B
137 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en-GB&v=6MY32oPwFCn9SUKWt8czDsDw
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsJWcaAAAAAIodDZu4PV1f9EGu6Jli5LsPAEq_&co=aHR0cHM6Ly9kZWFyc2FmcmljYS5vcmc6NDQz&hl=en-GB&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=dt884vuv0wes
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
117991968e3bbb57a1520ba7d9af9f54cc8a7775cb25352ef34a783ae3742119
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsJWcaAAAAAIodDZu4PV1f9EGu6Jli5LsPAEq_&co=aHR0cHM6Ly9kZWFyc2FmcmljYS5vcmc6NDQz&hl=en-GB&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=dt884vuv0wes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
x-xss-protection
1; mode=block
expires
Thu, 20 Apr 2023 03:49:01 GMT
sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
pagead2.googlesyndication.com/bg/ Frame B5D6 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7336949526915499&output=html&h=250&slotname=3788341704&adk=1411966868&adf=1108648429&pi=t.ma~as.3788341704&w=330&fwrn=4&fwrnh=100&lmt=1681962540&rafmt=1&format=330x250&url=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681962539851&bpp=6&bdt=1490&idt=199&shv=r20230417&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&correlator=6567709478477&frm=20&pv=2&ga_vid=1217469917.1681962540&ga_sid=1681962540&ga_hid=1078870691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=342&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31073794%2C31074011&oid=2&pvsid=3786117177548333&tmod=1765858065&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=S81ha8BJfy&p=https%3A//dearsafrica.org&dtd=214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 06:50:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
248306
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14077
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 06:50:35 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=dearsafrica.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7336949526915499&plah=dearsafrica.org&bust=31074011
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dearsafrica.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7336949526915499&plah=dearsafrica.org&bust=31074011
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/ Frame CA82 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7336949526915499&plah=dearsafrica.org&bust=31074011
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dearsafrica.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39808
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 16:45:33 GMT
etag
2378337311435320485
expires
Wed, 03 May 2023 16:45:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/ Frame 6F45 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7336949526915499&plah=dearsafrica.org&bust=31074011
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dearsafrica.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39808
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 16:45:33 GMT
etag
2378337311435320485
expires
Wed, 03 May 2023 16:45:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/ Frame BA6E 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7336949526915499&plah=dearsafrica.org&bust=31074011
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dearsafrica.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39808
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 16:45:33 GMT
etag
2378337311435320485
expires
Wed, 03 May 2023 16:45:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/ Frame 53B7 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7336949526915499&plah=dearsafrica.org&bust=31074011
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dearsafrica.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39808
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 16:45:33 GMT
etag
2378337311435320485
expires
Wed, 03 May 2023 16:45:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=352520535155375&ev=PageView&dl=https%3A%2F%2Fdearsafrica.org%2Ftelegram%2F&rl=&if=false&ts=1681962541592&sw=1600&sh=1200&v=2.9.102&r=stable&a=wordpress-6.2-3.0.9&ec=0&o=30&cs_est=true&fbp=fb.1.1681962541591.2018764901&it=1681962539621&coo=false&rqm=GET
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 20 Apr 2023 03:49:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reload
www.google.com/recaptcha/api2/ Frame 2E1A 		32 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LfsJWcaAAAAAIodDZu4PV1f9EGu6Jli5LsPAEq_
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__en_gb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fb6158dc6c3f946e6a16494542ed9b921e69b0cf87440e2b4507915a3f11e85f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsJWcaAAAAAIodDZu4PV1f9EGu6Jli5LsPAEq_&co=aHR0cHM6Ly9kZWFyc2FmcmljYS5vcmc6NDQz&hl=en-GB&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=dt884vuv0wes
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 20 Apr 2023 03:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18726
x-xss-protection
1; mode=block
expires
Thu, 20 Apr 2023 03:49:01 GMT
css2
fonts.googleapis.com/ Frame CA82 		4 KB
705 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Apr 2023 03:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 03:31:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Apr 2023 03:49:01 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CA82 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 00:25:11 GMT
x-content-type-options
nosniff
age
12230
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 19 Apr 2024 00:25:11 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CA82 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 00:31:56 GMT
x-content-type-options
nosniff
age
11825
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 19 Apr 2024 00:31:56 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/elements/html/ Frame CA82 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 17:46:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
36146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8167
x-xss-protection
0
server
cafe
etag
3140062999518874537
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 May 2023 17:46:35 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 6F45 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
40676
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 May 2023 16:31:05 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/ Frame 6F45 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:25:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
41018
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8756
x-xss-protection
0
server
cafe
etag
5179999606349116156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 May 2023 16:25:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 6F45 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 01:59:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
6556
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 May 2023 01:59:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 6F45 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
41009
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8509
x-xss-protection
0
server
cafe
etag
3034682829645713766
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 May 2023 16:25:32 GMT
l
www.google.com/ads/measurement/ Frame 6F45 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQM0JmV2_MiDiY6Sjqlt42WN7Bq4l8WYj7BRBuac54rvJAVPS4OwbaI0hSIXkJT4HAXZPVwtFp6gFY2hy2QgrKnWy2s1A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6F45 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Apr 2023 03:49:01 GMT
c15427455071565d8097eb04c444439b.js
www.gstatic.com/mysidia/ Frame 6F45 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 01:43:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93954
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14106
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 00:44:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 18 Jul 2023 01:43:07 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame BA6E 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
40676
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 May 2023 16:31:05 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/ Frame BA6E 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:25:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
41018
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8756
x-xss-protection
0
server
cafe
etag
5179999606349116156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 May 2023 16:25:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame BA6E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 01:59:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
6556
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 May 2023 01:59:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame BA6E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
41009
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8509
x-xss-protection
0
server
cafe
etag
3034682829645713766
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 May 2023 16:25:32 GMT
l
www.google.com/ads/measurement/ Frame BA6E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBP2ndl3XRDjbVBoR_3Op92DuGh4n9hAfkG8ZIcv1U5_sNUDcM_OsKV0I1vmoGstuLa5yrYC4C8K2Qp3qTlykjV9Cyxw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BA6E 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Apr 2023 03:49:01 GMT
c15427455071565d8097eb04c444439b.js
www.gstatic.com/mysidia/ Frame BA6E 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 01:43:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93954
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14106
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 00:44:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 18 Jul 2023 01:43:07 GMT
0b76a40db5a0e4006fbd6687403ecdcc.js
www.gstatic.com/mysidia/ Frame 53B7 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0b76a40db5a0e4006fbd6687403ecdcc.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1c09e80f13f58fa8735352042ae3ee483c8d801c705881cc076b3f39cff3375
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 01:43:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93955
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4047
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 00:44:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 18 Jul 2023 01:43:06 GMT
74ec634574f05197de646cb87f0af1bd.js
www.gstatic.com/mysidia/ Frame 53B7 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/74ec634574f05197de646cb87f0af1bd.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31b4e5121cdc6135c30476d258909c0e815737033f335812ab770213f967b7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 01:43:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93955
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4444
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 21:20:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 18 Jul 2023 01:43:06 GMT
css
fonts.googleapis.com/ Frame 53B7 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Apr 2023 03:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 03:29:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Apr 2023 03:49:01 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 53B7 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
40676
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 May 2023 16:31:05 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/ Frame 53B7 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:25:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
41018
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8756
x-xss-protection
0
server
cafe
etag
5179999606349116156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 May 2023 16:25:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 53B7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 01:59:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
6556
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 May 2023 01:59:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 53B7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
41009
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8509
x-xss-protection
0
server
cafe
etag
3034682829645713766
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 May 2023 16:25:32 GMT
l
www.google.com/ads/measurement/ Frame 53B7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxTPJj4UjDA3obJneSYEUK2pfBOvfBcvoY6qbbfSQtmBffdBDgsUTXf2nUiZOaExQnbAhvDMSEDrw_Kg6WTFI4dHSbvg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 53B7 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Apr 2023 03:49:01 GMT
c15427455071565d8097eb04c444439b.js
www.gstatic.com/mysidia/ Frame 53B7 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 01:43:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93954
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14106
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 00:44:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 18 Jul 2023 01:43:07 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7EF3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
31716
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 19:00:25 GMT
etag
48472445140208031
expires
Thu, 20 Apr 2023 19:00:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E1AE 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
31716
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 19:00:25 GMT
etag
48472445140208031
expires
Thu, 20 Apr 2023 19:00:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 53B7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CcGOlLLZAZPvzIJmsgQe2qLfQArf-uNFvqom2_pQOxYiyzZAOEAEg_ZKNZ2CV4pCCoAegAfHDgs4ByAEBqQIRJ-Q3hmGyPqgDAcgDywSqBNwBT9Ay-lcFzRc7K8bgBLXRwYJsIlFSvJgljVTXQW1vCsm6Le5lEXf5rJRJ2t5BWaZ49VZOZuQtbWo3E0C2a08GzyPxA78fGUdJCQKIQ9kc2LN_SKdPuCVtWBEAmq1waqtBVsfMnPSiZ_pc7pMg5vWagD-2X2g5_80Mn17dlaie0o5A8Jptm53nf46mVcKdjNtx5vD2RJrxIHlCkERLlbgyMB992xQyzIh5Q182QhAJPXETauFw48tUkHrTTePAG2DcKPeAvCK9zcXBgOSFNRj22cUnvMKUtCQBc1lQEsAEs7nqrdIDkgUECAQYAZIFBAgFGASAB_e7_bECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQycQ10ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAbQFQGYFgGAFwGyFxwKGggAEhRwdWItNzMzNjk0OTUyNjkxNTQ5ORgA&sigh=lzYCtfxBLOI&uach_m=[UACH]&cid=CAQSOwBygQiDn9Z9Pf-gk4y7SVcBv97Zvi-F86pEPTJKzitwFeLILv1LE3-KjKRHJl0JvObqjg9xl0z8K0BFGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 20 Apr 2023 03:49:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 84C8 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2856
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 03:01:25 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A007 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
31716
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 19:00:25 GMT
etag
48472445140208031
expires
Thu, 20 Apr 2023 19:00:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 7EF3 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKlHG3D69OIpIBgOUyfomr8&google_cver=1&google_push=Aer7DvLNu7GGCugLACQJtjpCr8YdXee8XMOxAZV5X8uOhaJZndpoZqYIqYchZlWePVgAyHM9eTfBWqfSkB7bPr1ASzLhKxE5tbx_OVRE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7EF3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHifwiioHKCIed8sBL4SflY&google_cver=1&google_push=Aer7DvIaZY5-dvTOuE2hfwGzObHxHXofwMAJqgEmKTDObjjbIixjk2XX3jGnPUuiMFglmGEVPnhrHnUDuqRYVE96...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvIaZY5-dvTOuE2hfwGzObHxHXofwMAJqgEmKTDObjjbIixjk2XX3jGnPUuiMFglmGEVPnhrHnUDuqRYVE96dDgv5-bhPlDM-R67
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvIaZY5-dvTOuE2hfwGzObHxHXofwMAJqgEmKTDObjjbIixjk2XX3jGnPUuiMFglmGEVPnhrHnUDuqRYVE96dDgv5-bhPlDM-R67
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 20 Apr 2023 03:49:01 GMT
Server
MT3 830 785530e master zrh-pixel-x10 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvIaZY5-dvTOuE2hfwGzObHxHXofwMAJqgEmKTDObjjbIixjk2XX3jGnPUuiMFglmGEVPnhrHnUDuqRYVE96dDgv5-bhPlDM-R67
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 20 Apr 2023 03:49:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7EF3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKHZzI7odGDx8zQnX6nuXoY&google_push=Aer7DvLHbDRHxo_EB7yZS3deTo7AZutVotu0_peNl0TCGKWuXj442hmWHh...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKHZzI7odGDx8zQnX6nuXoY&google_push=Aer7DvLHbDRHxo_EB7yZS3deTo7AZutVotu0_peNl0TCGKWuXj442hmWHhUA5tZ0JLpMhmAgFeDgdSFmRdYDZFXJ-PA3bkC7Gskyyg1y
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230077-FRA
pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1681962542.915663,VS0,VE99
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKHZzI7odGDx8zQnX6nuXoY&google_push=Aer7DvLHbDRHxo_EB7yZS3deTo7AZutVotu0_peNl0TCGKWuXj442hmWHhUA5tZ0JLpMhmAgFeDgdSFmRdYDZFXJ-PA3bkC7Gskyyg1y
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 7EF3
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEN2OKCC-x-xQAW_UmFlRmQo&google_cver=1&google_push=Aer7DvInCIYYao1BdKkDInAUhr2ZbHw_Wv6_kYPraFhh5mvt0bRbS2rasnF8bs4VbRJZPQWM44n5_M4Gd85...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvInCIYYao1BdKkDInAUhr2ZbHw_Wv6_kYPraFhh5mvt0bRbS2rasnF8bs4VbRJZPQWM44n5_M4Gd857vdFK4ofXozEz7Ne3O1Vx&google_hm=DSY1vcieTY6Pg3aZ...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvInCIYYao1BdKkDInAUhr2ZbHw_Wv6_kYPraFhh5mvt0bRbS2rasnF8bs4VbRJZPQWM44n5_M4Gd857vdFK4ofXozEz7Ne3O1Vx&google_hm=DSY1vcieTY6Pg3aZfG-eq6s
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:01 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvInCIYYao1BdKkDInAUhr2ZbHw_Wv6_kYPraFhh5mvt0bRbS2rasnF8bs4VbRJZPQWM44n5_M4Gd857vdFK4ofXozEz7Ne3O1Vx&google_hm=DSY1vcieTY6Pg3aZfG-eq6s
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7EF3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEED7sI3MXtYMDPsXupa_iBA&google_cver=1&google_push=Aer7DvLOtYQxM5PNn_EPv9--DtSfGcT9-dRCOCRLQROPeTQnjaKJlaZI5ghLhsa6Jhzp7YP5cw8sl5szmYupdGpzoGHA...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEED7sI3MXtYMDPsXupa_iBA&google_cver=1&google_push=Aer7DvLOtYQxM5PNn_EPv9--DtSfGcT9-dRCOCRLQROPeTQnjaKJlaZI5ghLhsa6Jhzp7YP5cw8sl5szmYupdG...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvLOtYQxM5PNn_EPv9--DtSfGcT9-dRCOCRLQROPeTQnjaKJlaZI5ghLhsa6Jhzp7YP5cw8sl5szmYupdGpzoGHAn7TpSflPEU01&google_hm=i9OPDVc_Tq2iL1XFH-r...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvLOtYQxM5PNn_EPv9--DtSfGcT9-dRCOCRLQROPeTQnjaKJlaZI5ghLhsa6Jhzp7YP5cw8sl5szmYupdGpzoGHAn7TpSflPEU01&google_hm=i9OPDVc_Tq2iL1XFH-rSGg==
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvLOtYQxM5PNn_EPv9--DtSfGcT9-dRCOCRLQROPeTQnjaKJlaZI5ghLhsa6Jhzp7YP5cw8sl5szmYupdGpzoGHAn7TpSflPEU01&google_hm=i9OPDVc_Tq2iL1XFH-rSGg==
date
Thu, 20 Apr 2023 03:49:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
dds
rtb.openx.net/sync/ Frame 7EF3 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEAA8bV-Ok3gphtEbepP8B1I&google_cver=1&google_push=Aer7DvJRXqf_DDaQ__75eiw89l6VXQkrFsllSnBzUNkJcyO1mMrowf8WH3oLPppmrzrTK7Zt_Q3RpVf08tec8MuWj4T6l31meecRJWQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:01 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
em1ai3vmo6j5c08871v1olfjqe1anqvh
report
sync.teads.tv/um/ Frame 7EF3
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPNneN48IiHfgdBDTui8gB0&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvJAU3jN6H3qxAvS_S6k6bNwTZAEJ3ptne0VsneGdT59u4mV5bUYluDt4L6VDwm0I-u3tDP--Cv6AEgKy4ojw4cQ5YKfLBiT7g03rA
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Thu, 20 Apr 2023 03:49:02 GMT
pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 7EF3 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LBeQjXpGsRkt6ZMKvS9LFXdDwhkk2jV8fWoPkUEhjmJM9hvNdioYNKAlbfOL6epgn5lvPY_g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
17747162833321475399
tpc.googlesyndication.com/daca_images/simgad/ Frame 6F45 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/17747162833321475399?w=360&h=640
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a163b12aa236d513e9e9b272a4092e117bec805da57432c6d2067b884a37851d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 00:43:42 GMT
x-content-type-options
nosniff
age
11119
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32154
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 16:59:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 27 Apr 2023 00:43:42 GMT
truncated
/ Frame 6F45 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3a1d619298063edae0e34973557554e0c0476c26ff2ad5b56ce1a2d2daeb0d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 1744 		8 KB
966 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Apr 2023 03:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 20 Apr 2023 03:26:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Apr 2023 03:49:01 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 1744 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
40676
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 May 2023 16:31:05 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/ Frame 1744 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:25:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
41018
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8756
x-xss-protection
0
server
cafe
etag
5179999606349116156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 May 2023 16:25:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 1744 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 01:59:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
6556
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 May 2023 01:59:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 1744 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
41009
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8509
x-xss-protection
0
server
cafe
etag
3034682829645713766
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 May 2023 16:25:32 GMT
l
www.google.com/ads/measurement/ Frame 1744 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnO_ivlWuWnx8vg-emy2vk44FTxrX9akdyPoEz-AfRv02rBfengEPsDPeubXrgnySFfC6o6C9Va7HGJi1mtACF0HMhiQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1744 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Apr 2023 03:49:01 GMT
c15427455071565d8097eb04c444439b.js
www.gstatic.com/mysidia/ Frame 1744 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 01:43:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93954
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14106
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 00:44:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 18 Jul 2023 01:43:07 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E1AE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHxIHvgbtlL51-PwR-pEpEI&google_cver=1&google_push=Aer7DvKeMeeo9dVCnySPV3EtRG4Aa53_6d5lqV84CmPtf97iAprc003m8PPrq1QoWcaohKTONmB3L78Ndsqnmx1nyOcJLEdX61z9A2iu
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODA0Mzk0MjE4ODI5MTIwMTMyNg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHxIHvgbtlL51-PwR-pEpEI&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHxIHvgbtlL51-PwR-pEpEI&google_cver=1
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHxIHvgbtlL51-PwR-pEpEI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E1AE
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKlHG3D69OIpIBgOUyfomr8&google_cver=1&google_push=Aer7DvK_GdUinpzUPXg-ZRea-O2j1a2KbcS6YfQzlhhcE6TScU-bmsaxMT...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvK_GdUinpzUPXg-ZRea-O2j1a2KbcS6YfQzlhhcE6TScU-bmsaxMTdmYmsioRFi2wO9YtC8mMPZ7B7vnZzxw495qDjVp8dJn6Lw&google_hm=RyHNGt9x...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvK_GdUinpzUPXg-ZRea-O2j1a2KbcS6YfQzlhhcE6TScU-bmsaxMTdmYmsioRFi2wO9YtC8mMPZ7B7vnZzxw495qDjVp8dJn6Lw&google_hm=RyHNGt9x1SNxZNiNCITw7A
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvK_GdUinpzUPXg-ZRea-O2j1a2KbcS6YfQzlhhcE6TScU-bmsaxMTdmYmsioRFi2wO9YtC8mMPZ7B7vnZzxw495qDjVp8dJn6Lw&google_hm=RyHNGt9x1SNxZNiNCITw7A
pragma
no-cache
date
Thu, 20 Apr 2023 03:49:01 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame E1AE 		42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEDaD6m5z-02YIGSvWe--Rps&google_push=Aer7DvJ7NjsDgJGz9MI5QCnXfuY3dS-XZyuPZ4Nyu7JAoDxHlaZCJzxHdo-eJXo2pP9Adihno9J5ecTIKsaIvcM0xm1Nxiv_Hst1VKs0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:01 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
pixel
cm.g.doubleclick.net/ Frame E1AE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIpS8AX8NkZTjSvEnZUiaMQ&google_cver=1&google_push=Aer7DvI9D7uKs_Qhfxn_C0uDJBC9gw-7nJtxCChtgYilq59W1x1fcyv1hEmfNY5VaOb3wBAYI6nv0KFH...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIpS8AX8NkZTjSvEnZUiaMQ&google_cver=1&google_push=Aer7DvI9D7uKs_Qhfxn_C0uDJBC9gw-7nJtxCChtgYilq59W1x1fcyv1hEmfNY5VaOb3wBAYI6n...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1OTA3OTY3NzIzNDEyNzk2Mg&google_push=Aer7DvI9D7uKs_Qhfxn_C0uDJBC9gw-7nJtxCChtgYilq59W1x1fcyv1hEmfNY5VaOb3wBAYI6nv0K...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1OTA3OTY3NzIzNDEyNzk2Mg&google_push=Aer7DvI9D7uKs_Qhfxn_C0uDJBC9gw-7nJtxCChtgYilq59W1x1fcyv1hEmfNY5VaOb3wBAYI6nv0KFHYjJlhxqOHccyUzcGBIJTiQU6
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDM1OTA3OTY3NzIzNDEyNzk2Mg&google_push=Aer7DvI9D7uKs_Qhfxn_C0uDJBC9gw-7nJtxCChtgYilq59W1x1fcyv1hEmfNY5VaOb3wBAYI6nv0KFHYjJlhxqOHccyUzcGBIJTiQU6
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame E1AE 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEAA8bV-Ok3gphtEbepP8B1I&google_cver=1&google_push=Aer7DvLMh9nvfhefgVK1toQHntth8TCfd5pe_qRy9UzLhPgEo--FfSRp4-GiE2X4FX0WSrjPMWkN9nERpu2fRH-LYw8w598XRqgEVfA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:01 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
knmh8j94um8ufa5qe3bqr9j9p9t200vl
pixel
cm.g.doubleclick.net/ Frame E1AE
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jl4lp5OURXWHunIKpgGVDg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jl4lp5OURXWHunIKpgGVDg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvIWKA8m3nlLXtpgOJaU97-MPgQ6qF37oPhwXFGIX2Epj4wmXKUCFuNlhPUTxQokpBmuN13S4UBFZo02iZ47w8OkPNa_7g3trYF_
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jl4lp5OURXWHunIKpgGVDg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvIWKA8m3nlLXtpgOJaU97-MPgQ6qF37oPhwXFGIX2Epj4wmXKUCFuNlhPUTxQokpBmuN13S4UBFZo02iZ47w8OkPNa_7g3trYF_
date
Thu, 20 Apr 2023 03:49:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E1AE
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDjPXDGmFgpVKHqxWTl-baw&google_cver=1&google_push=Aer7DvL8wcyBy7IDGx8atJAj7i_YQjHgZ2kbk_q1vPLKRl0w_AMl6pIT8AbIJc51BxPgTONepwvpEalos5m5...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvL8wcyBy7IDGx8atJAj7i_YQjHgZ2kbk_q1vPLKRl0w_AMl6pIT8AbIJc51BxPgTONepwvpEalos5m5-O-lHu0Jix39P6HkrHs
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvL8wcyBy7IDGx8atJAj7i_YQjHgZ2kbk_q1vPLKRl0w_AMl6pIT8AbIJc51BxPgTONepwvpEalos5m5-O-lHu0Jix39P6HkrHs
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvL8wcyBy7IDGx8atJAj7i_YQjHgZ2kbk_q1vPLKRl0w_AMl6pIT8AbIJc51BxPgTONepwvpEalos5m5-O-lHu0Jix39P6HkrHs
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame E1AE 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LojUbQnmsb1tF2jPvl9dMYddYVxee0ysm-7nbkRy-w3k8doVTOfLzFLmFJdhBa2vQJGY9V
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
14359386496339236211
tpc.googlesyndication.com/daca_images/simgad/ Frame BA6E 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14359386496339236211?w=360&h=720
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eab741f2e234924fe97356f6817a6f62476b5e358a289edc522e63856f290bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 16:58:49 GMT
x-content-type-options
nosniff
age
39012
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26619
x-xss-protection
0
last-modified
Sun, 16 Apr 2023 22:35:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 26 Apr 2023 16:58:49 GMT
truncated
/ Frame BA6E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33e14db42500bcdc35ca591f85d4b9efa29e6f3a3e23970170839f9a7a5ecb04

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
pagead2.googlesyndication.com/bg/ Frame F823 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 06:50:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
248306
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14077
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 06:50:35 GMT
sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
pagead2.googlesyndication.com/bg/ Frame 8829 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 06:50:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
248306
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14077
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 06:50:35 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6F45 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CbGc3LLZAZPnzIJmsgQe2qLfQAqWg6a1vxsrqopgQwIDs8KYTEAEg_ZKNZ2CV4pCCoAegAaOVs_8DyAEBqQIRJ-Q3hmGyPqgDAcgDywSqBNwBT9BLI7f9XpjT1hox6DTrut9l3G3uuIZztOzqkJAbdNlW1YMx_FT1uUCDBM5Uezw5dahq-P69nygoi8udedkmMcDgqZ-4wP8dAzmJLVTY-lMKVQw_yYXJLtokOgm0gnQHWZHbaFl2u1sX43BgBVnGnvhSHyQQladO5qK-nxYBd4ZVPpZNwQOEV6UezN3xCL-zL18qHcbLtocMOqn9PBN_ks0npgvHJcmPrKW9dukSVJbBftSnfDSnfqEjMqPL5eq7jrJPEGMJZARbLwZT3yBRmw7Xgdl7y4a2PleXTcAEkda5rD2SBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHxepMqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ16w50ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw6IFATQFQGYFgGAFwGyFxwKGggAEhRwdWItNzMzNjk0OTUyNjkxNTQ5ORgA&sigh=PMHBNiqENSE&uach_m=[UACH]&cid=CAQSOwBygQiDn9Z9Pf-gk4y7SVcBv97Zvi-F86pEPTJKzitwFeLILv1LE3-KjKRHJl0JvObqjg9xl0z8K0BFGAE&vis=1
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 20 Apr 2023 03:49:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame BA6E 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CGDvaLLZAZPrzIJmsgQe2qLfQArf-uNFvqom2_pQOxYiyzZAOEAEg_ZKNZ2CV4pCCoAegAfHDgs4ByAEBqQIRJ-Q3hmGyPqgDAcgDywSqBNsBT9BssAqVYiMcafUiJDKsDk6glhj1BgPmuoiGhja0Qx9Rx6jpz_bjGF4bQLfKeCIztvrNYuGMWGXebR_Hvsq7UpDe6cr4bfCYbTQDFRzcVkkk7CZyBVvf484NNO7_OFOPJ0ugthFdf_LJXB3U0ltCaJ_mP4BaOFXvOtzVmAbA7VmNC-7YWPTupR2a_I0cERMO8MW2GPBMafXRMV-c__ee4CByMhV_ZwgoqcEAL6IIK9U1eGfeIbu3S-WxAVV3WJThLCRPGfoQ8-wZ41RZcSp3IvTwhwJfh4woenu7wASzueqt0gOSBQQIBBgBkgUECAUYBKAGAoAH97v9sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDZ71rSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUBtAVAZgWAYAXAbIXHAoaCAASFHB1Yi03MzM2OTQ5NTI2OTE1NDk5GAA&sigh=pQdiYp8ajdw&uach_m=[UACH]&cid=CAQSOwBygQiDn9Z9Pf-gk4y7SVcBv97Zvi-F86pEPTJKzitwFeLILv1LE3-KjKRHJl0JvObqjg9xl0z8K0BFGAE&vis=1
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 20 Apr 2023 03:49:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame A007 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEK5QcV42deWMhFnqegCWvEs&google_cver=1&google_push=Aer7DvIEHi_1wPAsRzWAimjNkiDk3bSu8TwDpPeeyh9vNGTxmxUyR2XIK_kBWWUZ2OYtEmw-Q7p8kRir_B2LNJSboL4FIr9JQmO-e0GC
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame A007
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHr1pXeyXHYkwEV1k2u_rRs&google_cver=1&google_push=Aer7DvJ_VU-5J8GV2ZYiSvbh3l1s3juSvAzieAyEAh91TNLwzHeWaTBJPiXHLOkotoeJqsD8kWygr73ETxvNn9GLhaet7IfUqEdsM...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHr1pXeyXHYkwEV1k2u_rRs&google_cver=1&google_push=Aer7DvJ_VU-5J8GV2ZYiSvbh3l1s3juSvAzieAyEAh91TNLwzHeWaTBJPiXHLOkotoeJqsD8kWygr73ETxvNn9GLhaet7IfUqEd...
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHr1pXeyXHYkwEV1k2u_rRs&google_cver=1&google_push=Aer7DvJ_VU-5J8GV2ZYiSvbh3l1s3juSvAzieAyEAh91TNLwzHeWaTBJPiXHLOkotoeJqsD8kWygr73ETxvNn9GLhaet7IfUqEdsM96s&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJ_VU-5J8GV2ZYiSvbh3l1s3juSvAzieAyEAh91TNLwzHeWaTBJPiXHLOkotoeJqsD8kWygr73ETxvNn9GLhaet7IfUqEdsM96s%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7baa6a415bad362f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
880
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHr1pXeyXHYkwEV1k2u_rRs&google_cver=1&google_push=Aer7DvJ_VU-5J8GV2ZYiSvbh3l1s3juSvAzieAyEAh91TNLwzHeWaTBJPiXHLOkotoeJqsD8kWygr73ETxvNn9GLhaet7IfUqEdsM96s&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJ_VU-5J8GV2ZYiSvbh3l1s3juSvAzieAyEAh91TNLwzHeWaTBJPiXHLOkotoeJqsD8kWygr73ETxvNn9GLhaet7IfUqEdsM96s%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7baa6a3f9a2e362f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame A007 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEI2sF18UrDFJjWF_agBFAQg&google_cver=1&google_push=Aer7DvIbtmzJpwWPZlnjwA5HTeKypYh9vV6aLBhno0Ga69rwQs99EuMJ2BjfBR2v4Jq_e4vZphUMRY_oLVKaOY00RbHObCQzC04Ssc8x
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame A007
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEN2OKCC-x-xQAW_UmFlRmQo&google_cver=1&google_push=Aer7DvLSxjfp6_1ec_jHqWAltrNqWm21Eilk_WZtmpE67lc5MLodPHq2ztEYBhIrJcxPkDPCdPqqQfjK6qm...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvLSxjfp6_1ec_jHqWAltrNqWm21Eilk_WZtmpE67lc5MLodPHq2ztEYBhIrJcxPkDPCdPqqQfjK6qm6AQGRf1pqrS_SQDndxdXg&google_hm=DSY1vcieTY6Pg3aZ...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvLSxjfp6_1ec_jHqWAltrNqWm21Eilk_WZtmpE67lc5MLodPHq2ztEYBhIrJcxPkDPCdPqqQfjK6qm6AQGRf1pqrS_SQDndxdXg&google_hm=DSY1vcieTY6Pg3aZfG-eq6s
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvLSxjfp6_1ec_jHqWAltrNqWm21Eilk_WZtmpE67lc5MLodPHq2ztEYBhIrJcxPkDPCdPqqQfjK6qm6AQGRf1pqrS_SQDndxdXg&google_hm=DSY1vcieTY6Pg3aZfG-eq6s
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A007
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPhLN1kmBG6W3ZLLh8JRWEc&google_cver=1&google_push=Aer7DvKuKipJvrKdtIKL0FkM6dHC2I5MPcdddr7F2Pr7DJeQfDqZDxnNSALTItu-syYcxQeiKyj6AxiDnpH4k1...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMzk3NDExMDk4NzIyMTEzOQ%3D%3D&google_push=Aer7DvKuKipJvrKdtIKL0FkM6dHC2I5MPcdddr7F2Pr7DJeQfDqZDxnNSALTItu-syYcxQeiKyj6AxiDnpH4k1vCoQ...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMzk3NDExMDk4NzIyMTEzOQ%3D%3D&google_push=Aer7DvKuKipJvrKdtIKL0FkM6dHC2I5MPcdddr7F2Pr7DJeQfDqZDxnNSALTItu-syYcxQeiKyj6AxiDnpH4k1vCoQUnsfLppiY5kj9_
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyMzk3NDExMDk4NzIyMTEzOQ%3D%3D&google_push=Aer7DvKuKipJvrKdtIKL0FkM6dHC2I5MPcdddr7F2Pr7DJeQfDqZDxnNSALTItu-syYcxQeiKyj6AxiDnpH4k1vCoQUnsfLppiY5kj9_
Date
Thu, 20 Apr 2023 03:49:02 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame A007
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEKxzHXbnFWQRYf8G3r9AgKQ&google_cver=1&google_push=Aer7DvJ623bNDNF4IyqQJ_S5eWI4ZnL32rdd_F8KUAXaStx-WMi_z6lWaDBZd-pg7TNYLlBdCTyVt8fmHLwRDEZM...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NTXSpvm8T56dhtpa0LAwJw2&google_push=Aer7DvJ623bNDNF4IyqQJ_S5eWI4ZnL32rdd_F8KUAXaStx-WMi_z6lWaDBZd-pg7TNYLlBdCTyVt8fmHLwRDEZML0u0RH4YViqR9Hoi
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NTXSpvm8T56dhtpa0LAwJw2&google_push=Aer7DvJ623bNDNF4IyqQJ_S5eWI4ZnL32rdd_F8KUAXaStx-WMi_z6lWaDBZd-pg7TNYLlBdCTyVt8fmHLwRDEZML0u0RH4YViqR9Hoi
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 20 Apr 2023 03:49:02 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NTXSpvm8T56dhtpa0LAwJw2&google_push=Aer7DvJ623bNDNF4IyqQJ_S5eWI4ZnL32rdd_F8KUAXaStx-WMi_z6lWaDBZd-pg7TNYLlBdCTyVt8fmHLwRDEZML0u0RH4YViqR9Hoi
x-host
tde-deliveryengine-production-64c8469d98-t6vwg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame A007
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIpS8AX8NkZTjSvEnZUiaMQ&google_cver=1&google_push=Aer7DvJW2xoopglKTOxhiyOrgeb_eqyGVc7Z67iOKSTy7M3iOxVb5E4F--lNRguAxId6i-mmTwX5r8KI...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIpS8AX8NkZTjSvEnZUiaMQ&google_cver=1&google_push=Aer7DvJW2xoopglKTOxhiyOrgeb_eqyGVc7Z67iOKSTy7M3iOxVb5E4F--lNRguAxId6i-mmTwX...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMzkwOTQ2MTU0ODk4MTUxNg&google_push=Aer7DvJW2xoopglKTOxhiyOrgeb_eqyGVc7Z67iOKSTy7M3iOxVb5E4F--lNRguAxId6i-mmTwX5r8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMzkwOTQ2MTU0ODk4MTUxNg&google_push=Aer7DvJW2xoopglKTOxhiyOrgeb_eqyGVc7Z67iOKSTy7M3iOxVb5E4F--lNRguAxId6i-mmTwX5r8KIgcFvC8xuTBvtYxyznGeYFpRq
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMzkwOTQ2MTU0ODk4MTUxNg&google_push=Aer7DvJW2xoopglKTOxhiyOrgeb_eqyGVc7Z67iOKSTy7M3iOxVb5E4F--lNRguAxId6i-mmTwX5r8KIgcFvC8xuTBvtYxyznGeYFpRq
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame A007 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JrUJhnpBVgQR9_t5OdZngPHcWSQmYFQejQjGLcwjzcOS-1Fq26zWo7ZsNGPA4HkqR1i5yE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:01 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
s
googleads.g.doubleclick.net/pagead/drt/ Frame 989D 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2857
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 03:01:25 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7EF5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
31717
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 19:00:25 GMT
etag
48472445140208031
expires
Thu, 20 Apr 2023 19:00:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 84C8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 03:49:02 GMT
expires
Thu, 20 Apr 2023 03:49:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 03:49:02 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
pagead2.googlesyndication.com/bg/ Frame 4655 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 06:50:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
248307
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14077
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 06:50:35 GMT
/
www.facebook.com/tr/ Frame FCDB 		0
71 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://dearsafrica.org
Referer
https://dearsafrica.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://dearsafrica.org
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 03:49:02 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 7EF5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkVDMkxRQUVEeXV4RGdBbg==&google_gid=CAESEKHZzI7odGDx8zQnX6nuXoY&google_cver=1&google_push=Aer7DvK_6JyiRudvVOYrRVWEFb0zDClNc7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkVDMkxRQUVEeXV4RGdBbg==&google_gid=CAESEKHZzI7odGDx8zQnX6nuXoY&google_cver=1&google_push=Aer7DvK_6JyiRudvVOYrRVWEFb0zDClNc7fQFloSYhion8jJwmhiNPWmqIQ-2LrOZVzo2IyT2ibyZS-Dn3oeZ1cpymCPBlbIksAhsw
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230077-FRA
pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1681962542.210459,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkVDMkxRQUVEeXV4RGdBbg==&google_gid=CAESEKHZzI7odGDx8zQnX6nuXoY&google_cver=1&google_push=Aer7DvK_6JyiRudvVOYrRVWEFb0zDClNc7fQFloSYhion8jJwmhiNPWmqIQ-2LrOZVzo2IyT2ibyZS-Dn3oeZ1cpymCPBlbIksAhsw
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 7EF5
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEN2OKCC-x-xQAW_UmFlRmQo&google_cver=1&google_push=Aer7DvJ5bSQ-s4QW38Xq4Z8O1eEjlHJh4PRsH7vkmz0x84MhCTBBm2z4P7yv4bgmUqjWmjK7BfuZWr8aD-4...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvJ5bSQ-s4QW38Xq4Z8O1eEjlHJh4PRsH7vkmz0x84MhCTBBm2z4P7yv4bgmUqjWmjK7BfuZWr8aD-4XtG7vCPhjlyeyK_27&google_hm=DSY1vcieTY6Pg3aZfG-eq6s
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvJ5bSQ-s4QW38Xq4Z8O1eEjlHJh4PRsH7vkmz0x84MhCTBBm2z4P7yv4bgmUqjWmjK7BfuZWr8aD-4XtG7vCPhjlyeyK_27&google_hm=DSY1vcieTY6Pg3aZfG-eq6s
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:01 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvJ5bSQ-s4QW38Xq4Z8O1eEjlHJh4PRsH7vkmz0x84MhCTBBm2z4P7yv4bgmUqjWmjK7BfuZWr8aD-4XtG7vCPhjlyeyK_27&google_hm=DSY1vcieTY6Pg3aZfG-eq6s
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7EF5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEED7sI3MXtYMDPsXupa_iBA&google_cver=1&google_push=Aer7DvKAkmIwp42cCLm04HjwgQRSgFbOnfNAmUwz4Gy4SGZvI_BjLR5X26HjESgwnt0CAkuVfP9vtMHMcQXF8vRsIeap...
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5141210824598612579&expires=30&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvKAkmIwp42cCLm04HjwgQRSgFbOnfNAmUwz4Gy4SGZvI_BjLR5X26HjESgwnt0CAkuVfP9vtMHMcQXF8vRsIeapQsoaXQltQg&google_hm=i9OPDVc_Tq2iL1XFH-rSGg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvKAkmIwp42cCLm04HjwgQRSgFbOnfNAmUwz4Gy4SGZvI_BjLR5X26HjESgwnt0CAkuVfP9vtMHMcQXF8vRsIeapQsoaXQltQg&google_hm=i9OPDVc_Tq2iL1XFH-rSGg==
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvKAkmIwp42cCLm04HjwgQRSgFbOnfNAmUwz4Gy4SGZvI_BjLR5X26HjESgwnt0CAkuVfP9vtMHMcQXF8vRsIeapQsoaXQltQg&google_hm=i9OPDVc_Tq2iL1XFH-rSGg==
date
Thu, 20 Apr 2023 03:49:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7EF5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDcpMaqqju9eD-gLSQFXsOM&google_cver=1&google_push=Aer7DvLv5k0-stDrZ0_eEMEpOhIh0r2MAFxiyvSvAnqk61FzyreoYk81YRvnXXyGx2WzVqQjnGAh-IJyPpzQtc_sWLmnXHi...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLv5k0-stDrZ0_eEMEpOhIh0r2MAFxiyvSvAnqk61FzyreoYk81YRvnXXyGx2WzVqQjnGAh-IJyPpzQtc_sWLmnXHiTj6rQPw&google_hm=eS1FekxNVzFORTJwRkdW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLv5k0-stDrZ0_eEMEpOhIh0r2MAFxiyvSvAnqk61FzyreoYk81YRvnXXyGx2WzVqQjnGAh-IJyPpzQtc_sWLmnXHiTj6rQPw&google_hm=eS1FekxNVzFORTJwRkdWOERzdzVFaEdoSXJ4WmRUMkVzMH5B
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 20 Apr 2023 03:49:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLv5k0-stDrZ0_eEMEpOhIh0r2MAFxiyvSvAnqk61FzyreoYk81YRvnXXyGx2WzVqQjnGAh-IJyPpzQtc_sWLmnXHiTj6rQPw&google_hm=eS1FekxNVzFORTJwRkdWOERzdzVFaEdoSXJ4WmRUMkVzMH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7EF5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIpS8AX8NkZTjSvEnZUiaMQ&google_cver=1&google_push=Aer7DvI7t8itdEnYUCBRZYaatGo_SqYG6dKbfcgENYR2T5rVxqqGGiYg12YqyONqsA6A3M1PTuiyqhFV...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMzkwOTQ2MTU0ODk4MTUxNg&google_push=Aer7DvI7t8itdEnYUCBRZYaatGo_SqYG6dKbfcgENYR2T5rVxqqGGiYg12YqyONqsA6A3M1PTuiyqh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMzkwOTQ2MTU0ODk4MTUxNg&google_push=Aer7DvI7t8itdEnYUCBRZYaatGo_SqYG6dKbfcgENYR2T5rVxqqGGiYg12YqyONqsA6A3M1PTuiyqhFVG4a28DTx-Ieb1ozTe90nyA
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUxMzkwOTQ2MTU0ODk4MTUxNg&google_push=Aer7DvI7t8itdEnYUCBRZYaatGo_SqYG6dKbfcgENYR2T5rVxqqGGiYg12YqyONqsA6A3M1PTuiyqhFVG4a28DTx-Ieb1ozTe90nyA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 7EF5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKFHi4ZryMfWMW0W_uzLVD0&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKFHi4ZryMfWMW0W_uzLVD0&google_push=Ae...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKFHi4ZryMfWMW0W_uzLVD0&google_hm=ZEC2LjT2l4Be43jax8GsNAAACJMAAAAB&google_nid=index&google_push=Aer7DvLly9bQbZD0PnzLLcmp2K-MxKD_PQiRm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKFHi4ZryMfWMW0W_uzLVD0&google_hm=ZEC2LjT2l4Be43jax8GsNAAACJMAAAAB&google_nid=index&google_push=Aer7DvLly9bQbZD0PnzLLcmp2K-MxKD_PQiRmx_vUhwRVGdN7uRAQkOunLbkGVnn1Mg87pNVNzpE50CxyHOFC_cwxa6B71nxSuAkEQ
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 20 Apr 2023 03:49:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKFHi4ZryMfWMW0W_uzLVD0&google_hm=ZEC2LjT2l4Be43jax8GsNAAACJMAAAAB&google_nid=index&google_push=Aer7DvLly9bQbZD0PnzLLcmp2K-MxKD_PQiRmx_vUhwRVGdN7uRAQkOunLbkGVnn1Mg87pNVNzpE50CxyHOFC_cwxa6B71nxSuAkEQ
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7EF5
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDjPXDGmFgpVKHqxWTl-baw&google_cver=1&google_push=Aer7DvK8XOD9LXsk70y-sTkpTb-4n_gkOcv8x-H_ueUS_aJdFNf4cGQ8-iLCVErgvW8drfpiOBSeGBTbZVPv...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvK8XOD9LXsk70y-sTkpTb-4n_gkOcv8x-H_ueUS_aJdFNf4cGQ8-iLCVErgvW8drfpiOBSeGBTbZVPvCa2Vp2PXUF9EX6TTAw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvK8XOD9LXsk70y-sTkpTb-4n_gkOcv8x-H_ueUS_aJdFNf4cGQ8-iLCVErgvW8drfpiOBSeGBTbZVPvCa2Vp2PXUF9EX6TTAw
Requested by
Host: dearsafrica.org
URL: https://dearsafrica.org/telegram/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvK8XOD9LXsk70y-sTkpTb-4n_gkOcv8x-H_ueUS_aJdFNf4cGQ8-iLCVErgvW8drfpiOBSeGBTbZVPvCa2Vp2PXUF9EX6TTAw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 7EF5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KPdZfii66sUCJmdu6FaVcSFFeb-uBEyu0Z29V69QAe1uGSKbEhcM5rbXjwS_yc2bULPShI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 989D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 03:49:02 GMT
expires
Thu, 20 Apr 2023 03:49:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 03:49:02 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
openbridge3.js
connect.facebook.net/signals/plugins/ 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/openbridge3.js?v=2.9.102
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9bd0801ac81047112424d81c4b57d1dc404f21a0f07098e31f7b8e56655898a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Apr 2023 03:49:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
44020
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
OriM9nfMYn1RdHQlL5JqwdpU4b9hS1FgquNizuSvi+ppWC/bVP6nyFC9pkjBobiXrX/MkPjO2gWG9UK1mB/kkA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230417&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7336949526915499&plah=dearsafrica.org&bust=31074011
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23c4601fae76094f47515a138530f5aea78eaf90ea77c0dc73ad8655d487d8a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11304
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7336949526915499&plah=dearsafrica.org&bust=31074011
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 20 Apr 2023 03:49:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3C5D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dearsafrica.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
62557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 10:26:25 GMT
expires
Thu, 18 Apr 2024 10:26:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E50F 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3816b822a4bc2a732507469ff33bb474762e3eb6f918f8a9680343fd45fa0f1a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5cCstI4_PGcOFUTEHkVbzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dearsafrica.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-5cCstI4_PGcOFUTEHkVbzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 03:49:02 GMT
expires
Thu, 20 Apr 2023 03:49:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
pagead2.googlesyndication.com/bg/ Frame 3C5D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 06:50:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
248307
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14077
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 06:50:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E50F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230417&jk=3786117177548333&rc=05ALnTWt5k7i0wF1zrtj7DFUKCu4-o77AJydeMdfm7mk08myQFnfBtCtcIl8ze6qXHHGKTZAwTN-BfKNwuGJ6UcDMH3t1qRW_6N0Z_sFCu2DqFjH1EbZ1cI_fAR2CG08zYbZZZyzVvZsCg6DwuK69trfr9Wlu0YvLg6F17hLqHx0ejp752mfExNLf2-4DiHa_N0SkxrudWNBIjz4hh1VG3F4o_zouHCw80I9-F9n2artWuW2Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 3C5D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8H6PQA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:49:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame BA6E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszEfSJ-fBpuiQv6RaOnkTWcjlRlxssRbrm-FvOUQRvmkLjbr1YNKZrlIebwzwT-vWgKwG1IDGRFIgXQEI4V9erMnoJ0-K1okpCGCN30jJAOr8ItCiCFDHmrwuywJYL9HCWmNdxoQ&sai=AMfl-YQbwdsjD4ZZSkbTp7u_TIymPSOJ6oP0B5FSmqlRV-9rvppijuaPHIpUd2Xbyr49wd2F8T6IPHBepdOxeTxtFhptj6CxM6-uDBwH7Lhr9u7p0x9-8cbdNbTIvng&sig=Cg0ArKJSzCJA1RfLUtujEAE&cid=CAQSOwBygQiDn9Z9Pf-gk4y7SVcBv97Zvi-F86pEPTJKzitwFeLILv1LE3-KjKRHJl0JvObqjg9xl0z8K0BFGAE&id=lidar2&mcvt=1001&p=-50,0,450,200&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681962541573&rpt=367&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6F45 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXX1TckIC1mmRsBtj7JELvgF3iywYBEptXGf8fezei7fV8IBlPurc3B05wOTrSK9TEiP0mnl-Zmj8bpgbb1AMBypvxtXur-MJdPtUZUpc66l4jLZEo-rUB3JwaAutCPMW-AT3L5gK6eZPYE4s9zRT4adgv1hzlDDOBOQ&sai=AMfl-YS-ddLV41W5JEpa-Uw1NLFscG7cBFled2zjTTWRrKONOKt2sG3BmgSsEB8kFuQ1sONSGBlE3wyU9RhbuQucCbnITOXq_5oKhX9IwT_lQ1VrjquZTcR87ePhJ9A&sig=Cg0ArKJSzLzVHb5ywge7EAE&cid=CAQSOwBygQiDn9Z9Pf-gk4y7SVcBv97Zvi-F86pEPTJKzitwFeLILv1LE3-KjKRHJl0JvObqjg9xl0z8K0BFGAE&id=lidar2&mcvt=1004&p=-72,0,428,200&mtos=0,0,1004,1004,1004&tos=0,0,1004,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=0.71&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681962541570&rpt=321&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Apr 2023 03:49:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230417&jk=3786117177548333&bg=!5uWl5bHNAAZA7GLoYOw7ADkAdvg8WoqgmnuTB-18qKpxxx3JbOLU2ukA4bkHfO8dec_8oms-znMWmMiqL45n2pJNS6pEvSbVK3UCAAAAVlIAAAACaAEHCgAuOIb2tZuhsbHd5SIzEjFipPqsHXiygBx2kGSvKpULwJbUCtJKe2CZQ5vhro1_BpkC0YMDPbF7m9mmzgVmFppKppVveoVQy4VzQkUT-cXHW-yZInlaEj4PRj7_cp6NR9WzRLdFj7TnUrc5gOepFKEoJfMugywsiPVeINRjgImNrS32XM_xXoO8vfCOisDl9rM2WMLubnBpWhF0OFN4K6ZKhfV82g0V8hDK3TT0BviM0MglMzEnOZV0iKXyATMq4Hgillw5EHogBKOJWZyP73r2HV-5g27lzfqCSCd0r9c5cOG53u2g03EjjewIaBz1RLrT1N2M9Gox2vri3bwOECmMfWOr4prJnqfCt61KaZbZ1CWWKmE0wUgw6x1xVvnk3rNwNMKuysguBgKHXzLQCPrUFHF3OmShUCtUzDfR5uXnuTpBQ_DZaupcExhAxUVXmYcwVWqKxQopNt-IxvXKF65dcTQFSxrf0T2BcerH_VVY3xDQ40_dv1ljQlTeWmtBRVp_BVgExJkd_aCRnUco2169wJe6t8PoZs7KTl9XPhLZzuegP6VUobfd43izCfTMfT3cP0HU6h1GcqhIYI0-SkIimm4RNHBYV0TAEKjLOsy889HizrCgHJQFdS77Q3tw0jYtkPocml87Wxb9Iu-azjY4k0ArlvPVHZLJnQ2nFae5w5RIOI35nmDr6ar1_cQc6wBbsv9-W1tds_jhrBWlazBHUeTEajm3DqnDFJ_o6anJabanis8Jndb1dl6fPHUfIavOnDr7GUuZC4Zamh-cTqtHmybQG5yzhGEf8h1iUDDPPtXvMKuKZXo8Ph662_m1q0ZWgNjETd-yTd_JB3X-ZrL4FpCaeJlKSBVQPOODVw5ImL0-w9fSHUviuQJAInD202Q561uqE6G8cU9zlpkSd_LO9CWlbLGgSKtWhRq2rm05AzzmsSh-gB3jhaIvB7ROvwCvEQ4HLkJlc2kTJC2uKLIdRPeNzaqQ70JXbS6WxUnpn_spFo3GgjpBNxFfyxYM9ByrbeI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dearsafrica.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 boolean| credentialless object| _wpemojiSettings undefined| $ function| jQuery object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields function| fbq function| _fbq function| updateConfig object| adsbygoogle object| twemoji object| wp object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| swv object| wpcf7 object| twentyseventeenScreenReaderText function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox object| gtranslateSettings object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| doGTranslate function| googleTranslateElementInit2 object| google_ama_state number| google_rum_task_id_counter object| googletag object| recaptcha object| closure_lm_448290 object| google_llp object| regeneratorRuntime object| GoogleGcLKhOms object| google_image_requests

31 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ALnTWt694Alg28fXRMjzBpdyHUfzK-cLpPWRBcUv_pinbCAfGdsKNaIEW06ANqOYMaR93kTfswA7xNrz7hgECNk
.dearsafrica.org/ Name: __gads
Value: ID=2323b346cdc9eb43-220f6d2ba1dd0027:T=1681962540:RT=1681962540:S=ALNI_MaRH6njP7SwuePHZwAsmHyI9bLz9A
.dearsafrica.org/ Name: __gpi
Value: UID=00000bd84862a4b0:T=1681962540:RT=1681962540:S=ALNI_Mav2Z74ZW3U6d0v0BLY8TxqZYzepA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUmjg1_riy8l8w-Iyo-TzMqWmAwYpn-YQ5cOYzB2an5PhDboYXDitNVbjnTyr5s
.dearsafrica.org/ Name: _fbp
Value: fb.1.1681962541591.2018764901
.bidswitch.net/ Name: tuuid
Value: 8bd38f0d-573f-4ead-a22f-55c51fead21a
.bidswitch.net/ Name: c
Value: 1681962541
.bidswitch.net/ Name: tuuid_lu
Value: 1681962541
.quantserve.com/ Name: d
Value: EFYBCQHmKIEA
.quantserve.com/ Name: mc
Value: 6440b62d-e1413-5b700-11ef5
.mathtag.com/ Name: uuid
Value: c0a36440-b62e-4700-a9e6-02d8b1070201
.mathtag.com/ Name: mt_mop
Value: 4:1681962542
.ctnsnet.com/ Name: gid_CAESEN2OKCC-x-xQAW_UmFlRmQo
Value: 1
.ctnsnet.com/ Name: cid
Value: 0d2635bdc89e4d8e8f8376997c6f9eab
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.adfarm1.adition.com/ Name: UserID1
Value: 7223974110987221139
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZEC2LQAEDyuxDgAn
.turn.com/ Name: uid
Value: 8043942188291201326
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%223535D2A6-F9BC-4F9E-9D86-DA5AD0B03027%22%7D
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 8E5E25A7-9394-4575-87BA-720AA601950E
.adform.net/ Name: uid
Value: 7513909461548981516
.casalemedia.com/ Name: CMID
Value: ZEC2LjT2l4Be43jax8GsNAAA
.casalemedia.com/ Name: CMPS
Value: 2195
.casalemedia.com/ Name: CMPRO
Value: 2195
.yahoo.com/ Name: A3
Value: d=AQABBC62QGQCEJEMmnx4AE9IHWVGUV2zprcFEgEBAQEHQmRKZAAAAAAA_eMAAA&S=AQAAArgWDUc28KaC3kn3nEx6mVM
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjG1tDAzNDI1txTiM9Q1SAr19_LLyqx0LM8HACXCdh4lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZmFoaWZkamJkbGIJAJWW1TwQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjG1tDAzNDI1txTiM9Q1SAr19_LLyqx0LM8HACXCdh4lAAAA
.tribalfusion.com/ Name: ANON_ID
Value: a9nseFs2aF8pAJsbYLnZdix0Trdp0BvooZagUHYCrdNiP0Ur4UaqZaq4sbX1ZdiaP0SmxKqRuHP5EZa55ZbtEPP2O3

1 Console Messages

Source Level URL
Text
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-7336949526915499&fa=1&ifi=7&uci=a!7&btvi=5&xpc=IafDdNgj5g&p=https%3A//dearsafrica.org
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
assets.dearsafrica.org
buttons-config.sharethis.com
c1.adform.net
cdn.dearsafrica.org
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
count-server.sharethis.com
dclk-match.dotomi.com
dearsafrica.org
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
image6.pubmatic.com
l.sharethis.com
match.adsrvr.org
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform-api.sharethis.com
platform-cdn.sharethis.com
pr-bh.ybp.yahoo.com
r.turn.com
rtb.openx.net
s.tribalfusion.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.111.217.42
129.232.251.154
13.32.121.81
13.32.99.51
142.250.186.66
151.101.66.49
18.194.221.34
185.29.132.245
185.64.189.115
185.80.39.216
193.0.160.131
2001:678:cb4:bbbb::11
2600:9000:2057:400:6:6970:9500:93a1
2600:9000:206f:4200:c:abe:f440:93a1
2600:9000:20eb:ae00:16:4bdd:dd40:93a1
2600:9000:2156:f000:1d:85c3:6640:93a1
2606:4700::6812:18ad
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a02:fa8:8806:16::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3601:c9a:40f3:f9e6:2273
34.160.236.64
35.186.193.173
35.186.253.211
35.190.0.66
35.71.131.137
37.157.3.30
51.89.9.251
52.59.45.125
85.114.159.118
02184fccc5b5201d2e518893591044f658e78a9db0bb20e0c3865681548cb82e
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
03e42b95e9049816d901eabbe2a2247deda61a85972e3a50e3c8274e6c5fe39b
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
07847efe9fad4be13de0f33c08a56fbac9572e75bc9ee1020c4ea356a195a84c
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dd87ad81cb47a3f7883744163a0833ccf1a60beec8cf1be4020091b6c50d54f
0f06de278c5d95689eb205e7064e29b4ebc879a3a25964b701aed7b23190b33c
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
117991968e3bbb57a1520ba7d9af9f54cc8a7775cb25352ef34a783ae3742119
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c98a8d8813ac4e8d1d79e5b5981c41ecce80bfdb7e55b70430e429690a0dbfe
23c4601fae76094f47515a138530f5aea78eaf90ea77c0dc73ad8655d487d8a3
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b4e5121cdc6135c30476d258909c0e815737033f335812ab770213f967b7bd
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332424fb2ddf89a7444e2eec115092c170270832cda90855732278868d7c6482
33e14db42500bcdc35ca591f85d4b9efa29e6f3a3e23970170839f9a7a5ecb04
37fa576d4c1a5e70993a211461fabe5e8473af031573b57dcfd7874bedb39d6a
3816b822a4bc2a732507469ff33bb474762e3eb6f918f8a9680343fd45fa0f1a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5054ab369966fea3657ac6af00c3bc47bdc9e7b5114e61d1764be06213ca9781
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
549659e7ff05165f2e9a676707b60642b803eca020bbca690a42bf327255dad6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56735b66567ca6c378f79273b70e026041be1a28bfea0e8e1a4e92af26d23cb1
59df5409d69ed28fe36c0f1ed2cc50158faac96d084bd13907d78fb7d8b37b3c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b9f8309656f0c7dbd03d7646bd1ee4cfbe6721997150b3a60521f1e616f9776
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65dc4a7b107dcd9a3c8cfd19650394a7539e3f47c8ab72091e1145a6244dd0b2
6b49f91c87827ee6adc5a811c73e6a1b493adc72a8c0a832fc4c77e80c0226ed
74b88e3c74597c256390ff0cf19b7bc9c5427ca2b0651959c164b29253965871
75d7fd1066c67dfe078b0cf1fe3863d2b883076cb6f4e41988708179f7e18488
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7891e6bb22eae7c897e06efef59efc26a4e44cddde779a0a34b359f29e2c9b8a
791deb7394e238c31ebe7fade04592d5a73beb2e1d78634157c50b761e0f395a
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7fe2ae3eac86351d18833e6b99c96898f6b86bcceb1aff6cc2654b3ecde69936
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
8511c345649a2b0095992aa763caf18ea19bf39ef02d1078bc479a019f84dd89
8d14f2497cfd1f8d4c1565de2a76ee5454599bc12196006e9776dec30de531ce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da2f8a788f4bbf95aa3543f6c7fb021830489796b8545e01cf83b0d7b09e911
8df377dfa6d8c4df5a696b874261392fef0c1025e8e629d0ac353b56de864166
8fe90aba175ffd8e1a4e7e35b54de7dc3dfccec7a34131525d9fbe91e1278d51
94f229715266533168e8bde4c66fc0b249d45e022cb9cc333495f4a68a702017
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
96aaab9a34711f1beef1c63071b992a7f3cb17654956cc09859d7a4dc71ab1f3
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a07264b4b900fa0010e3e080909d33888b36815964b96601c3e68fc3a4dc5b9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd0801ac81047112424d81c4b57d1dc404f21a0f07098e31f7b8e56655898a2
9eab741f2e234924fe97356f6817a6f62476b5e358a289edc522e63856f290bb
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a163b12aa236d513e9e9b272a4092e117bec805da57432c6d2067b884a37851d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
b51ae7b8866a52766cec77a3e88c209f5b4c91a67c82e8c8404f86c382b0bc72
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf817ee4b2d4e9d98e05e1382d295f8f10fef43770cd4e291d924a5d0afc8cc2
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
c7b136b24eecfa90c6cb4c5d86dc471cca986f61a73f9330e2c578e0c5384037
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034
cdfdf586f38cfb19c6264343cc6a64adce7ff0961834e96a2f912f01dc29e3f0
ce2dbd2686de9e7f4b69ff388c1a03f73fca2f339b5f217b2646ae240badaead
d1c09e80f13f58fa8735352042ae3ee483c8d801c705881cc076b3f39cff3375
d3a1d619298063edae0e34973557554e0c0476c26ff2ad5b56ce1a2d2daeb0d8
d3ead83c86c66f06cf62e8f70af28b997a4ce1cf3f75c3743648e2c12ff49d01
d603002a80270f5a0960c6646b64c56a7bbf489ac640b5d34d7f5a73c1432029
d64318e42a2c65a248f58ed2d5cb4159898e16c9a3684ef3c83a6507b02afaa7
d7a1bdec6b5209de5be156a573409f2f9e30488cca22fb380d2234057c7973f1
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
ddb540cf22f5ebc0487cc5278510b771875384b8195b661d7d929d4d05bcc093
de46013c87c1d6b0e4804a6bd8be50f2c5f961c5adbc42ba40b8913af33afe75
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eccf45df26221553a12a10101c031bcb43321c2a6b692eaae3d8bc243fa90c21
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0789236984b5b60fa6f796473e93c97ee99310911af9a0a3a95305034549733
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f7c8e2f2c84102e0220f49c2b49d4510d84b1afb4bf8ad4c857a7c66c560e8d1
f85e538e44687fc0feaa2f66a67831ec9f9b03446f115dec74b996da4a0a4a52
fb6158dc6c3f946e6a16494542ed9b921e69b0cf87440e2b4507915a3f11e85f