d.ngoforumsouthsudan.com Open in urlscan Pro
2606:4700:3032::ac43:aef6  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response d.ngoforumsouthsudan.com/	122 KB 38 KB	678ms 612ms	Document text/html	2606:4700:3032::ac43:aef6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://d.ngoforumsouthsudan.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:aef6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a0482ab6bbe59f51461abccadb786e801231a408f5e176a2eeb78140c4fde712 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 883e21b0ebd003e0-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 14 May 2024 21:55:17 GMT link <https://d.ngoforumsouthsudan.com/wp-json/>; rel="https://api.w.org/" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVxKCYn0cMbQV%2B2vpv41%2BntGnEWmE%2FAp0Sk%2B7soSzY9KOsxTqmT3QF6vUPXAnKZyIRkgGosSplXnfkbBXJEuw5ca4%2FuW3kqyO5bw3i4qEVdA4QUb5bW7dwCOyZEq%2Bxx20sKguln0mCySqbLF6J3%2FOIN62LRCnYQ%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-runcache-type native x-runcloud-cache HIT x-ua-compatible IE=edge x-xss-protection 1; mode=block
GET H2	200	style.min.css d.ngoforumsouthsudan.com/wp-includes/css/dist/block-library/	111 KB 15 KB	535ms 534ms	Stylesheet text/css	2606:4700:3032::ac43:aef6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://d.ngoforumsouthsudan.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3 Requested by Host: d.ngoforumsouthsudan.com URL: https://d.ngoforumsouthsudan.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:aef6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://d.ngoforumsouthsudan.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 21:55:18 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 14 May 2024 16:37:19 GMT x-runcache-type native server cloudflare etag W/"6643933f-1bae5" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RRnvC5DWXaAhT2OKpaCgO6ITavSdR8A2zVxJXsIx2nTzEjx41iC%2F%2BKSpFhm4EA5ZDmof%2FBVpKf%2BHAHTP4UoPffGtvLK%2F8cOaOmCuJ7Gvzc1y2PhsEkIMPnuHZyEAP0yZtNWb4TIB%2BXLa54qcC2Rb4cEwGlrQZW0%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=2592000 cf-ray 883e21b4cf8003e0-FRA expires Thu, 13 Jun 2024 21:55:18 GMT
GET H2	200	main.min.css d.ngoforumsouthsudan.com/wp-content/themes/generatepress/assets/css/	19 KB 5 KB	513ms 513ms	Stylesheet text/css	2606:4700:3032::ac43:aef6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://d.ngoforumsouthsudan.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.4.0 Requested by Host: d.ngoforumsouthsudan.com URL: https://d.ngoforumsouthsudan.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:aef6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://d.ngoforumsouthsudan.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 21:55:18 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 14 May 2024 16:42:00 GMT x-runcache-type native server cloudflare etag W/"66439458-4c6c" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ef5sE7DlkHWzTsXf3Vq%2FzQItfCcMmNrjlFA%2FLmr50f0NtJm1%2BTaH8Pex1aT%2FbYu7CgnXApYO%2F7pkKMyxfB3vWMBnbuO7U0yRwHlOQpjgX4SQ6xCI%2BXMKDy7kG5IuHyXs0a6HUqrPlxVMux8vIY6jxGAETfOsWlk%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=2592000 cf-ray 883e21b4cf8103e0-FRA expires Thu, 13 Jun 2024 21:55:18 GMT
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	93 KB 29 KB	100ms 39ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: d.ngoforumsouthsudan.com URL: https://d.ngoforumsouthsudan.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 3e9d1b700c00422d3403f0c7346a0fa9ea562065394c8f1b40fd3bbbd6f9de5b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://d.ngoforumsouthsudan.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 21:55:18 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30040 x-xss-protection 0 server cafe etag 176 / 19857 / m202405090101 / config-hash: 1553233031486549670 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 14 May 2024 21:55:18 GMT
GET BLOB	200 OK	7b5ae01f-2195-4f63-b754-3665b022e7a8 https://d.ngoforumsouthsudan.com/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://d.ngoforumsouthsudan.com/7b5ae01f-2195-4f63-b754-3665b022e7a8 Requested by Host: d.ngoforumsouthsudan.com URL: https://d.ngoforumsouthsudan.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Length 1185 Content-Type text/javascript
GET H3	200	menu.min.js Show response d.ngoforumsouthsudan.com/wp-content/themes/generatepress/assets/js/	7 KB 2 KB	504ms 504ms	Script application/javascript	172.67.174.246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://d.ngoforumsouthsudan.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.4.0 Requested by Host: d.ngoforumsouthsudan.com URL: https://d.ngoforumsouthsudan.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.246 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://d.ngoforumsouthsudan.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 21:55:18 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 14 May 2024 16:42:00 GMT x-runcache-type native server cloudflare etag W/"66439458-1b2d" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WSxTpOzc%2FyApHMH%2B3Z52cwgLgMQ4erA9EFF86rBP20oIGXTi8IxVJFU83cQMoSJ9UXwNM8NjSnX8GaXRswtaiZhQ1yQxlfUgvNQfJb8Te4z9JT2xwrS%2Bb%2BiG1tByY%2FrplgH2pnTasI0DXVc%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=2592000 cf-ray 883e21b4f8cbbb32-FRA expires Thu, 13 Jun 2024 21:55:18 GMT
GET H3	200	wp-emoji-release.min.js Show response d.ngoforumsouthsudan.com/wp-includes/js/	18 KB 5 KB	514ms 514ms	Script application/javascript	172.67.174.246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://d.ngoforumsouthsudan.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3 Requested by Host: d.ngoforumsouthsudan.com URL: https://d.ngoforumsouthsudan.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.246 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://d.ngoforumsouthsudan.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 21:55:18 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 14 May 2024 16:37:19 GMT x-runcache-type native server cloudflare etag W/"6643933f-4926" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I0W6CDhlQWsI02HKBV2Ff6wVy4jsk7Q7GCCICT4xTKe%2F7iHasd5C5H2HcZU3VXWKURNbc1Y5jsWHXFFY3H2TTMgMueqo7OOUJo%2F8XVd3tvNFFBMjBKCukaw5LI26GM2YfGYPDQG7EYoNFmU%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=2592000 cf-ray 883e21b82c51bb32-FRA expires Thu, 13 Jun 2024 21:55:18 GMT
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/	454 KB 142 KB	22ms 22ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash aba3b1e74a53993ab198f8376eaf3bc0c9d841b9bc6d95f47ab839bbdb502d47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://d.ngoforumsouthsudan.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 10:36:40 GMT content-encoding br x-content-type-options nosniff age 40718 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 145002 x-xss-protection 0 server cafe etag 8410536799634492291 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Wed, 14 May 2025 10:36:40 GMT
GET H3	200	ads Show response pagead2.googlesyndication.com/gampad/	35 KB 14 KB	454ms 407ms	Fetch text/plain	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?pvsid=95715399078978&correlator=447847588458915&eid=31079956&output=ldjh&gdfp_req=1&vrg=202405090101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=23016298561%2C60h&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1715723718619&lmt=1715723718&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fd.ngoforumsouthsudan.com%2F&vis=1&psz=1600x2210&msz=1600x250&fws=0&ohw=0&ga_vid=566851477.1715723719&ga_sid=1715723719&ga_hid=1116601936&ga_fc=false&dlt=1715723717867&idt=734&adks=2266777182&frm=20&eoidce=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash aa40f1ba998be1750965d4ad59349dbb0963e9e3546b3afc7f51a25d67a46ebd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://d.ngoforumsouthsudan.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 21:55:19 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14264 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://d.ngoforumsouthsudan.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html dd10f7878c8f0d80f366418cf1391df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9C37	0 0	112ms 29ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dd10f7878c8f0d80f366418cf1391df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://d.ngoforumsouthsudan.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 14 May 2024 21:55:18 GMT expires Wed, 14 May 2025 21:55:18 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	47ms 47ms	XHR application/json	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202405090101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash 486ad7fb3091320ff328bedcab3ff60b3af28254c21f1874dea1cf15e3068024 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://d.ngoforumsouthsudan.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 21:55:18 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12391 x-xss-protection 0
GET H3	404	favicon.ico d.ngoforumsouthsudan.com/	552 B 565 B	491ms 491ms	Other text/html	172.67.174.246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://d.ngoforumsouthsudan.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.246 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://d.ngoforumsouthsudan.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 21:55:19 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i8fZz%2FLdUbtKbznksr4N1Iy1q7cbD%2FQWjXdT89WZbXUKMHdUN8Rp13O8gY97ylGMg3onc1dS63HiF0kzFlVn%2FIrftF8HjZlH8TsM69iBpGufEsq8iiEQE2Pnd5IAZUik0JYcPh0YDIc5hlw%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 883e21bb6f67bb32-FRA alt-svc h3=":443"; ma=86400
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	95ms 30ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://d.ngoforumsouthsudan.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 21:55:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 14 May 2024 21:55:19 GMT
GET H2	200	container.html dd10f7878c8f0d80f366418cf1391df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CCEB	0 0	0ms 0ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dd10f7878c8f0d80f366418cf1391df8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://d.ngoforumsouthsudan.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 14 May 2024 21:55:18 GMT expires Wed, 14 May 2025 21:55:18 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0BBF	0 0	65ms 22ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://d.ngoforumsouthsudan.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes age 34471 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 14 May 2024 12:20:48 GMT expires Wed, 14 May 2025 12:20:48 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET		sodar pagead2.googlesyndication.com/pagead/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202405090101&jk=95715399078978&bg=!KyilKGfNAAbZcyKb-XM7ADQBe5WfOM5KrFnEEugFdVQfkvRcwqUMyCy9KseqSKThIy8uJZMZaUntSjiIhuHnDnoXfOhCAgAAAFdSAAAAAmgBB34ANkq6yJFidb-y-JcvuOe330YTryIAedp3HEGwGl8UJLNk7caZGb3ZDOztZXtqtjJzOddB91FpuZkCmHeKmHEFabg5q7AoaOzw0lKc2QNucxtTDVpFwlkan7r_eO69iFve3p6rsVTjB9cSd1io833RdzfFpr1QIJXy4e1yGvRfPWH_idvJvB_CcVmOY4mHxuFNR-c2_tu1Fd_hlxK71SfPIjllyFAh-lyYeDuD9JGiARsPxKkYrj8lIKowcPwPZ9VOSCN4jhwhlGFOxkxd9RKQc_sb1c5TeeK4ZOKUyEZsSCK4nKa7IiCRYV_rHTCVEjJ0z4h1FE_cxZoxSAESne58JVNynwsU0Vntgvj6Qaz7gqyQGgrP78uyCG_WJMjZf4FqLxVRm4Jb0rzUky-gil5CbVbUhQ6i3SgiEOJ0ytFflBFep_ghWpP1m5HjR711IIwE8tjfwWER9BfHjJjBDGWkNDTErj5QIuDG1XDSxK8oySmAKjW8cVhwb5X9bgBMVr13JI1Z3Wla8jD220vNgXlbinYIwVM4wDCTh52USdvpu-vgrvl1xSFT3vuT8awUGWuBgJEaKh2vSwffVi54uegDyI_Xh9Jae6C5M_YTXtPwuLsIQasuGX3oiRn_GCDhWdQE8LvotKICys0QdHUGhcW6aCjmygpKf76QGNnrXhYXVfC3TJQkLnt8E_BsF60R3P1N_aQ98bSBBAkgJ_kq1GIUbiT3PvIMD905E5hRJwsNXraJWq65WADwX_EM3Kla2K4kvP6uvmdBziJFmfv8U6rC8d3cMOyMkqPnxSkCMS-DF9pCZNDY1EIPJmf7p6iX9ojI82_EDv_D4YhtxNLggg--jSxduTWnQIXsDYLtnF9Z7j99rVq1DO4gQCdAxB1iLcH1zsFJJxwfn9Z7PGMLXxWrRWUhIBYJ3LWRzGXufZRPVQdI1hchSnFZoK_15QTqO3_VGsw

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| _wpemojiSettings object| googletag object| generatepressMenu function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists boolean| ai_js_code object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing number| google_unique_id object| gaGlobal object| twemoji object| wp object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ngoforumsouthsudan.com/	1970-01-21 00:54:35	Name: __eoi Value: ID=457894ed73ca7a23:T=1715723718:RT=1715723718:S=AA-AfjZusLIUOvuy2-IwsnhBcBMr
			.criteo.com/	1970-01-21 05:56:59	Name: receive-cookie-deprecation Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://d.ngoforumsouthsudan.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d.ngoforumsouthsudan.com
dd10f7878c8f0d80f366418cf1391df8.safeframe.googlesyndication.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
142.250.185.130
172.217.18.2
172.67.174.246
2606:4700:3032::ac43:aef6
2a00:1450:4001:811::2001
2a00:1450:4001:830::2001
395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936
3e9d1b700c00422d3403f0c7346a0fa9ea562065394c8f1b40fd3bbbd6f9de5b
486ad7fb3091320ff328bedcab3ff60b3af28254c21f1874dea1cf15e3068024
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
a0482ab6bbe59f51461abccadb786e801231a408f5e176a2eeb78140c4fde712
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb
aa40f1ba998be1750965d4ad59349dbb0963e9e3546b3afc7f51a25d67a46ebd
aba3b1e74a53993ab198f8376eaf3bc0c9d841b9bc6d95f47ab839bbdb502d47
bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d