adm.freedome-gameplay.sbs Open in urlscan Pro
146.19.75.30  Public Scan

79 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response adm.freedome-gameplay.sbs/	1 MB 268 KB	493ms 344ms	Document text/html	146.19.75.30 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Full URL https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.19.75.30 Bucharest, Romania, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm1303088.stark-industries.solutions Software nginx/1.24.0 / Resource Hash 931e391992ee0174bcd3d8c56f6fbd72604f809e87f5ef2deefba702526ada09 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=900, public cf-cache-status DYNAMIC cf-ray 7f397f0c5f1f6271-OTP content-encoding br content-language en content-type text/html; charset=UTF-8 date Tue, 08 Aug 2023 17:32:01 GMT expires Sun, 19 Nov 1978 05:00:00 GMT last-modified Tue, 08 Aug 2023 16:08:18 GMT permissions-policy interest-cohort=() server nginx/1.24.0 vary Cookie x-content-type-options nosniff x-drupal-cache HIT x-drupal-dynamic-cache UNCACHEABLE x-frame-options SAMEORIGIN x-generator Drupal 9 (https://www.drupal.org) x-ua-compatible IE=edge
GET H2	200	optimize.js Show response www.googleoptimize.com/	122 KB 48 KB	155ms 67ms	Script application/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleoptimize.com/optimize.js?id=OPT-PQ2VTDK Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 745e66c92422130436be9642277fbeef78b96ec18533808934befbc280a6631c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48481 x-xss-protection 0 last-modified Tue, 08 Aug 2023 16:07:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 08 Aug 2023 17:32:01 GMT
GET H2	200	css_tDABOjMUs4Psw2oszp4Zi16AP-e_HWUzGdZJzMng2ac.css adm.freedome-gameplay.sbs/sites/default/files/css/	7 KB 2 KB	163ms 162ms	Stylesheet text/css	146.19.75.30 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Full URL https://adm.freedome-gameplay.sbs/sites/default/files/css/css_tDABOjMUs4Psw2oszp4Zi16AP-e_HWUzGdZJzMng2ac.css Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.19.75.30 Bucharest, Romania, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm1303088.stark-industries.solutions Software nginx/1.24.0 / Resource Hash 652515136e46a6609af021c8ed9f660d158a3f5b1424b96d46c65fecfdaaa70b Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:01 GMT content-encoding br cf-cache-status HIT cf-bgj minify server nginx/1.24.0 last-modified Fri, 04 Aug 2023 15:11:46 GMT age 1035 cf-polished origSize=7309 etag W/"64cd1532-1c8d" vary Accept-Encoding content-type text/css cache-control max-age=1800 cf-ray 7f397f0e3977624d-OTP
GET H2	200	css_zey3QCiODCknPvennDARp9BJafQ1fhnrPRvb_DI9WL4.css adm.freedome-gameplay.sbs/sites/default/files/css/	1 MB 158 KB	181ms 180ms	Stylesheet text/css	146.19.75.30 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Full URL https://adm.freedome-gameplay.sbs/sites/default/files/css/css_zey3QCiODCknPvennDARp9BJafQ1fhnrPRvb_DI9WL4.css Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.19.75.30 Bucharest, Romania, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm1303088.stark-industries.solutions Software nginx/1.24.0 / Resource Hash c4ce0df553e5a6c8d753523d85730c65b837eaf3023141a2cfdc25f9b381407f Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:01 GMT content-encoding br cf-cache-status HIT cf-bgj minify server nginx/1.24.0 last-modified Tue, 18 Jul 2023 12:31:50 GMT age 1035 cf-polished origSize=1120063 etag W/"64b68636-11173f" vary Accept-Encoding content-type text/css cache-control max-age=1800 cf-ray 7f397f0e3e9f0520-OTP
GET H2	200	modernizr.min.js Show response adm.freedome-gameplay.sbs/themes/custom/msf_theme/dist/vendor/	6 KB 3 KB	166ms 166ms	Script application/javascript	146.19.75.30 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Full URL https://adm.freedome-gameplay.sbs/themes/custom/msf_theme/dist/vendor/modernizr.min.js Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.19.75.30 Bucharest, Romania, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm1303088.stark-industries.solutions Software nginx/1.24.0 / Resource Hash 543efa0ab5be1d818632323c8a21ea6376854b336e3ded6d049a657c3bb00e37 Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:01 GMT content-encoding br cf-cache-status HIT last-modified Tue, 25 Jul 2023 11:08:39 GMT server nginx/1.24.0 age 1383 etag W/"64bfad37-179a" vary Accept-Encoding content-type application/javascript cache-control max-age=1800 cf-ray 7f397f0e3a57052c-OTP
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 7 KB	134ms 51ms	Script application/javascript	2606:4700::6812:a972 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 08 Aug 2023 17:32:01 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 X1C0PY0lSDg1JSpsyFxfYA== age 5445 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6837 x-ms-lease-status unlocked last-modified Mon, 07 Aug 2023 17:29:27 GMT server cloudflare etag 0x8DB976BD9A26B91 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 6c8f61b4-a01e-0009-0c68-c97c50000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7f397f0e8e0b913a-FRA
GET H2	200	yo3f8n03541367opu87g87240430ha2w.jpg img.msf.org/AssetLink/	100 KB 101 KB	1411ms 1287ms	Image image/jpeg	2606:4700:10::ac43:d86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.msf.org/AssetLink/yo3f8n03541367opu87g87240430ha2w.jpg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:d86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b04dfd90c0f82ab1a28f99810a792bedd28f561c39162d18bb4c106cac99fa49 Security Headers Name Value Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-ZWI5MTQ0ZmUxNWVmZDM1OTA3ZGQ2MjY2MDZiOTQ1NDc=' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:03 GMT content-security-policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-ZWI5MTQ0ZmUxNWVmZDM1OTA3ZGQ2MjY2MDZiOTQ1NDc=' x-content-type-options nosniff, nosniff, nosniff cf-cache-status BYPASS strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals content-disposition inline; filename="IMG_0142.jpg" content-length 101894 x-xss-protection 1; mode=block referrer-policy same-origin server cloudflare etag 8748463d2b3643de x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control public, max-age=15 feature-policy geolocation 'none' accept-ranges bytes cf-ray 7f397f101ffe4d7c-FRA
GET H2	200	18103oti6h8idb1q716u78o303lx4n6t.jpg img.msf.org/cdn-cgi/image/width=2000,f=auto,q=70/https://img.msf.org/AssetLink/	223 KB 224 KB	241ms 200ms	Image image/webp	2606:4700:10::ac43:d86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.msf.org/cdn-cgi/image/width=2000,f=auto,q=70/https://img.msf.org/AssetLink/18103oti6h8idb1q716u78o303lx4n6t.jpg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:d86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 354d5b399355f05d207584024454f8aabfa194e1a7241b673e171894e4024674 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' content-length 228696 cf-resized internal=ok/b q=0 n=415+101 c=15+472 v=2023.7.3 l=228696 cf-bgj imgq:71,h2pri server cloudflare etag "cfRwD8C-0euQ0wLGHJ8f_PnO_s5WRnllJrvShzIMCRDw:71df880b9a392f16" vary Accept, Accept-Encoding warning cf-images 299 "cache-control is too restrictive", cf-images 299 "image too large for AVIF" content-type image/webp cache-control public, max-age=691200 accept-ranges bytes cf-ray 7f397f1018074d7c-FRA
GET H2	200	bg-transparent.png adm.freedome-gameplay.sbs/themes/custom/msf_theme/src/kss/components/image/assets/	68 B 342 B	203ms 199ms	Image image/png	146.19.75.30 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Show image Full URL https://adm.freedome-gameplay.sbs/themes/custom/msf_theme/src/kss/components/image/assets/bg-transparent.png Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.19.75.30 Bucharest, Romania, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm1303088.stark-industries.solutions Software nginx/1.24.0 / Resource Hash c4ea8b3ed6218ffb31161bc2b13a945308c60ac19597651609f5402a6d9d6e0f Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT cf-cache-status HIT cf-bgj imgq:85,h2pri server nginx/1.24.0 last-modified Tue, 25 Jul 2023 11:08:39 GMT age 1036 cf-polished origSize=937, status=webp_bigger etag "64bfad37-3a9" vary Accept-Encoding content-type image/png cache-control max-age=1800 accept-ranges bytes cf-ray 7f397f111b7a055f-OTP content-length 68
GET H2	200	07v2nkoxa4lvq322amn25h41cwu46an7.jpg img.msf.org/AssetLink/	453 KB 455 KB	1653ms 1649ms	Image image/jpeg	2606:4700:10::ac43:d86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.msf.org/AssetLink/07v2nkoxa4lvq322amn25h41cwu46an7.jpg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:d86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b78c5a8fe3bb438f93530d9a10d2d0eeee51239a4e4ad4eb0c8152981ce4d149 Security Headers Name Value Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-NjY5OTdiZmM4MzQxNTk5ZjQzNjFiYzllMTk1OTBkNWI=' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:03 GMT content-security-policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-NjY5OTdiZmM4MzQxNTk5ZjQzNjFiYzllMTk1OTBkNWI=' x-content-type-options nosniff, nosniff, nosniff cf-cache-status BYPASS strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals content-disposition inline; filename="An informal settlement along the Roja River in Ventimiglia, Italy, where persons in transit find temporary shelter before crossing into Franc (1).jpg" content-length 464346 x-xss-protection 1; mode=block referrer-policy same-origin server cloudflare etag 754fe8e4265bddf9 x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control public, max-age=15 feature-policy geolocation 'none' accept-ranges bytes cf-ray 7f397f10a8d54d7c-FRA
GET H2	200	65174q2dt8t14a3mewml37npv6202j6p.jpg img.msf.org/AssetLink/	24 KB 25 KB	1340ms 1337ms	Image image/jpeg	2606:4700:10::ac43:d86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.msf.org/AssetLink/65174q2dt8t14a3mewml37npv6202j6p.jpg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:d86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aaa03939597272eaccf1846dceb44eaa6bb2671798d0407d8c48243489af1bd9 Security Headers Name Value Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MzRiZDkwMWYwNGUwZTNkZTk0YTJlMmVhZjgwMjcyOTI=' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:03 GMT content-security-policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MzRiZDkwMWYwNGUwZTNkZTk0YTJlMmVhZjgwMjcyOTI=' x-content-type-options nosniff, nosniff, nosniff cf-cache-status BYPASS strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals content-disposition inline; filename="P1000951.jpg" content-length 24682 x-xss-protection 1; mode=block referrer-policy same-origin server cloudflare etag a1dea05bc24b6c1e x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control public, max-age=15 feature-policy geolocation 'none' accept-ranges bytes cf-ray 7f397f10a8da4d7c-FRA
GET H2	200	7if31utw57a4b0tfa273trvwcg56bkr6.jpg img.msf.org/AssetLink/	27 KB 28 KB	1494ms 1491ms	Image image/jpeg	2606:4700:10::ac43:d86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.msf.org/AssetLink/7if31utw57a4b0tfa273trvwcg56bkr6.jpg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:d86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 07ae21a92e15e5e96699d383c81c5f6e9e7652c5437dff80788117aec66838d0 Security Headers Name Value Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MDU1NGI3ZjgzODI1YjU0NDdkZDc4NDkzYTgyZThjNDE=' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:03 GMT content-security-policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MDU1NGI3ZjgzODI1YjU0NDdkZDc4NDkzYTgyZThjNDE=' x-content-type-options nosniff, nosniff, nosniff cf-cache-status BYPASS strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals content-disposition inline; filename="DSC06634.jpg" content-length 27540 x-xss-protection 1; mode=block referrer-policy same-origin server cloudflare etag b76fdf8d902cad5e x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control public, max-age=15 feature-policy geolocation 'none' accept-ranges bytes cf-ray 7f397f10a8dc4d7c-FRA
GET H2	200	n6ci1ye87ty01ftdhc8223l8p12l7686.jpg img.msf.org/AssetLink/	33 KB 33 KB	1251ms 1247ms	Image image/jpeg	2606:4700:10::ac43:d86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.msf.org/AssetLink/n6ci1ye87ty01ftdhc8223l8p12l7686.jpg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:d86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 474ddf32951a8a9592ae80cdd4cb7895998e05c46f1c4e649ae5eebd973fe74f Security Headers Name Value Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-YTRlMGNlMjgwZTc3Njg2ZWZjMjE5Y2M4OTdhZjJmMjc=' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:03 GMT content-security-policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-YTRlMGNlMjgwZTc3Njg2ZWZjMjE5Y2M4OTdhZjJmMjc=' x-content-type-options nosniff, nosniff, nosniff cf-cache-status BYPASS strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals content-disposition inline; filename="6G9A0079.jpg" content-length 33373 x-xss-protection 1; mode=block referrer-policy same-origin server cloudflare etag 615c8ab4d588e0d6 x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control public, max-age=15 feature-policy geolocation 'none' accept-ranges bytes cf-ray 7f397f10a8dd4d7c-FRA
GET		11ya25q3l62g2c683337382503i44t47.jpg img.msf.org/AssetLink/	0 0
GET H2	200	o1twmgg772862kkfvfv13b0y7d7r152v.jpg img.msf.org/AssetLink/	52 KB 52 KB	1566ms 1563ms	Image image/jpeg	2606:4700:10::ac43:d86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.msf.org/AssetLink/o1twmgg772862kkfvfv13b0y7d7r152v.jpg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:d86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 552866a91b8434c595be175cad9ff101509a3b879dec6162308ddb8927eeba77 Security Headers Name Value Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MWYwNGU2M2YwMTU2ODY4MGY0MDA0NDE1Y2UwZTdhZTc=' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:03 GMT content-security-policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MWYwNGU2M2YwMTU2ODY4MGY0MDA0NDE1Y2UwZTdhZTc=' x-content-type-options nosniff, nosniff, nosniff cf-cache-status BYPASS strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals content-disposition inline; filename="Maïté (1).jpg" content-length 52878 x-xss-protection 1; mode=block referrer-policy same-origin server cloudflare etag 668bbe5f117caa49 x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control public, max-age=15 feature-policy geolocation 'none' accept-ranges bytes cf-ray 7f397f10a8e24d7c-FRA
GET		220j3k64f8n4oibjcuw4yvmfxtw80r8b.jpg img.msf.org/AssetLink/	0 0
GET H2	200	7xelm8sfrr0dje6223me11pwf2mo351d.jpg img.msf.org/AssetLink/	21 KB 21 KB	1640ms 1637ms	Image image/jpeg	2606:4700:10::ac43:d86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.msf.org/AssetLink/7xelm8sfrr0dje6223me11pwf2mo351d.jpg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:d86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26c6e977fcd6d84119c1791f73f9a8f1d014742392beaf789b479248235f98e8 Security Headers Name Value Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MmNiMmNmZGM0ZmI0NGU4ZjFkNzBkOWM0MDVmZWI4NWY=' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:03 GMT content-security-policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MmNiMmNmZGM0ZmI0NGU4ZjFkNzBkOWM0MDVmZWI4NWY=' x-content-type-options nosniff, nosniff, nosniff cf-cache-status BYPASS strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals content-disposition inline; filename="2. MSF psychologists provide group and individual psychological sessions to people in areas previously occupied, Ukraine.jpg" content-length 21216 x-xss-protection 1; mode=block referrer-policy same-origin server cloudflare etag 6897a7cf711d8593 x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control public, max-age=15 feature-policy geolocation 'none' accept-ranges bytes cf-ray 7f397f10d9114d7c-FRA
GET H2	200	4w66f5j143c03o635p163k553hq823hl.jpg img.msf.org/AssetLink/	21 KB 21 KB	1456ms 1453ms	Image image/jpeg	2606:4700:10::ac43:d86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.msf.org/AssetLink/4w66f5j143c03o635p163k553hq823hl.jpg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:d86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 767d2050138c16fffffcaa108c2e307ff798f52b0580f69a07b6bcb18d1da0a5 Security Headers Name Value Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-N2M1NzhmMThiZDJmNWE4MzYxZGFiYmUyYTk2ZDI3N2Q=' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:03 GMT content-security-policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-N2M1NzhmMThiZDJmNWE4MzYxZGFiYmUyYTk2ZDI3N2Q=' x-content-type-options nosniff, nosniff, nosniff cf-cache-status BYPASS strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals content-disposition inline; filename="IMG_2023.jpg" content-length 21238 x-xss-protection 1; mode=block referrer-policy same-origin server cloudflare etag 474159a5cf28644f x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control public, max-age=15 feature-policy geolocation 'none' accept-ranges bytes cf-ray 7f397f10d9134d7c-FRA
GET H2	200	1b3cyn7543b8820246se0r5fcxt833ee.jpg img.msf.org/AssetLink/	39 KB 39 KB	1516ms 1514ms	Image image/jpeg	2606:4700:10::ac43:d86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.msf.org/AssetLink/1b3cyn7543b8820246se0r5fcxt833ee.jpg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:d86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd6377fb9758a299fbd34ceacbcb0b57da050c0f2a1084890b5d46e2648974cd Security Headers Name Value Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-NWQ3NmJkNmQ0OTViOTMxMjM5OGNlYzNkMjQ3NTlhNmM=' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:03 GMT content-security-policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-NWQ3NmJkNmQ0OTViOTMxMjM5OGNlYzNkMjQ3NTlhNmM=' x-content-type-options nosniff, nosniff, nosniff cf-cache-status BYPASS strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals content-disposition inline; filename="MicrosoftTeams-image (51).jpg" content-length 39472 x-xss-protection 1; mode=block referrer-policy same-origin server cloudflare etag 439c3e862e3abc32 x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control public, max-age=15 feature-policy geolocation 'none' accept-ranges bytes cf-ray 7f397f10d9164d7c-FRA
GET H2	200	mks056y2mrf50i4jve555y1q33752r5g.jpg img.msf.org/AssetLink/	43 KB 44 KB	1343ms 1340ms	Image image/jpeg	2606:4700:10::ac43:d86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.msf.org/AssetLink/mks056y2mrf50i4jve555y1q33752r5g.jpg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:d86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4662c4808efd6b0b4f35fe336d7679917357445e0f4f14488091364899fc1670 Security Headers Name Value Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MWU3OWZkOGRlMTQ0NTE4M2JkMTEwYjg1YTcwM2MxNTQ=' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:03 GMT content-security-policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MWU3OWZkOGRlMTQ0NTE4M2JkMTEwYjg1YTcwM2MxNTQ=' x-content-type-options nosniff, nosniff, nosniff cf-cache-status BYPASS strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals content-disposition inline; filename="image00035.jpg" content-length 43972 x-xss-protection 1; mode=block referrer-policy same-origin server cloudflare etag 8adbe2a6e23772e2 x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control public, max-age=15 feature-policy geolocation 'none' accept-ranges bytes cf-ray 7f397f10d9174d7c-FRA
GET H2	200	4l3742jj3u50011226gsf2v54255a8s2.jpg img.msf.org/AssetLink/	15 KB 15 KB	1143ms 1140ms	Image image/jpeg	2606:4700:10::ac43:d86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.msf.org/AssetLink/4l3742jj3u50011226gsf2v54255a8s2.jpg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:d86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9212af4bc60687b6be01126c2170cf573945d9bbff4cc28e8f8a18e32e9f1a4e Security Headers Name Value Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-Y2UwZjJhZDM0ODI0YmU5NzNlYWM3ZTdmODEwNmUwY2I=' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:03 GMT content-security-policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-Y2UwZjJhZDM0ODI0YmU5NzNlYWM3ZTdmODEwNmUwY2I=' x-content-type-options nosniff, nosniff, nosniff cf-cache-status BYPASS strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals content-disposition inline; filename="IMG_7971.jpg" content-length 14949 x-xss-protection 1; mode=block referrer-policy same-origin server cloudflare etag f9fb98330e9e5008 x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control public, max-age=15 feature-policy geolocation 'none' accept-ranges bytes cf-ray 7f397f10d91a4d7c-FRA
GET H2	200	oa04gxy75u8745fn2h663l3gs345o652.jpg img.msf.org/AssetLink/	43 KB 43 KB	1479ms 1477ms	Image image/jpeg	2606:4700:10::ac43:d86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.msf.org/AssetLink/oa04gxy75u8745fn2h663l3gs345o652.jpg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:d86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 686c90e6c39ac9f82bab265860c13b0ef14452c80d51b45bab7065a22038c565 Security Headers Name Value Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-ZDAwNTVlZjUzYTllYzRhYTdlY2UwYWE2OGU5MDQ2ZTQ=' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:03 GMT content-security-policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-ZDAwNTVlZjUzYTllYzRhYTdlY2UwYWE2OGU5MDQ2ZTQ=' x-content-type-options nosniff, nosniff, nosniff cf-cache-status BYPASS strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals content-disposition inline; filename="_MG_0279.jpg" content-length 43811 x-xss-protection 1; mode=block referrer-policy same-origin server cloudflare etag 5990a806e83ba8c6 x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control public, max-age=15 feature-policy geolocation 'none' accept-ranges bytes cf-ray 7f397f10d91e4d7c-FRA
GET H2	200	nm2168dxe4gy0o1r1rcg00cm203jw1nx.jpg img.msf.org/AssetLink/	51 KB 52 KB	1286ms 1283ms	Image image/jpeg	2606:4700:10::ac43:d86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.msf.org/AssetLink/nm2168dxe4gy0o1r1rcg00cm203jw1nx.jpg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:d86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fcd0084aaaab1a76974a3a9fcd111aac64cf686264027631fb4ef2393a0327b Security Headers Name Value Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-NmU5ZjM4MWIxNDk4M2M2ZTJiMGVmOTE1ZGYzYjJjZWE=' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:03 GMT content-security-policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-NmU5ZjM4MWIxNDk4M2M2ZTJiMGVmOTE1ZGYzYjJjZWE=' x-content-type-options nosniff, nosniff, nosniff cf-cache-status BYPASS strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals content-disposition inline; filename="200318_BXL_COVID_MSF_768.jpg" content-length 52148 x-xss-protection 1; mode=block referrer-policy same-origin server cloudflare etag ccfa0720ab7a7d69 x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control public, max-age=15 feature-policy geolocation 'none' accept-ranges bytes cf-ray 7f397f10d9234d7c-FRA
GET H2	200	141s005c35mev72g6m5f21e07dy58k5c.jpg img.msf.org/AssetLink/	69 KB 70 KB	1349ms 1347ms	Image image/jpeg	2606:4700:10::ac43:d86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.msf.org/AssetLink/141s005c35mev72g6m5f21e07dy58k5c.jpg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:d86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17928019421a1d27d7a2790083f0fcd9f18f0efb85c28ec3e00d392c30014333 Security Headers Name Value Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-Y2YzMTg2MzhmY2Y4ODU3NmRmM2ZjNmQwYzIyMzA2MTE=' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:03 GMT content-security-policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-Y2YzMTg2MzhmY2Y4ODU3NmRmM2ZjNmQwYzIyMzA2MTE=' x-content-type-options nosniff, nosniff, nosniff cf-cache-status BYPASS strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals content-disposition inline; filename="_X1A0798.jpg" content-length 70777 x-xss-protection 1; mode=block referrer-policy same-origin server cloudflare etag 70e6df5b0b9457c8 x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control public, max-age=15 feature-policy geolocation 'none' accept-ranges bytes cf-ray 7f397f10d9244d7c-FRA
GET H2	200	r4uee7lo2384sn23l6a5q4hj2ettp01k.jpg img.msf.org/AssetLink/	65 KB 66 KB	1654ms 1651ms	Image image/jpeg	2606:4700:10::ac43:d86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.msf.org/AssetLink/r4uee7lo2384sn23l6a5q4hj2ettp01k.jpg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:d86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ba228d2b19929b35b24a01d2c325fc28e51ecc257d3265cafb718d66e5e255a Security Headers Name Value Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MmJmMzc4YWM1NzBhM2ZkMTQ2ZGRjNjM2MjM1OTUwZGQ=' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:03 GMT content-security-policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MmJmMzc4YWM1NzBhM2ZkMTQ2ZGRjNjM2MjM1OTUwZGQ=' x-content-type-options nosniff, nosniff, nosniff cf-cache-status BYPASS strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals content-disposition inline; filename="LGEAI GAZA MSF44.jpg" content-length 66448 x-xss-protection 1; mode=block referrer-policy same-origin server cloudflare etag 4892b8270ee5b367 x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control public, max-age=15 feature-policy geolocation 'none' accept-ranges bytes cf-ray 7f397f10d9264d7c-FRA
GET H2	200	eu25do64x3p4g0q8xly7628u00l6s255.jpg img.msf.org/AssetLink/	60 KB 61 KB	1475ms 1473ms	Image image/jpeg	2606:4700:10::ac43:d86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.msf.org/AssetLink/eu25do64x3p4g0q8xly7628u00l6s255.jpg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:d86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eeb237ea24f9bee1f0cc1a23fd9e9adf2be04a5d7aaf25c7926fd92a76e7ad18 Security Headers Name Value Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-ZmJhNTQyYWQzOTE5YWViMzkwNjk1MTJmMmMzMGYyNmY=' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:03 GMT content-security-policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-ZmJhNTQyYWQzOTE5YWViMzkwNjk1MTJmMmMzMGYyNmY=' x-content-type-options nosniff, nosniff, nosniff cf-cache-status BYPASS strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals content-disposition inline; filename="_DSC0881.jpg" content-length 61569 x-xss-protection 1; mode=block referrer-policy same-origin server cloudflare etag 6b37d677cc006414 x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control public, max-age=15 feature-policy geolocation 'none' accept-ranges bytes cf-ray 7f397f10d9274d7c-FRA
GET H2	200	logo-white-en.svg adm.freedome-gameplay.sbs/themes/custom/msf_theme/src/kss/components/icons/assets/	12 KB 5 KB	211ms 209ms	Image image/svg+xml	146.19.75.30 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Show image Full URL https://adm.freedome-gameplay.sbs/themes/custom/msf_theme/src/kss/components/icons/assets/logo-white-en.svg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.19.75.30 Bucharest, Romania, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm1303088.stark-industries.solutions Software nginx/1.24.0 / Resource Hash aaba19520fb39cd79e2f2080e503695ae06e64701d8aa3a33926b09309647416 Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT content-encoding br cf-cache-status HIT last-modified Tue, 25 Jul 2023 11:08:39 GMT server nginx/1.24.0 age 1036 etag W/"64bfad37-2f38" vary Accept-Encoding content-type image/svg+xml cache-control max-age=1800 cf-ray 7f397f11191598af-OTP
GET H2	200	email-decode.min.js Show response adm.freedome-gameplay.sbs/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 949 B	181ms 178ms	Script application/javascript	146.19.75.30 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Full URL https://adm.freedome-gameplay.sbs/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.19.75.30 Bucharest, Romania, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm1303088.stark-industries.solutions Software nginx/1.24.0 / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 04 Aug 2023 16:29:28 GMT server nginx/1.24.0 etag W/"64cd2768-4d7" vary Accept-Encoding x-frame-options DENY content-type application/javascript cache-control max-age=172800, public cf-ray 7f397f110832052f-OTP expires Thu, 10 Aug 2023 17:32:02 GMT
GET H2	200	js_sVHBqkCM3G0cL4OhvXBGZPN7IqC2iXNx8GX6TLtpL34.js Show response adm.freedome-gameplay.sbs/sites/default/files/js/	2 MB 449 KB	220ms 216ms	Script application/javascript	146.19.75.30 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Full URL https://adm.freedome-gameplay.sbs/sites/default/files/js/js_sVHBqkCM3G0cL4OhvXBGZPN7IqC2iXNx8GX6TLtpL34.js Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.19.75.30 Bucharest, Romania, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm1303088.stark-industries.solutions Software nginx/1.24.0 / Resource Hash dbe4350de169956957ebb2b8c5573e3d23773061954ab15cd9675fdb259b8b7d Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT content-encoding br cf-cache-status HIT cf-bgj minify server nginx/1.24.0 last-modified Fri, 21 Jul 2023 08:53:28 GMT age 1036 cf-polished origSize=1587680 etag W/"64ba4788-1839e0" vary Accept-Encoding content-type application/javascript cache-control max-age=1800 cf-ray 7f397f111ab3b9e9-OTP
GET H2	200	gtm.js Show response www.googletagmanager.com/	249 KB 80 KB	214ms 62ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WTXQQLZ Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ba96e78075020e195ce67e445fd0d3c734381df0132f91e317b31d3a855248ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 81466 x-xss-protection 0 last-modified Tue, 08 Aug 2023 16:07:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 08 Aug 2023 17:32:02 GMT
GET H2	200	f5f24f33-6693-447d-8c10-35dcb407ccec.json Show response cdn.cookielaw.org/consent/f5f24f33-6693-447d-8c10-35dcb407ccec/	3 KB 2 KB	258ms 110ms	XHR application/x-javascript	2606:4700::6812:a972 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/f5f24f33-6693-447d-8c10-35dcb407ccec/f5f24f33-6693-447d-8c10-35dcb407ccec.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb67a32cbad9924e7a1ea5239b2e751d201c74e7ec2093ed36adba7411ec16d2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 08 Aug 2023 17:32:02 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS strict-transport-security max-age=31536000; includeSubDomains; preload content-md5 xreZT47em60I8uGBFEJ6QQ== content-length 1154 x-ms-lease-status unlocked last-modified Tue, 20 Oct 2020 13:50:04 GMT server cloudflare etag 0x8D874FF0C747559 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 4a5ee086-001e-0072-541e-ca3ecc000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7f397f1129443825-FRA expires Wed, 09 Aug 2023 17:32:02 GMT
GET DATA	200 OK	truncated /	222 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 466b0b0a75f05b15c0c8a2dd472cc30e2fb82550930dedbcc1013b92bd4789c2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	441 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 351c6e3933b9f0079a26b7836955545f6c992380960e0c5f24f2a57990a61513 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	222 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 87770ba469dbf3f5b424079259b0d5abbde6eed6d4223aef72b24b30751b5d9e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	GT-America-Condensed-Medium.woff2 adm.freedome-gameplay.sbs/themes/custom/msf_theme/dist/fonts/	49 KB 49 KB	407ms 407ms	Font font/woff2	146.19.75.30 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Full URL https://adm.freedome-gameplay.sbs/themes/custom/msf_theme/dist/fonts/GT-America-Condensed-Medium.woff2 Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/sites/default/files/css/css_zey3QCiODCknPvennDARp9BJafQ1fhnrPRvb_DI9WL4.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.19.75.30 Bucharest, Romania, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm1303088.stark-industries.solutions Software nginx/1.24.0 / Resource Hash c938aad7d5966fd0cc46aa56f5a96a548302af782b63d9dcb97f36eed4e24c18 Request headers Referer https://adm.freedome-gameplay.sbs/sites/default/files/css/css_zey3QCiODCknPvennDARp9BJafQ1fhnrPRvb_DI9WL4.css Origin https://adm.freedome-gameplay.sbs accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT cf-cache-status MISS last-modified Tue, 25 Jul 2023 11:08:39 GMT server nginx/1.24.0 etag "64bfad37-c3f0" vary Accept-Encoding content-type font/woff2 cache-control max-age=1800 accept-ranges bytes cf-ray 7f397f111cd998ae-OTP content-length 50160
GET H2	200	35DD08_0_0.woff2 adm.freedome-gameplay.sbs/themes/custom/msf_theme/dist/fonts/	37 KB 37 KB	364ms 363ms	Font font/woff2	146.19.75.30 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Full URL https://adm.freedome-gameplay.sbs/themes/custom/msf_theme/dist/fonts/35DD08_0_0.woff2 Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/sites/default/files/css/css_zey3QCiODCknPvennDARp9BJafQ1fhnrPRvb_DI9WL4.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.19.75.30 Bucharest, Romania, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm1303088.stark-industries.solutions Software nginx/1.24.0 / Resource Hash 0b8b5eeed882bf79cdc33a08593fe2ad303db8a4a7c9906630654eb1cb7d6ad9 Request headers Referer https://adm.freedome-gameplay.sbs/sites/default/files/css/css_zey3QCiODCknPvennDARp9BJafQ1fhnrPRvb_DI9WL4.css Origin https://adm.freedome-gameplay.sbs accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT cf-cache-status MISS last-modified Tue, 25 Jul 2023 11:08:39 GMT server nginx/1.24.0 etag "64bfad37-940e" vary Accept-Encoding content-type font/woff2 cache-control max-age=1800 accept-ranges bytes cf-ray 7f397f111fef26f6-OTP content-length 37902
GET H2	200	GT-America-Compressed-Bold.woff2 adm.freedome-gameplay.sbs/themes/custom/msf_theme/dist/fonts/	47 KB 48 KB	408ms 408ms	Font font/woff2	146.19.75.30 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Full URL https://adm.freedome-gameplay.sbs/themes/custom/msf_theme/dist/fonts/GT-America-Compressed-Bold.woff2 Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/sites/default/files/css/css_zey3QCiODCknPvennDARp9BJafQ1fhnrPRvb_DI9WL4.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.19.75.30 Bucharest, Romania, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm1303088.stark-industries.solutions Software nginx/1.24.0 / Resource Hash 99f837e6d553c2ab7d8663fe4296376353986e5ec8f2ae52384a31383ebb3177 Request headers Referer https://adm.freedome-gameplay.sbs/sites/default/files/css/css_zey3QCiODCknPvennDARp9BJafQ1fhnrPRvb_DI9WL4.css Origin https://adm.freedome-gameplay.sbs accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT cf-cache-status MISS last-modified Tue, 25 Jul 2023 11:08:39 GMT server nginx/1.24.0 etag "64bfad37-bd4c" vary Accept-Encoding content-type font/woff2 cache-control max-age=1800 accept-ranges bytes cf-ray 7f397f111a60b9e3-OTP content-length 48460
GET H2	200	TiemposHeadlineWeb-Light.woff adm.freedome-gameplay.sbs/themes/custom/msf_theme/dist/fonts/	53 KB 53 KB	406ms 406ms	Font font/woff	146.19.75.30 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Full URL https://adm.freedome-gameplay.sbs/themes/custom/msf_theme/dist/fonts/TiemposHeadlineWeb-Light.woff Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/sites/default/files/css/css_zey3QCiODCknPvennDARp9BJafQ1fhnrPRvb_DI9WL4.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.19.75.30 Bucharest, Romania, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm1303088.stark-industries.solutions Software nginx/1.24.0 / Resource Hash 9b0d6dcf37796f50bf2f0da678092426597f0e38253d0ca31a5eb9eb69dd27d7 Request headers Referer https://adm.freedome-gameplay.sbs/sites/default/files/css/css_zey3QCiODCknPvennDARp9BJafQ1fhnrPRvb_DI9WL4.css Origin https://adm.freedome-gameplay.sbs accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT cf-cache-status MISS last-modified Tue, 25 Jul 2023 11:08:39 GMT server nginx/1.24.0 etag "64bfad37-d43a" vary Accept-Encoding content-type font/woff cache-control max-age=1800 accept-ranges bytes cf-ray 7f397f11199326fe-OTP content-length 54330
GET H2	200	TiemposHeadlineWeb-LightItalic.woff adm.freedome-gameplay.sbs/themes/custom/msf_theme/dist/fonts/	56 KB 56 KB	418ms 418ms	Font font/woff	146.19.75.30 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Full URL https://adm.freedome-gameplay.sbs/themes/custom/msf_theme/dist/fonts/TiemposHeadlineWeb-LightItalic.woff Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/sites/default/files/css/css_zey3QCiODCknPvennDARp9BJafQ1fhnrPRvb_DI9WL4.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.19.75.30 Bucharest, Romania, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm1303088.stark-industries.solutions Software nginx/1.24.0 / Resource Hash 9d6559229bb4339266a39ba6d5bc9c67612a9edddaa762f9debf192bf9374a3d Request headers Referer https://adm.freedome-gameplay.sbs/sites/default/files/css/css_zey3QCiODCknPvennDARp9BJafQ1fhnrPRvb_DI9WL4.css Origin https://adm.freedome-gameplay.sbs accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT cf-cache-status MISS last-modified Tue, 25 Jul 2023 11:08:39 GMT server nginx/1.24.0 etag "64bfad37-df2e" vary Accept-Encoding content-type font/woff cache-control max-age=1800 accept-ranges bytes cf-ray 7f397f111f4b0523-OTP content-length 57134
GET H2	200	TiemposHeadlineWeb-Semibold.woff adm.freedome-gameplay.sbs/themes/custom/msf_theme/dist/fonts/	41 KB 41 KB	421ms 421ms	Font font/woff	146.19.75.30 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Full URL https://adm.freedome-gameplay.sbs/themes/custom/msf_theme/dist/fonts/TiemposHeadlineWeb-Semibold.woff Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/sites/default/files/css/css_zey3QCiODCknPvennDARp9BJafQ1fhnrPRvb_DI9WL4.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.19.75.30 Bucharest, Romania, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm1303088.stark-industries.solutions Software nginx/1.24.0 / Resource Hash 859dd0365666198c2be1d3b4de0373f6ebe68de55f3808664446f3f51ddcad92 Request headers Referer https://adm.freedome-gameplay.sbs/sites/default/files/css/css_zey3QCiODCknPvennDARp9BJafQ1fhnrPRvb_DI9WL4.css Origin https://adm.freedome-gameplay.sbs accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT cf-cache-status MISS last-modified Tue, 25 Jul 2023 11:08:39 GMT server nginx/1.24.0 etag "64bfad37-a2c0" vary Accept-Encoding content-type font/woff cache-control max-age=1800 accept-ranges bytes cf-ray 7f397f111e8cb9cf-OTP content-length 41664
GET H2	200	11ya25q3l62g2c683337382503i44t47.jpg img.msf.org/AssetLink/	32 KB 33 KB	1454ms 1453ms	Image image/jpeg	2606:4700:10::ac43:d86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.msf.org/AssetLink/11ya25q3l62g2c683337382503i44t47.jpg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:d86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash efd01372d7a66ca7f9deaf9b7303f549fe0143f8d3fe212225108c6e57dad6b1 Security Headers Name Value Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MGQ3YWE0MjM0Nzc1YzY0ZjcwNzEyNDg3NmVjOWZlZTU=' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:03 GMT content-security-policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MGQ3YWE0MjM0Nzc1YzY0ZjcwNzEyNDg3NmVjOWZlZTU=' x-content-type-options nosniff, nosniff, nosniff strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status BYPASS cf-polished degrade=85, origSize=34694, status=webp_bigger content-security-policy-report-only sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals content-disposition inline; filename="DJI_0531.jpg" content-length 32589 x-xss-protection 1; mode=block referrer-policy same-origin cf-bgj imgq:85,h2pri server cloudflare etag 71df880b9a392f16 x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control public, max-age=15 feature-policy geolocation 'none' accept-ranges bytes cf-ray 7f397f10d92a4d7c-FRA
GET H2	200	220j3k64f8n4oibjcuw4yvmfxtw80r8b.jpg img.msf.org/AssetLink/	33 KB 34 KB	1102ms 1102ms	Image image/jpeg	2606:4700:10::ac43:d86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.msf.org/AssetLink/220j3k64f8n4oibjcuw4yvmfxtw80r8b.jpg Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:d86 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7686da199636083850ccadb503fbedeafcb4207bc2ef7e0982ed0418a7552f84 Security Headers Name Value Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-YmQ4NDA2N2ZmMWNiOTIxMzQ2ODlhZGU0OWQ0OTkxZjk=' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:03 GMT content-security-policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com checkout.stripe.com js.stripe.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com esqa.moneris.com moneris.com www3.moneris.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-YmQ4NDA2N2ZmMWNiOTIxMzQ2ODlhZGU0OWQ0OTkxZjk=' x-content-type-options nosniff, nosniff, nosniff cf-cache-status BYPASS strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals content-disposition inline; filename="An informal settlement along the Roja River in Ventimiglia, Italy, where persons in transit find temporary shelter before crossing into Franc (1).jpg" content-length 34105 x-xss-protection 1; mode=block referrer-policy same-origin server cloudflare etag 754fe8e4265bddf9 x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg cache-control public, max-age=15 feature-policy geolocation 'none' accept-ranges bytes cf-ray 7f397f10d92b4d7c-FRA
GET H2	200	WhatsApp%20Image%202023-08-04%20at%2015.22.02.jpeg adm.freedome-gameplay.sbs/sites/default/files/styles/card_square/public/images/	9 KB 9 KB	271ms 271ms	Image image/jpeg	146.19.75.30 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Show image Full URL https://adm.freedome-gameplay.sbs/sites/default/files/styles/card_square/public/images/WhatsApp%20Image%202023-08-04%20at%2015.22.02.jpeg?itok=kAx2pXXf Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.19.75.30 Bucharest, Romania, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm1303088.stark-industries.solutions Software nginx/1.24.0 / Resource Hash 8bf8c6fc9f5f2822fbf7ff6debce063d60fc5fbac6ed63355cf43c30a2a2df8e Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT cf-cache-status REVALIDATED cf-bgj imgq:85,h2pri server nginx/1.24.0 last-modified Fri, 04 Aug 2023 15:11:45 GMT cf-polished origSize=9985, status=webp_bigger etag "64cd1531-2701" vary Accept-Encoding content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 7f397f11383426f6-OTP content-length 9307 expires Thu, 07 Sep 2023 17:32:02 GMT
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	78 B 316 B	166ms 80ms	XHR application/json	2606:4700::6812:1c26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1c26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 792074561f2d94442c8648916f41fc6016817b61d554daa9c67301aeecca14bb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://adm.freedome-gameplay.sbs/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 7f397f12680f9b33-FRA access-control-allow-headers Content-Type
GET H2	200	50000000 Show response eu.httpbin.org/stream-bytes/	100 KB 100 KB	3036ms 2775ms	Fetch application/octet-stream	54.210.149.139 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://eu.httpbin.org/stream-bytes/50000000 Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/sites/default/files/js/js_sVHBqkCM3G0cL4OhvXBGZPN7IqC2iXNx8GX6TLtpL34.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.210.149.139 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-210-149-139.compute-1.amazonaws.com Software gunicorn/19.9.0 / Resource Hash 0c06801d2d07b4748c95e63ffa9e1a237a9cfb8e8e8cb0e6e2acf0c0ccb4a783 Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers access-control-allow-origin https://adm.freedome-gameplay.sbs date Tue, 08 Aug 2023 17:32:05 GMT access-control-allow-credentials true server gunicorn/19.9.0 content-type application/octet-stream
GET H2	200	wonderpush-loader.min.js Show response cdn.by.wonderpush.com/sdk/1.1/	2 KB 1 KB	208ms 45ms	Script application/javascript	2606:4700::6812:13b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTXQQLZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35fed1adae6f95e2953675d963886570c6d0bcbd118a78be38aa347765d41c70 Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT content-encoding gzip via 1.1 3395b043e03ecb4acfd925a6e5a26e92.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop DUS51-C1 age 2477 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 872 last-modified Mon, 12 Jun 2023 13:44:46 GMT server cloudflare etag "40d92303d87d80a273f16f182bcf6c30ed6e" access-control-max-age 86400 access-control-allow-methods HEAD, GET content-type application/javascript access-control-allow-origin * cache-control public,max-age=3600 vary Accept-Encoding accept-ranges bytes cf-ray 7f397f145ca35b92-FRA x-amz-cf-id d4yWqarnWI_nIe-AgHHTSVo-6W5Y6aWNKWMq4v72PL1wE6wIHtoS3w==
GET H2	200	accessibility.js Show response cdn.equalweb.com/core/4.5.6/	43 KB 15 KB	219ms 127ms	Script application/javascript	2606:4700:20::681a:c5f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.equalweb.com/core/4.5.6/accessibility.js Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d2118bade160d44b7b7efa9ba8fd2a91a445031bbd864f42c0e7b05239d5f87c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://adm.freedome-gameplay.sbs/ Origin https://adm.freedome-gameplay.sbs accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br x-xss-protection 1; mode=block last-modified Tue, 11 Jul 2023 06:53:34 GMT server cloudflare etag W/"02bf568c4b3d91:0" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xpx1v0jCpFwkLw7wK1kRntDuc67Acm6fdyEAQcV7XkCaBs%2FJN8Fsy1jPJZh6NGRrF6gW034k6XvudIKh39rL5iic7rpkbAmHr0Djk9zOteibRtOM%2FiZ37A07w6Y5%2FFUZiGI7gSRjeNBSgTtKLxA%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=2204800 access-control-allow-credentials true x-frame-options deny x-client-country DE cf-ray 7f397f13ef0b4d76-FRA
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/6.7.0/	338 KB 72 KB	50ms 50ms	Script application/javascript	2606:4700::6812:a972 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1e3d87e5966b1193f8e51bec035a9de6de1c02243deb8f2b9bd280a67715112 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 08 Aug 2023 17:32:02 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 39GJ8QXxSjBaTmaIgt+tLg== age 46812 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 73268 x-ms-lease-status unlocked last-modified Fri, 09 Oct 2020 06:35:45 GMT server cloudflare etag 0x8D86C1D8DA49AF8 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id c992cd4b-901e-013a-1be1-5add10000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7f397f135d08913a-FRA
GET H2	200	iframe_api Show response www.youtube.com/	993 B 2 KB	160ms 59ms	Script text/javascript	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/sites/default/files/js/js_sVHBqkCM3G0cL4OhvXBGZPN7IqC2iXNx8GX6TLtpL34.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a8ae4a37d003da47b51ce6a0fa0138ef9fd77bc560218fe9457f94d8d26aa221 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff content-encoding br p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version server ESF x-frame-options SAMEORIGIN vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version content-type text/javascript; charset=utf-8 report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} cache-control private, max-age=0 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* origin-trial AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Tue, 08 Aug 2023 17:32:02 GMT
GET H2	200	current-year Show response adm.freedome-gameplay.sbs/api/map/	194 KB 12 KB	479ms 479ms	XHR application/json	146.19.75.30 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Full URL https://adm.freedome-gameplay.sbs/api/map/current-year Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/sites/default/files/js/js_sVHBqkCM3G0cL4OhvXBGZPN7IqC2iXNx8GX6TLtpL34.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.19.75.30 Bucharest, Romania, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm1303088.stark-industries.solutions Software nginx/1.24.0 / Resource Hash fe6ba73d43e3316ff5f517d9e6d1141b905c69fc8a193106dbe6f578f489919b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://adm.freedome-gameplay.sbs/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-ua-compatible IE=edge date Tue, 08 Aug 2023 17:32:02 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC server nginx/1.24.0 x-frame-options SAMEORIGIN content-language en content-type application/json x-generator Drupal 9 (https://www.drupal.org) cache-control must-revalidate, no-cache, private permissions-policy interest-cohort=() cf-ray 7f397f13de4898b8-OTP expires Sun, 19 Nov 1978 05:00:00 GMT
GET H2	502	/ Show response adm.freedome-gameplay.sbs/api/map/contacts/	559 B 631 B	282ms 281ms	XHR text/html	146.19.75.30 STARK-INDUSTRIES
General Check archive.org Show headers Download Go to Full URL https://adm.freedome-gameplay.sbs/api/map/contacts/ Requested by Host: adm.freedome-gameplay.sbs URL: https://adm.freedome-gameplay.sbs/sites/default/files/js/js_sVHBqkCM3G0cL4OhvXBGZPN7IqC2iXNx8GX6TLtpL34.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 146.19.75.30 Bucharest, Romania, ASN44477 (STARK-INDUSTRIES, GB), Reverse DNS vm1303088.stark-industries.solutions Software nginx/1.24.0 / Resource Hash 7a24b36a457f3a757a3ae6de36c80fe23c86eab7c7429d48c459b5e6eff19004 Request headers Accept application/json, text/plain, */* Referer https://adm.freedome-gameplay.sbs/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT server nginx/1.24.0 content-length 559 content-type text/html
GET H2	200	en.json Show response cdn.cookielaw.org/consent/f5f24f33-6693-447d-8c10-35dcb407ccec/2797dc00-7c81-4832-b342-b8bd9f258427/	20 KB 6 KB	95ms 94ms	Fetch application/x-javascript	2606:4700::6812:a972 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/f5f24f33-6693-447d-8c10-35dcb407ccec/2797dc00-7c81-4832-b342-b8bd9f258427/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9871f67a668a170a692d3dd989fd0b55c97dd95f411978a626d67e517fa6bc96 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 08 Aug 2023 17:32:02 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS strict-transport-security max-age=31536000; includeSubDomains; preload content-md5 R9/jen7z9tWtn/OsX8RoDg== content-length 6233 x-ms-lease-status unlocked last-modified Tue, 20 Oct 2020 13:50:05 GMT server cloudflare etag 0x8D874FF0D3269B3 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 82e2dac3-501e-009b-5b1e-caf886000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7f397f140ca73825-FRA expires Wed, 09 Aug 2023 17:32:02 GMT
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/6.7.0/assets/	12 KB 3 KB	101ms 100ms	Fetch application/json	2606:4700::6812:a972 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.7.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06b10167b8d0ac41c1b681a2cce2977f08c4bb49f3261d7ff2fce60b0e59f7c0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 08 Aug 2023 17:32:02 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS content-md5 6g5s6eICehvPXWb9nycIcQ== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 3328 x-ms-lease-status unlocked last-modified Fri, 09 Oct 2020 06:35:38 GMT server cloudflare etag 0x8D86C1D890DBAF3 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 4d24c06b-301e-008d-401e-ca0e51000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7f397f14ad703825-FRA
GET H2	200	otPcTab.json Show response cdn.cookielaw.org/scripttemplates/6.7.0/assets/v2/	44 KB 12 KB	95ms 95ms	Fetch application/json	2606:4700::6812:a972 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.7.0/assets/v2/otPcTab.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ecff6036656f5b24df8562c5f9978245923dbb076315aa1e4bd08359417dc5d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 08 Aug 2023 17:32:02 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS content-md5 vrBJTX8r9kEhopYrH1+ESQ== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 11546 x-ms-lease-status unlocked last-modified Fri, 09 Oct 2020 06:35:40 GMT server cloudflare etag 0x8D86C1D8A90FA3D vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 0a61bf80-f01e-0092-551e-cabd55000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7f397f14ad753825-FRA
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/4eae42b1/www-widgetapi.vflset/	204 KB 63 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/4eae42b1/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7425038d7ecfec6a8a0149f3e72f22c31410f1ab3424874d36d16d0675a59f01 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 15:37:03 GMT content-encoding br x-content-type-options nosniff age 6899 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64309 x-xss-protection 0 last-modified Mon, 07 Aug 2023 01:46:56 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 07 Aug 2024 15:37:03 GMT
GET H2	200	style.css Show response cdn.equalweb.com/style/	18 KB 4 KB	128ms 127ms	Fetch text/css	2606:4700:20::681a:c5f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.equalweb.com/style/style.css Requested by Host: cdn.equalweb.com URL: https://cdn.equalweb.com/core/4.5.6/accessibility.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 540833d3477dbdd8bb1d2dc87e55788106f77a3b076139fae4afa792e1383592 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br x-xss-protection 1; mode=block last-modified Wed, 22 Mar 2023 11:12:03 GMT server cloudflare etag W/"80833021af5cd91:0" vary Accept-Encoding access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcDP3AEAaCPxmMSYvwt15xqbtgbUAAmnWdWv1wELsX90Hex%2BCh%2BbgJJ%2BBF5dXk3ZWVOQ0ce59e%2BWnTsOtQn34bBUiNSW%2BMMnGzN7%2FmbW%2BY9CUsvXkEHdpT3VWEWl9IMYJazpjHRctoeRq0YWn54%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=2204800 access-control-allow-credentials true x-frame-options deny x-client-country DE cf-ray 7f397f14d8a44d76-FRA
GET H2	200	btncolor.css Show response cdn.equalweb.com/style/	105 B 427 B	122ms 121ms	Fetch text/css	2606:4700:20::681a:c5f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.equalweb.com/style/btncolor.css Requested by Host: cdn.equalweb.com URL: https://cdn.equalweb.com/core/4.5.6/accessibility.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br x-xss-protection 1; mode=block last-modified Mon, 11 Feb 2019 11:16:31 GMT server cloudflare etag W/"3f26cd3dfbc1d41:0" vary Accept-Encoding access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ac9uw3whSPN1jtm%2FJP8DNWgHBDT1gHFgOG5RIhMYgvc3k%2FVf4QgUIxHoc8S1zewnZ55HfTAWh7tovYkmT8I5v%2Fibpjd97Qu7t2UOb89Jzxj6kyjcCnbjqujGtCZmXRg3HMkFQi7ilORt6Vc11wQ%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=2204800 access-control-allow-credentials true x-frame-options deny x-client-country DE cf-ray 7f397f14d8a64d76-FRA
GET H2	200	en.json Show response cdn.equalweb.com/assets/locale/	810 B 722 B	117ms 116ms	Fetch application/json	2606:4700:20::681a:c5f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.equalweb.com/assets/locale/en.json Requested by Host: cdn.equalweb.com URL: https://cdn.equalweb.com/core/4.5.6/accessibility.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a59881aae83948c79aad351b6c2b206f08360449c9a47e725f4523b57c5d5e4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br x-xss-protection 1; mode=block last-modified Tue, 15 Jun 2021 15:40:09 GMT server cloudflare etag W/"f45920b9fc61d71:0" x-frame-options deny access-control-allow-methods GET content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILDFho0ivp24b2f8RHo%2FOHBeNVkOJMrjU29WggYQenvh4hlxtZICfspA1ZAJ%2BvM%2Fj1Ud2gmtRb6uL%2F4DGjwWXJ4j0K%2BVxWdQ0ZH0kPkBRZl75kQdk5vKIQOeGHJ2S%2BcHs1Vojwd0Qp9flhSvaJE%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=2204800 access-control-allow-credentials true x-client-country DE cf-ray 7f397f14d8a84d76-FRA
GET H2	200	classManager.js Show response cdn.equalweb.com/assets/scripts/	2 KB 1 KB	129ms 48ms	Script application/javascript	2606:4700:20::681a:c5f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.equalweb.com/assets/scripts/classManager.js Requested by Host: cdn.equalweb.com URL: https://cdn.equalweb.com/core/4.5.6/accessibility.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c44807e1acc8b251dd6efbb1591b270a5db8c34c3387aba9e7ede28a707204b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:02 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1830851 content-encoding br x-xss-protection 1; mode=block last-modified Mon, 22 May 2023 09:07:38 GMT server cloudflare etag W/"aec317db8c8cd91:0" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McHfzZ1L%2FQ7BKvPw5TaR7altQMoqwOhnGFIx8l3ctaLqwNXgPJHoIMDq4qCZ71bNWdvM6CCmGxOm2SUp%2B0YOE9G2eLUYP59ncuKwpPenovwBU745tvizLJvfB8irg00yd390BKDkjBldx7n%2FTA8%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=2204800 access-control-allow-credentials true x-frame-options deny x-client-country DE cf-ray 7f397f155c271c07-FRA
GET H2	200	12.svg Show response cdn.equalweb.com/assets/images/	1 KB 1 KB	328ms 327ms	Fetch image/svg+xml	2606:4700:20::681a:c5f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.equalweb.com/assets/images/12.svg Requested by Host: cdn.equalweb.com URL: https://cdn.equalweb.com/core/4.5.6/accessibility.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c5f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 096445a133351250ccc5022b431003788dee83ec7da1ff1e94e004c22c0a7c97 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:03 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br x-xss-protection 1; mode=block last-modified Mon, 05 Aug 2019 08:34:52 GMT server cloudflare etag W/"8969fa6684bd51:0" x-frame-options deny access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gX11QLTlphqaEKkGG3t5pC%2Fp4x3zZ8LzfVf1as%2BhB5Ync5%2Fn118Jsk6uu0C%2FjyprDZE4ixo6w6DqLuZ2d9Y4VLytl2VQS2p6P4WmaUC3asV%2F3fshdMOutdEeEKtfKff2cTCr0Gp8IskuetalDcY%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=2204800 access-control-allow-credentials true vary Accept-Encoding x-client-country DE cf-ray 7f397f15a9844d76-FRA
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	315ms 38ms	Script text/javascript	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTXQQLZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 08 Aug 2023 15:44:23 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 6461 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 08 Aug 2023 17:44:23 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	259 KB 87 KB	60ms 59ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-5VEVQ8DLCR&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTXQQLZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d9cdbcd9e7c930428b2a9c2f6582893cc5b2f5704da75e86db1b7718b5acadc9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:04 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 88775 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 08 Aug 2023 17:32:04 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 261 B	210ms 51ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-5VEVQ8DLCR&gtm=45je3820&_p=1254756014&_gaz=1&cid=336518249.1691515924&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691515924&sct=1&seg=0&dl=https%3A%2F%2Fadm.freedome-gameplay.sbs%2F&dt=MSF%20-%20M%C3%A9decins%20Sans%20Fronti%C3%A8res%20%7C%20Medical%20humanitarian%20organisation&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5VEVQ8DLCR&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Tue, 08 Aug 2023 17:32:04 GMT server Golfe2 content-type text/plain access-control-allow-origin https://adm.freedome-gameplay.sbs cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 261 B	211ms 52ms	Ping text/plain	2a00:1450:400c:c0c::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5VEVQ8DLCR&cid=336518249.1691515924&gtm=45je3820&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5VEVQ8DLCR&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Tue, 08 Aug 2023 17:32:04 GMT server Golfe2 content-type text/plain access-control-allow-origin https://adm.freedome-gameplay.sbs cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	218ms 63ms	Image image/gif	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5VEVQ8DLCR&cid=336518249.1691515924&gtm=45je3820&aip=1&z=1918560601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers pragma no-cache date Tue, 08 Aug 2023 17:32:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 216 B	47ms 46ms	XHR text/plain	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1254756014&t=pageview&_s=1&dl=https%3A%2F%2Fadm.freedome-gameplay.sbs%2F&ul=en-us&de=UTF-8&dt=MSF%20-%20M%C3%A9decins%20Sans%20Fronti%C3%A8res%20%7C%20Medical%20humanitarian%20organisation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAACAAI~&jid=1550940566&gjid=1611776433&cid=336518249.1691515924&tid=UA-25404418-8&_gid=1795700485.1691515925&_r=1&_slc=1&gtm=45He3820n81WTXQQLZ&cg4=home&cd6=en&z=126186135 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://adm.freedome-gameplay.sbs/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 08 Aug 2023 17:32:04 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://adm.freedome-gameplay.sbs cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 148 B	49ms 49ms	XHR text/plain	2a00:1450:400c:c0c::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-25404418-8&cid=336518249.1691515924&jid=1550940566&gjid=1611776433&_gid=1795700485.1691515925&_u=YCDACAAABAAAACAAI~&z=1096221434 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://adm.freedome-gameplay.sbs/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Tue, 08 Aug 2023 17:32:04 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://adm.freedome-gameplay.sbs cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	wonderpush.min.js Show response cdn.by.wonderpush.com/sdk/1.1.33.35/	375 KB 90 KB	49ms 48ms	Script application/javascript	2606:4700::6812:13b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.by.wonderpush.com/sdk/1.1.33.35/wonderpush.min.js Requested by Host: cdn.by.wonderpush.com URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39a0285f1da91c89dd5a03af361035927ec75446d50238fcdf66617eb85578c6 Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:05 GMT content-encoding gzip via 1.1 9ed795ea7207c9add01c8c2ab17d8298.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop DUS51-C1 age 4938427 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 92272 last-modified Mon, 12 Jun 2023 13:44:42 GMT server cloudflare etag "5cdf800b2cc35d16bee675fc20076188ed6e" access-control-max-age 86400 access-control-allow-methods HEAD, GET content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000 vary Accept-Encoding accept-ranges bytes cf-ray 7f397f25cbf25b92-FRA x-amz-cf-id rHzkVhZ9oMeb3QMZXu4IsI_rHJTHaX9fh4Y78Y6balRKm5U1RhGEVg==
GET H3	200	d5446e1f2ab04c08f18eacc63334ad5b69f9605bf0890405ef5f3f5373548ebc Show response cdn.by.wonderpush.com/config/webkeys/	5 KB 2 KB	137ms 53ms	Fetch application/json	2606:4700::6812:13b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.by.wonderpush.com/config/webkeys/d5446e1f2ab04c08f18eacc63334ad5b69f9605bf0890405ef5f3f5373548ebc?_=1691515925535 Requested by Host: cdn.by.wonderpush.com URL: https://cdn.by.wonderpush.com/sdk/1.1.33.35/wonderpush.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 30638d5afe9980a02d61b706e445883bace6c1316e1dde9ed3895cc2faa1f340 Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:05 GMT content-encoding gzip via 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA56-P2 age 1351 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 1490 last-modified Wed, 31 May 2023 17:39:56 GMT server cloudflare etag "5681b03860b6eb9341cf003d74d76a45ed6e" access-control-max-age 86400 access-control-allow-methods HEAD, GET content-type application/json access-control-allow-origin * cache-control max-age=3600 vary Accept-Encoding accept-ranges bytes cf-ray 7f397f27394a3606-FRA x-amz-cf-id DQuLuUgZCuS6hnBqaPg21Ir9CfB7jdd9ChHv3z886Bb1nJARWtY_Ng==
GET H3	200	inappmessaging.min.js Show response cdn.by.wonderpush.com/sdk/1.1.33.35/	95 KB 21 KB	60ms 60ms	Script application/javascript	2606:4700::6812:13b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.by.wonderpush.com/sdk/1.1.33.35/inappmessaging.min.js Requested by Host: cdn.by.wonderpush.com URL: https://cdn.by.wonderpush.com/sdk/1.1.33.35/wonderpush.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d9aeb08ee74f9885ebc7537f561cd5006292d60aaa1ec1e737c31c4ca58aad2c Request headers accept-language de-DE,de;q=0.9 Referer https://adm.freedome-gameplay.sbs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:05 GMT content-encoding gzip via 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA56-P2 age 4938416 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 20696 last-modified Mon, 12 Jun 2023 13:44:37 GMT server cloudflare etag "58acb3a0da56970b25369d56cc4dc0ceed6e" access-control-max-age 86400 access-control-allow-methods HEAD, GET content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000 vary Accept-Encoding accept-ranges bytes cf-ray 7f397f27bc919219-FRA x-amz-cf-id cw_5Gn47iXrvAKXZcE2pdEvsKULgoIJ78_CmJzJSTpd9H8HN3kBasA==
GET H2	200	wonderpush.min.html Show response www.msf.org/ Frame 1494	594 B 460 B	213ms 98ms	Document text/html	2606:4700:10::6816:fcc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.msf.org/wonderpush.min.html Requested by Host: cdn.by.wonderpush.com URL: https://cdn.by.wonderpush.com/sdk/1.1.33.35/wonderpush.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:fcc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 218893b02d5b5276f0a1789f8adf50971a2c12f7d7b61f730f0419f520a86d46 Request headers Referer https://adm.freedome-gameplay.sbs/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 7f397f290d4418f1-FRA content-encoding br content-type text/html date Tue, 08 Aug 2023 17:32:05 GMT last-modified Tue, 25 Jul 2023 11:08:39 GMT server cloudflare
GET H3	200	wonderpush-loader.min.js Show response cdn.by.wonderpush.com/sdk/1.1/ Frame 1494	2 KB 1 KB	46ms 46ms	Script application/javascript	2606:4700::6812:13b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js Requested by Host: www.msf.org URL: https://www.msf.org/wonderpush.min.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35fed1adae6f95e2953675d963886570c6d0bcbd118a78be38aa347765d41c70 Request headers accept-language de-DE,de;q=0.9 Referer https://www.msf.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:06 GMT content-encoding gzip via 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA56-P2 age 2805 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 872 last-modified Mon, 12 Jun 2023 13:44:46 GMT server cloudflare etag "40d92303d87d80a273f16f182bcf6c30ed6e" access-control-max-age 86400 access-control-allow-methods HEAD, GET content-type application/javascript access-control-allow-origin * cache-control public,max-age=3600 vary Accept-Encoding accept-ranges bytes cf-ray 7f397f29bf7a9219-FRA x-amz-cf-id 6ZzpuorK7LJfAt1Vu8I1kAf2AL3ITyF2AicoFe4bY7DTLgdc3ux8Jg==
GET H3	200	wonderpush.min.js Show response cdn.by.wonderpush.com/sdk/1.1.33.35/ Frame 1494	375 KB 91 KB	47ms 47ms	Script application/javascript	2606:4700::6812:13b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.by.wonderpush.com/sdk/1.1.33.35/wonderpush.min.js Requested by Host: cdn.by.wonderpush.com URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39a0285f1da91c89dd5a03af361035927ec75446d50238fcdf66617eb85578c6 Request headers accept-language de-DE,de;q=0.9 Referer https://www.msf.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:06 GMT content-encoding gzip via 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA56-P2 age 4938427 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 92272 last-modified Mon, 12 Jun 2023 13:44:42 GMT server cloudflare etag "5cdf800b2cc35d16bee675fc20076188ed6e" access-control-max-age 86400 access-control-allow-methods HEAD, GET content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000 vary Accept-Encoding accept-ranges bytes cf-ray 7f397f2a08499219-FRA x-amz-cf-id eEwF-7qjRUMMvAW9Cke4oJHkmzFibG5H1FAVh3PMeLYHjQB_4gQsPQ==
GET H3	200	d5446e1f2ab04c08f18eacc63334ad5b69f9605bf0890405ef5f3f5373548ebc Show response cdn.by.wonderpush.com/config/webkeys/ Frame 1494	5 KB 2 KB	46ms 46ms	Fetch application/json	2606:4700::6812:13b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.by.wonderpush.com/config/webkeys/d5446e1f2ab04c08f18eacc63334ad5b69f9605bf0890405ef5f3f5373548ebc?_=1691515926328 Requested by Host: cdn.by.wonderpush.com URL: https://cdn.by.wonderpush.com/sdk/1.1.33.35/wonderpush.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 30638d5afe9980a02d61b706e445883bace6c1316e1dde9ed3895cc2faa1f340 Request headers accept-language de-DE,de;q=0.9 Referer https://www.msf.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:06 GMT content-encoding gzip via 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA56-P2 age 1352 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 1490 last-modified Wed, 31 May 2023 17:39:56 GMT server cloudflare etag "5681b03860b6eb9341cf003d74d76a45ed6e" access-control-max-age 86400 access-control-allow-methods HEAD, GET content-type application/json access-control-allow-origin * cache-control max-age=3600 vary Accept-Encoding accept-ranges bytes cf-ray 7f397f2ba8183606-FRA x-amz-cf-id DQuLuUgZCuS6hnBqaPg21Ir9CfB7jdd9ChHv3z886Bb1nJARWtY_Ng==
GET H3	200	inappmessaging.min.js Show response cdn.by.wonderpush.com/sdk/1.1.33.35/ Frame 1494	95 KB 21 KB	57ms 57ms	Script application/javascript	2606:4700::6812:13b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.by.wonderpush.com/sdk/1.1.33.35/inappmessaging.min.js Requested by Host: cdn.by.wonderpush.com URL: https://cdn.by.wonderpush.com/sdk/1.1.33.35/wonderpush.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d9aeb08ee74f9885ebc7537f561cd5006292d60aaa1ec1e737c31c4ca58aad2c Request headers accept-language de-DE,de;q=0.9 Referer https://www.msf.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 08 Aug 2023 17:32:06 GMT content-encoding gzip via 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA56-P2 age 4938417 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 20696 last-modified Mon, 12 Jun 2023 13:44:37 GMT server cloudflare etag "58acb3a0da56970b25369d56cc4dc0ceed6e" access-control-max-age 86400 access-control-allow-methods HEAD, GET content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000 vary Accept-Encoding accept-ranges bytes cf-ray 7f397f2bfb889219-FRA x-amz-cf-id cw_5Gn47iXrvAKXZcE2pdEvsKULgoIJ78_CmJzJSTpd9H8HN3kBasA==
POST H2	202	events Show response measurements-api.wonderpush.com/v1/ Frame 1494	94 B 269 B	168ms 76ms	XHR application/json	2001:4860:4802:32::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://measurements-api.wonderpush.com/v1/events Requested by Host: cdn.by.wonderpush.com URL: https://cdn.by.wonderpush.com/sdk/1.1.33.35/wonderpush.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash f16bcb517d67d83661f16f2f896cecc969cd5beea1867d06be28fe6e707fcec8 Request headers Referer https://www.msf.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin https://www.msf.org x-cloud-trace-context 5bdfb1381e30d4dfcf6d9c134c92a4ad date Tue, 08 Aug 2023 17:32:06 GMT access-control-allow-credentials true server Google Frontend content-length 94 content-type application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

img.msf.org

URL

https://img.msf.org/AssetLink/11ya25q3l62g2c683337382503i44t47.jpg

Domain

img.msf.org

URL

https://img.msf.org/AssetLink/220j3k64f8n4oibjcuw4yvmfxtw80r8b.jpg