www.msf.org Open in urlscan Pro
172.67.13.134 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://msf.org/
Effective URL:
https://www.msf.org/
Submission: On December 15 via api (December 15th 2024, 5:22:59 pm UTC) from US — Scanned from CA

Summary HTTP 64 Redirects Links 72 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 64 HTTP transactions. The main IP is 172.67.13.134, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.msf.org.
TLS certificate: Issued by Gandi RSA Domain Validation Secure Se... on December 10th 2024. Valid for: a year.

This is the only time www.msf.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 42	172.67.13.134 172.67.13.134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.74.105 172.67.74.105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.222.97 172.217.222.97	15169 (GOOGLE) (GOOGLE)
1	34.226.108.155 34.226.108.155	14618 (AMAZON-AES) (AMAZON-AES)
3	148.251.96.221 148.251.96.221	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
2	172.217.197.136 172.217.197.136	15169 (GOOGLE) (GOOGLE)
1	148.251.96.239 148.251.96.239	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1	18.160.41.53 18.160.41.53	16509 (AMAZON-02) (AMAZON-02)
4	104.18.18.183 104.18.18.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
1	3.167.56.26 3.167.56.26	16509 (AMAZON-02) (AMAZON-02)
2	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
1	216.239.34.21 216.239.34.21	15169 (GOOGLE) (GOOGLE)
64	14

42 172.67.13.134 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

msf.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.msf.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.msf.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.74.105 (United States)

ASN13335 (CLOUDFLARENET, US)

cache.consentframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
choices.consentframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.222.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.226.108.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-108-155.compute-1.amazonaws.com

eu.httpbin.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 148.251.96.221 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: hetzner-prod.ipsfailover.com

api.consentframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.analytics-helper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.197.136 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f136.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.96.239 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: hetzner-prod.ipsfailover.com

tag.analytics-helper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.41.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-53.iad55.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.183 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.by.wonderpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.56.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-56-26.iad61.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net

measurements-api.wonderpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	msf.org 2 redirects msf.org — Cisco Umbrella Rank: 444956 www.msf.org img.msf.org	3 MB
5	wonderpush.com cdn.by.wonderpush.com — Cisco Umbrella Rank: 50807 measurements-api.wonderpush.com — Cisco Umbrella Rank: 45998	115 KB
3	analytics-helper.com tag.analytics-helper.com — Cisco Umbrella Rank: 613989 event.analytics-helper.com — Cisco Umbrella Rank: 392655	32 KB
3	consentframework.com cache.consentframework.com — Cisco Umbrella Rank: 36540 choices.consentframework.com — Cisco Umbrella Rank: 38496 api.consentframework.com — Cisco Umbrella Rank: 35112	174 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	82 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 888 script.hotjar.com — Cisco Umbrella Rank: 1185	62 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	12 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	224 KB
1	httpbin.org eu.httpbin.org — Cisco Umbrella Rank: 194420	100 KB
64	10

	Domain	Requested by
22	www.msf.org	1 redirects www.msf.org
19	img.msf.org	www.msf.org
4	cdn.by.wonderpush.com	www.googletagmanager.com cdn.by.wonderpush.com
2	event.analytics-helper.com	www.googletagmanager.com
2	www.facebook.com	www.msf.org
2	connect.facebook.net	www.msf.org connect.facebook.net
2	www.youtube.com	www.msf.org www.youtube.com
2	www.googletagmanager.com	www.msf.org www.googletagmanager.com
1	measurements-api.wonderpush.com	cdn.by.wonderpush.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	tag.analytics-helper.com	www.googletagmanager.com
1	api.consentframework.com	choices.consentframework.com
1	eu.httpbin.org	www.msf.org
1	choices.consentframework.com	www.msf.org
1	cache.consentframework.com	www.msf.org
1	msf.org	1 redirects
64	17

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.instagram.com
www.linkedin.com
www.tiktok.com
www.msf.org.ar
www.msf.org.au
www.aerzte-ohne-grenzen.at
www.msf-azg.be
www.msf.org.br
www.doctorswithoutborders.ca
msf.org.cn
www.msf.org.co
www.lekari-bez-hranic.cz
msf.dk
msf.or.ke
laakaritilmanrajoja.fi
www.msf.fr
www.aerzte-ohne-grenzen.de
www.msf.gr
www.artsenzondergrenzen.nl
msf.hk
www.msfindia.in
doctorswithoutborders-apac.org
www.msf.ie
www.medicisenzafrontiere.it
www.msf.or.jp
msf-lebanon.org
msf.lu
www.msf.mx
www.msf.org.nz
www.legerutengrenser.no
msf.rozee.pk
lekarze-bez-granic.pl
ru.msf.org
www.msf.org.za
www.msf.or.kr
www.msf.es
www.lakareutangranser.se
www.msf.ch
www.msf.org.tw
sinirtanimayandoktorlar.org
www.msf-me.org
www.msf.org.uk
www.msf.org.uy
www.doctorswithoutborders.org
www.msfaccess.org
www.msf-crash.org
www.msf-ureph.ch
arhp.msf.es
msf-analysis.org
www.msfsupply.be
www.msflogistique.org
medicalguidelines.msf.org
www.epicentre.msf.org
evaluation.msf.org
benchmarking.msf.org
academy.msf.org
guide-humanitarian-law.org
paediatrics.msf.org
fondation.msf.fr
www.dndi.org
scienceportal.msf.org
noma.msf.org
msf-transformation.org
telemedhub.org
msf-siu.org

Subject Issuer	Validity	Valid
msf.org Gandi RSA Domain Validation Secure Server CA 3	`2024-12-10` - `2025-12-23`	a year	crt.sh
consentframework.com WE1	`2024-11-14` - `2025-02-12`	3 months	crt.sh
img.msf.org WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
httpbin.org Amazon RSA 2048 M02	`2024-08-20` - `2025-09-17`	a year	crt.sh
*.consentframework.com RapidSSL TLS RSA CA G1	`2024-02-19` - `2025-03-20`	a year	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.analytics-helper.com RapidSSL TLS RSA CA G1	`2024-02-19` - `2025-03-20`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
wonderpush.com WE1	`2024-11-17` - `2025-02-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-23` - `2024-12-22`	3 months	crt.sh
measurements-api.wonderpush.com WR3	`2024-11-14` - `2025-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.msf.org/
Frame ID: FE593656465EEB85E667FFB45DA88E37
Requests: 67 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MSF - Médecins Sans Frontières | Medical humanitarian organisation

Page URL History Show full URLs

http://msf.org/ HTTP 307
https://msf.org/ HTTP 301
https://www.msf.org/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

64
Requests

95 %
HTTPS

0 %
IPv6

10
Domains

17
Subdomains

14
IPs

3
Countries

3765 kB
Transfer

9239 kB
Size

9
Cookies

72 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/msf
Title: X

Search URL Search Domain Scan URL

URL: https://www.facebook.com/msfinternational/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/doctorswithoutborders/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/m-decins-sans-fronti-res-msf-/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@doctorswithoutborders

Search URL Search Domain Scan URL

URL: https://www.msf.org.ar/
Title: Argentina

Search URL Search Domain Scan URL

URL: https://www.msf.org.au/
Title: Australia

Search URL Search Domain Scan URL

URL: https://www.aerzte-ohne-grenzen.at/
Title: Austria

Search URL Search Domain Scan URL

URL: https://www.msf-azg.be/
Title: Belgium

Search URL Search Domain Scan URL

URL: https://www.msf.org.br/
Title: Brazil

Search URL Search Domain Scan URL

URL: https://www.doctorswithoutborders.ca/
Title: Canada

Search URL Search Domain Scan URL

URL: https://msf.org.cn/
Title: China

Search URL Search Domain Scan URL

URL: https://www.msf.org.co/
Title: Colombia

Search URL Search Domain Scan URL

URL: https://www.lekari-bez-hranic.cz/
Title: Czech Republic

Search URL Search Domain Scan URL

URL: https://msf.dk/
Title: Denmark

Search URL Search Domain Scan URL

URL: https://msf.or.ke/en
Title: Eastern Africa

Search URL Search Domain Scan URL

URL: https://laakaritilmanrajoja.fi/
Title: Finland

Search URL Search Domain Scan URL

URL: https://www.msf.fr/
Title: France

Search URL Search Domain Scan URL

URL: https://www.aerzte-ohne-grenzen.de/
Title: Germany

Search URL Search Domain Scan URL

URL: https://www.msf.gr/
Title: Greece

Search URL Search Domain Scan URL

URL: https://www.artsenzondergrenzen.nl/
Title: Holland

Search URL Search Domain Scan URL

URL: https://msf.hk/
Title: Hong Kong

Search URL Search Domain Scan URL

URL: https://www.msfindia.in/
Title: India

Search URL Search Domain Scan URL

URL: https://doctorswithoutborders-apac.org/
Title: Indonesia

Search URL Search Domain Scan URL

URL: https://www.msf.ie/
Title: Ireland

Search URL Search Domain Scan URL

URL: https://www.medicisenzafrontiere.it/
Title: Italy

Search URL Search Domain Scan URL

URL: https://www.msf.or.jp/
Title: Japan

Search URL Search Domain Scan URL

URL: https://msf-lebanon.org/
Title: Lebanon

Search URL Search Domain Scan URL

URL: https://msf.lu/
Title: Luxembourg

Search URL Search Domain Scan URL

URL: https://www.msf.mx/
Title: Mexico

Search URL Search Domain Scan URL

URL: http://www.msf.org.nz/
Title: New Zealand

Search URL Search Domain Scan URL

URL: https://www.legerutengrenser.no/
Title: Norway

Search URL Search Domain Scan URL

URL: http://msf.rozee.pk/
Title: Pakistan

Search URL Search Domain Scan URL

URL: https://lekarze-bez-granic.pl/
Title: Poland

Search URL Search Domain Scan URL

URL: http://ru.msf.org/
Title: Russian Federation

Search URL Search Domain Scan URL

URL: https://www.msf.org.za/
Title: Southern Africa

Search URL Search Domain Scan URL

URL: https://www.msf.or.kr/
Title: South Korea

Search URL Search Domain Scan URL

URL: https://www.msf.es/
Title: Spain

Search URL Search Domain Scan URL

URL: https://www.lakareutangranser.se/
Title: Sweden

Search URL Search Domain Scan URL

URL: https://www.msf.ch/
Title: Switzerland

Search URL Search Domain Scan URL

URL: https://www.msf.org.tw/
Title: Taiwan

Search URL Search Domain Scan URL

URL: http://sinirtanimayandoktorlar.org/
Title: Turkey

Search URL Search Domain Scan URL

URL: https://www.msf-me.org/
Title: UAE

Search URL Search Domain Scan URL

URL: https://www.msf.org.uk/
Title: UK

Search URL Search Domain Scan URL

URL: https://www.msf.org.uy/
Title: Uruguay

Search URL Search Domain Scan URL

URL: https://www.doctorswithoutborders.org/
Title: USA

Search URL Search Domain Scan URL

URL: https://www.msfaccess.org/
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: https://www.msf-crash.org/en
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: http://www.msf-ureph.ch/en
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: https://arhp.msf.es/
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: http://msf-analysis.org/
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: https://www.msfsupply.be/
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: https://www.msflogistique.org/
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: https://www.artsenzondergrenzen.nl/content/msf-supply-logistics
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: http://www.msf.org.br/unidade-medica-no-brasil
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: https://medicalguidelines.msf.org/
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: http://www.epicentre.msf.org/
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: http://evaluation.msf.org/
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: https://msf.lu/en/operational-research/who-we-are
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: https://benchmarking.msf.org/
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: https://academy.msf.org/
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: http://guide-humanitarian-law.org/content/index/
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: https://paediatrics.msf.org/
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: https://fondation.msf.fr/en
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: http://www.dndi.org/
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: https://scienceportal.msf.org/
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: https://noma.msf.org/
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: https://msf-transformation.org/
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: https://telemedhub.org/
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: https://msf-siu.org/
Title: GO TO SITE

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.msf.org/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.msf.org%2F&text=Homepage%20via%20@msf
Title: X

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://msf.org/ HTTP 307
https://msf.org/ HTTP 301
https://www.msf.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://www.msf.org/api/map/contacts/ HTTP 301
https://www.msf.org/api/map/contacts

64 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.msf.org/
Redirect Chain

http://msf.org/
https://msf.org/
https://www.msf.org/

1 MB
270 KB

500ms
499ms

Document
text/html

172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b6f98cbed102610dec362f3f811ae8f87d3ddb4b95400c1da8277f1291b3572

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 6046
cache-control: max-age=900, public
cf-cache-status: DYNAMIC
cf-ray: 8f281e2face6ab72-YYZ
content-encoding: br
content-language: en
content-type: text/html; charset=UTF-8
date: Sun, 15 Dec 2024 17:22:49 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Sun, 15 Dec 2024 15:42:01 GMT
purge-cache-tags: config:block_list config:block.block.msf_footer_string config:block.block.msffooter config:block.block.msfminisitefooter config:block.block.msfsearchsuggestion config:block.block.msfheader config:block.block.msfminisiteheader config:extlink.settings block_view config:system.menu.footer config:system.menu.footer-social config:system.menu.footer-legal config:msf_navigation.financial_impact_settings block_list node:47599 node_view paragraph_view paragraph:186586 config:paragraphs.settings config:image.style.image_desktop file:62126 paragraph:250691 paragraph:34661 taxonomy_term_view taxonomy_term:4386 taxonomy_term:6331 taxonomy_term:4381 taxonomy_term:6573 taxonomy_term:4351 taxonomy_term:6593 paragraph:34651 config:views.view.solr_content config:search_api.index.solr_index search_api_list:solr_index node:49576 user:143957 node:49577 node:49568 user:135259 node:49580 node:49581 node:49582 user:143986 node:49589 node:49590 node:49591 user:571 node:49592 paragraph:186581 config:filter.format.simple_html paragraph:34646 paragraph:186496 paragraph:299189 paragraph:80366 paragraph:305336 paragraph:198501 paragraph:261226 user:1 local_task media:123348 config:system.menu.main config:system.menu.main-top node:46886 node:41596 paragraph:327635 paragraph:327634 paragraph:327633 paragraph:327632 paragraph:327631 paragraph:175976 paragraph:175981 paragraph:260573 paragraph:175956 paragraph:266893 paragraph:259791 paragraph:175961 paragraph:316611 paragraph:175951 paragraph:175971 paragraph:175941 paragraph:175936 paragraph:175921 paragraph:175916 paragraph:175911 paragraph:175906 paragraph:175901 paragraph:169191 paragraph:169186 paragraph:169176 paragraph:138501 node:40211 paragraph:64031 paragraph:64026 paragraph:64021 paragraph:64016 paragraph:64011 paragraph:64036 paragraph:64041 user:71 node:39541 paragraph:291490 file:66602 paragraph:49836 file:66601 paragraph:55201 file:66600 paragraph:291494 paragraph:49841 node:39741 paragraph:55356 paragraph:55351 paragraph:49806 paragraph:55346 paragraph:49811 media:122364 rendered page_manager_route_name:msf_system.default_page_homepage http_response config:user.role.anonymous
server: cloudflare
vary: Cookie, Accept-Encoding
via: 1.1 varnish (Varnish/6.0)
x-cache-ttl-remaining
x-content-type-options: nosniff
x-drupal-cache: MISS
x-drupal-dynamic-cache: UNCACHEABLE
x-frame-options: SAMEORIGIN
x-generator: Drupal 10 (https://www.drupal.org)
x-host: www.msf.org
x-url: /
x-varnish: 69436783 69243511
x-varnish-cache: HIT
x-varnish-cache-hits: 1175
x-varnish-clientip: 127.0.0.1
x-varnish-grace: none
x-varnish-methodreq: GET

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8f281e2d2aaeab72-YYZ
content-type: text/html
date: Sun, 15 Dec 2024 17:22:48 GMT
location: https://www.msf.org/
server: cloudflare

GET
H2 200 stub Show response
cache.consentframework.com/js/pa/35212/c/UcKKO/ 3 KB
2 KB 762ms
57ms Script
text/javascript 172.67.74.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cache.consentframework.com/js/pa/35212/c/UcKKO/stub

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.105 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

836da9298d3b2ed24a439c1bf3fd0e58be408423bf8feb2e7bbbac6cf8b15ff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 1013
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hsuqOLkXHFzINrWQCz2TNfpza%2FISLptTFXlAn8cMCQb1%2BwEn44M%2Bc3BrNT2OuS79S5sTQZbjLIHT0A%2FsWd%2Fff6%2Bh3wFmpmrIHWyC1bb0TF6y%2BOG6ea39PWMe6AZikOpxv%2BBRddmBKB7raO3e"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST,OPTIONS
server-timing: cfL4;desc="?proto=TCP&rtt=3270&min_rtt=3029&rtt_var=1051&sent=7&recv=7&lost=0&retrans=0&sent_bytes=4027&recv_bytes=2237&delivery_rate=1414271&cwnd=253&unsent_bytes=0&cid=11f1c95dc8f5e7cf&ts=262&x=0"
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Sun, 15 Dec 2024 17:05:57 GMT
vary: Accept-Encoding
access-control-allow-headers: Content-Type
strict-transport-security: max-age=15724800; includeSubDomains; preload
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f281e374b68a247-YYZ
server: cloudflare

GET
H2 200 cmp Show response
choices.consentframework.com/js/pa/35212/c/UcKKO/ 617 KB
171 KB 767ms
58ms Script
text/javascript 172.67.74.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.consentframework.com/js/pa/35212/c/UcKKO/cmp

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.105 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

624f57f36a82c952da06b37f0ab7c7fc162747ed328895c62e0716f999b2159a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 1013
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=82v8uEkk3y%2B%2BBrbU1jhdItt44gqFgzIftlmgOE%2BIr9dwT5KMxyti86fEfEOIKnq5QajSW8vpxJQQ87%2BBSkGCvjC2P0NOlHcMiOeDbPDTDu7sAnBP6PilqB4Gr75g4Cxk%2BaTu%2FuqykXoiufw7yxk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,POST,OPTIONS
server-timing: cfL4;desc="?proto=TCP&rtt=2945&min_rtt=2927&rtt_var=838&sent=6&recv=7&lost=0&retrans=0&sent_bytes=4028&recv_bytes=2196&delivery_rate=1493351&cwnd=253&unsent_bytes=0&cid=0d88ace68e6ee7e6&ts=261&x=0"
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: text/javascript; charset=UTF-8
last-modified: Sun, 15 Dec 2024 17:05:57 GMT
vary: Accept-Encoding
access-control-allow-headers: Content-Type
strict-transport-security: max-age=15724800; includeSubDomains; preload
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f281e375e11a1ff-YYZ
server: cloudflare

GET
H2 200 css_xvZby8IubJNGF3_-gFEXHyJmidwPq_6K8fE853Bv1U8.css
www.msf.org/sites/default/files/css/ 4 KB
2 KB 381ms
378ms Stylesheet
text/css 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.msf.org/sites/default/files/css/css_xvZby8IubJNGF3_-gFEXHyJmidwPq_6K8fE853Bv1U8.css?delta=0&language=en&theme=msf_theme&include=eJxlj2tuxDAIhC8UkiNVJCa2FdtYgPdx-7qrVsuqf5D4ZhgN-lSjuu2otFQ9vyxRpS0W3rE4wI1MhtpCDyu5XVuQ0bGsv6tznsxGAmqSW_zHl46CUbAn_Yt4k3W0PvaSNVFwl5VCRtiF8JoBb57byWCzAeyFD9_hQPEBWnKYZeAHw4y35ZbprttrrpXDKP75gkZqcHAzauaExJU6RoKK3X9GaEMoQMfjmrKTLnrCmeNU1dGGN8gN-qc3kfCn6RtELZ9F
Requested by: Host: www.msf.org
URL: https://www.msf.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db78a0ddb184481cf48a8e6dd6e9a0f45b4d76d4a47f93e54283f624f8b43137

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

x-varnish-cache: MISS
content-encoding: gzip
x-host: www.msf.org
etag: W/"675c1028-eb4"
cf-cache-status: REVALIDATED
x-url: /sites/default/files/css/css_xvZby8IubJNGF3_-gFEXHyJmidwPq_6K8fE853Bv1U8.css?delta=0&language=en&theme=msf_theme&include=eJxlj2tuxDAIhC8UkiNVJCa2FdtYgPdx-7qrVsuqf5D4ZhgN-lSjuu2otFQ9vyxRpS0W3rE4wI1MhtpCDyu5XVuQ0bGsv6tznsxGAmqSW_zHl46CUbAn_Yt4k3W0PvaSNVFwl5VCRtiF8JoBb57byWCzAeyFD9_hQPEBWnKYZeAHw4y35ZbprttrrpXDKP75gkZqcHAzauaExJU6RoKK3X9GaEMoQMfjmrKTLnrCmeNU1dGGN8gN-qc3kfCn6RtELZ9F
x-varnish: 63414051
date: Sun, 15 Dec 2024 17:22:49 GMT
content-type: text/css
last-modified: Fri, 13 Dec 2024 10:44:56 GMT
vary: Accept-Encoding
x-varnish-grace: none
x-varnish-clientip: 127.0.0.1
cache-control: max-age=1800
via: 1.1 varnish (Varnish/6.0)
cf-ray: 8f281e32efc5ab72-YYZ
x-varnish-methodreq: GET
server: cloudflare

GET
H2 200 css_6pmh35V74l-QoDap6nzb0TaNrw59jp1Srlv-9JeE2QU.css
www.msf.org/sites/default/files/css/ 1 MB
222 KB 389ms
387ms Stylesheet
text/css 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.msf.org/sites/default/files/css/css_6pmh35V74l-QoDap6nzb0TaNrw59jp1Srlv-9JeE2QU.css?delta=1&language=en&theme=msf_theme&include=eJxlj2tuxDAIhC8UkiNVJCa2FdtYgPdx-7qrVsuqf5D4ZhgN-lSjuu2otFQ9vyxRpS0W3rE4wI1MhtpCDyu5XVuQ0bGsv6tznsxGAmqSW_zHl46CUbAn_Yt4k3W0PvaSNVFwl5VCRtiF8JoBb57byWCzAeyFD9_hQPEBWnKYZeAHw4y35ZbprttrrpXDKP75gkZqcHAzauaExJU6RoKK3X9GaEMoQMfjmrKTLnrCmeNU1dGGN8gN-qc3kfCn6RtELZ9F
Requested by: Host: www.msf.org
URL: https://www.msf.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4ab8f2d7b499044ae511e827c078b54e5852b6fa2eda684f73fc211a018c819

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

x-varnish-cache: MISS
content-encoding: gzip
x-host: www.msf.org
etag: W/"675c105b-1119ac"
cf-cache-status: REVALIDATED
x-url: /sites/default/files/css/css_6pmh35V74l-QoDap6nzb0TaNrw59jp1Srlv-9JeE2QU.css?delta=1&language=en&theme=msf_theme&include=eJxlj2tuxDAIhC8UkiNVJCa2FdtYgPdx-7qrVsuqf5D4ZhgN-lSjuu2otFQ9vyxRpS0W3rE4wI1MhtpCDyu5XVuQ0bGsv6tznsxGAmqSW_zHl46CUbAn_Yt4k3W0PvaSNVFwl5VCRtiF8JoBb57byWCzAeyFD9_hQPEBWnKYZeAHw4y35ZbprttrrpXDKP75gkZqcHAzauaExJU6RoKK3X9GaEMoQMfjmrKTLnrCmeNU1dGGN8gN-qc3kfCn6RtELZ9F
x-varnish: 59529851
date: Sun, 15 Dec 2024 17:22:49 GMT
content-type: text/css
last-modified: Fri, 13 Dec 2024 10:45:47 GMT
vary: Accept-Encoding
x-varnish-grace: none
x-varnish-clientip: 127.0.0.1
cache-control: max-age=1800
via: 1.1 varnish (Varnish/6.0)
cf-ray: 8f281e32efc9ab72-YYZ
x-varnish-methodreq: GET
server: cloudflare

GET
H2 200 modernizr.min.js Show response
www.msf.org/themes/custom/msf_theme/dist/vendor/ 6 KB
3 KB 53ms
51ms Script
application/javascript 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.msf.org/themes/custom/msf_theme/dist/vendor/modernizr.min.js
Requested by: Host: www.msf.org
URL: https://www.msf.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 543efa0ab5be1d818632323c8a21ea6376854b336e3ded6d049a657c3bb00e37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

x-varnish-cache: MISS
content-encoding: gzip
x-host: www.msf.org
etag: W/"67582f48-179a"
age: 1163
cf-cache-status: HIT
x-url: /themes/custom/msf_theme/dist/vendor/modernizr.min.js
x-varnish: 60499472
date: Sun, 15 Dec 2024 17:22:49 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 12:08:40 GMT
vary: Accept-Encoding
x-varnish-grace: none
x-varnish-clientip: 127.0.0.1
cache-control: max-age=1800
via: 1.1 varnish (Varnish/6.0)
cf-ray: 8f281e32efcaab72-YYZ
x-varnish-methodreq: GET
server: cloudflare

GET
H2 200 651dit7y8a15e306m7wihgwe6gtf56kp.jpg
img.msf.org/AssetLink/ 45 KB
46 KB 772ms
63ms Image
image/jpeg 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.msf.org/AssetLink/651dit7y8a15e306m7wihgwe6gtf56kp.jpg

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20c8e4c9abf65e61ee8dfbcf7e03bc9f11b56fc5982834b3ad0efab6e72be60d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-MGZkYjcyNjVhNmY1YTAxMDQ5MmM4ZWQ3ZDBiYzg1NjI=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-MGZkYjcyNjVhNmY1YTAxMDQ5MmM4ZWQ3ZDBiYzg1NjI=', script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cf-bgj: imgq:85,h2pri
etag: e41b686539ceb8f6
age: 1164
cf-cache-status: HIT
x-content-type-options: nosniff, nosniff, nosniff
cf-polished: degrade=85, origSize=53705, status=webp_bigger
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/jpeg
content-disposition: inline; filename="DSCF2058.jpg"
feature-policy: geolocation 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MGZkYjcyNjVhNmY1YTAxMDQ5MmM4ZWQ3ZDBiYzg1NjI=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MGZkYjcyNjVhNmY1YTAxMDQ5MmM4ZWQ3ZDBiYzg1NjI=', script-src 'none'
cache-control: public, max-age=1800
content-security-policy-report-only: sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals, sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
referrer-policy: same-origin
cf-ray: 8f281e375ea1ab54-YYZ
accept-ranges: bytes
content-length: 46202
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 o0e405yolx8e5tb6ss24qyk43u5vi6ls.jpg
img.msf.org/cdn-cgi/image/width=2000,f=auto,q=70/https://img.msf.org/AssetLink/ 214 KB
214 KB 796ms
108ms Image
image/webp 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.msf.org/cdn-cgi/image/width=2000,f=auto,q=70/https://img.msf.org/AssetLink/o0e405yolx8e5tb6ss24qyk43u5vi6ls.jpg

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a86eeb4d7ec00dcef525450e7a7d5ec60f3f12b3b9406a9da5d5235bd6ab5898

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cf-cache-status: HIT
etag: "cfLlHaW2L36oupwzAB5rqjQylu5WRnllJrvShzIMCRDw:6f99a0d18140bfaa"
cf-bgj: imgq:71,h2pri
cf-resized: internal=ok/r q=0 n=333+423 c=0+0 v=2024.12.1 l=219050 f=true
warning: cf-images 299 "cache-control is too restrictive", cf-images 299 "image too large for AVIF"
x-content-type-options: nosniff
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/webp
vary: Accept, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public, max-age=1800
cf-ray: 8f281e375ea2ab54-YYZ
accept-ranges: bytes
content-length: 219050
server: cloudflare

GET
H2 200 bg-transparent.png
www.msf.org/themes/custom/msf_theme/src/kss/components/image/assets/ 68 B
332 B 407ms
397ms Image
image/png 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.msf.org/themes/custom/msf_theme/src/kss/components/image/assets/bg-transparent.png
Requested by: Host: www.msf.org
URL: https://www.msf.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b09f9e0f9eeb79acd63f176597a28b46399620c549b3cb838b6de73adbdc1253

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

x-varnish-cache: MISS
x-host: www.msf.org
cf-bgj: imgq:85,h2pri
etag: "67582f48-3a9"
cf-cache-status: REVALIDATED
x-url: /themes/custom/msf_theme/src/kss/components/image/assets/bg-transparent.png
x-varnish: 53443708
cf-polished: origSize=937, status=webp_bigger
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/png
last-modified: Tue, 10 Dec 2024 12:08:40 GMT
vary: Accept-Encoding
x-varnish-clientip: 127.0.0.1
x-varnish-grace: none
cache-control: max-age=1800
via: 1.1 varnish (Varnish/6.0)
cf-ray: 8f281e382d1eab72-YYZ
x-varnish-methodreq: GET
accept-ranges: bytes
content-length: 68
server: cloudflare

GET
H2 200 q11jxiu6mcnnvv57yx5igomkuunx7i22.jpg
img.msf.org/AssetLink/ 673 KB
675 KB 255ms
246ms Image
image/jpeg 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.msf.org/AssetLink/q11jxiu6mcnnvv57yx5igomkuunx7i22.jpg

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54123b4b43276320a7561667c5d81081fcd53f016baa5e6e2bda0e83fce81f32

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-NmNiYWIyNDgyOWYxMWNjZDFhY2U1OGI1N2ExZGM2YTg=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-NmNiYWIyNDgyOWYxMWNjZDFhY2U1OGI1N2ExZGM2YTg=', script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cf-bgj: imgq:85,h2pri
etag: 9530bb3b1afb355f
cf-cache-status: REVALIDATED
x-content-type-options: nosniff, nosniff, nosniff
cf-polished: degrade=85, origSize=769958, status=webp_bigger
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/jpeg
content-disposition: inline; filename="WhatsApp Image 2024-09-16 at 15.02.22 (1).jpg"
feature-policy: geolocation 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-NmNiYWIyNDgyOWYxMWNjZDFhY2U1OGI1N2ExZGM2YTg=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-NmNiYWIyNDgyOWYxMWNjZDFhY2U1OGI1N2ExZGM2YTg=', script-src 'none'
cache-control: public, max-age=1800
content-security-policy-report-only: sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals, sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
referrer-policy: same-origin
cf-ray: 8f281e382fb2ab54-YYZ
accept-ranges: bytes
content-length: 689473
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 qfv744v6e2sm122m3uo31nlsfy6vi84g.jpg
img.msf.org/AssetLink/ 44 KB
44 KB 174ms
165ms Image
image/jpeg 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.msf.org/AssetLink/qfv744v6e2sm122m3uo31nlsfy6vi84g.jpg

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc747b11f5932641dbc0198fbf4adb264af9decf65b8ba4bd39f8896e9d18a9d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-ZGY3OTA5MmI0MGEwOTVjMjU0ZmQzZmY3OGU3ZDM1Mjk=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-ZGY3OTA5MmI0MGEwOTVjMjU0ZmQzZmY3OGU3ZDM1Mjk=', script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cf-bgj: imgq:85,h2pri
etag: dd83ff5037470519
cf-cache-status: REVALIDATED
x-content-type-options: nosniff, nosniff, nosniff
cf-polished: degrade=85, origSize=52626, status=webp_bigger
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/jpeg
content-disposition: inline; filename="MSF-82.jpg"
feature-policy: geolocation 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-ZGY3OTA5MmI0MGEwOTVjMjU0ZmQzZmY3OGU3ZDM1Mjk=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-ZGY3OTA5MmI0MGEwOTVjMjU0ZmQzZmY3OGU3ZDM1Mjk=', script-src 'none'
cache-control: public, max-age=1800
content-security-policy-report-only: sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals, sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
referrer-policy: same-origin
cf-ray: 8f281e382fb4ab54-YYZ
accept-ranges: bytes
content-length: 44600
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 70j5m2305j83em56j6080nrd4n80auiq.jpg
img.msf.org/AssetLink/ 34 KB
35 KB 214ms
206ms Image
image/jpeg 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.msf.org/AssetLink/70j5m2305j83em56j6080nrd4n80auiq.jpg

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

584719dfb92450ffc534c2e26b7617b49b5688b3e25ac2f26dfd0ebee936eb67

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-MDMxZTRjMzQ2M2I4NDk5YTBhZWMwZTBlY2M0ZDRlZmE=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-MDMxZTRjMzQ2M2I4NDk5YTBhZWMwZTBlY2M0ZDRlZmE=', script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cf-bgj: imgq:85,h2pri
etag: 260a135d174a6b46
cf-cache-status: REVALIDATED
x-content-type-options: nosniff, nosniff, nosniff
cf-polished: degrade=85, origSize=41326, status=webp_bigger
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/jpeg
content-disposition: inline; filename="OCB-Kebbi-Fatherled-8.jpg"
feature-policy: geolocation 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MDMxZTRjMzQ2M2I4NDk5YTBhZWMwZTBlY2M0ZDRlZmE=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MDMxZTRjMzQ2M2I4NDk5YTBhZWMwZTBlY2M0ZDRlZmE=', script-src 'none'
cache-control: public, max-age=1800
content-security-policy-report-only: sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals, sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
referrer-policy: same-origin
cf-ray: 8f281e382fb6ab54-YYZ
accept-ranges: bytes
content-length: 35248
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 x4fn06v32363vr6i5lxq67duhfh5w1r7.jpg
img.msf.org/AssetLink/ 43 KB
45 KB 175ms
167ms Image
image/jpeg 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.msf.org/AssetLink/x4fn06v32363vr6i5lxq67duhfh5w1r7.jpg

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4de6adbaf80d21084cef00f676dce8fbfbbe50d0339bfb69199230bb123fdd76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-Mzg4OGNlN2VlNmM2MWI4MWE0ZWM0MTJiM2I4Y2FhMWI=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-Mzg4OGNlN2VlNmM2MWI4MWE0ZWM0MTJiM2I4Y2FhMWI=', script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cf-bgj: imgq:85,h2pri
etag: 42b20cd5937fb2e5
cf-cache-status: REVALIDATED
x-content-type-options: nosniff, nosniff, nosniff
cf-polished: degrade=85, origSize=46893, status=webp_bigger
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/jpeg
content-disposition: inline; filename="0W7A2122.jpg"
feature-policy: geolocation 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-Mzg4OGNlN2VlNmM2MWI4MWE0ZWM0MTJiM2I4Y2FhMWI=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-Mzg4OGNlN2VlNmM2MWI4MWE0ZWM0MTJiM2I4Y2FhMWI=', script-src 'none'
cache-control: public, max-age=1800
content-security-policy-report-only: sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals, sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
referrer-policy: same-origin
cf-ray: 8f281e382fb9ab54-YYZ
accept-ranges: bytes
content-length: 44491
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 bcmdxj6g261586436431hrjby2402dmn.jpg
img.msf.org/AssetLink/ 42 KB
43 KB 217ms
209ms Image
image/webp 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.msf.org/AssetLink/bcmdxj6g261586436431hrjby2402dmn.jpg

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcb8923ee5c4537aab7d7abb65e8f41d5a607e9bc1cd54214a980a585f32de71

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-Yzk4NjA1Njc0ZTU1NDliMWIzODk4MDQyYWYzOGQ3ZWM=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-Yzk4NjA1Njc0ZTU1NDliMWIzODk4MDQyYWYzOGQ3ZWM=', script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cf-bgj: imgq:85,h2pri
etag: 0b4dbbc9df70c486
cf-cache-status: REVALIDATED
x-content-type-options: nosniff, nosniff, nosniff
cf-polished: qual=85, origFmt=jpeg, origSize=56109
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/webp
vary: Accept
feature-policy: geolocation 'none'
content-disposition: inline; filename="bcmdxj6g261586436431hrjby2402dmn.webp"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-Yzk4NjA1Njc0ZTU1NDliMWIzODk4MDQyYWYzOGQ3ZWM=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-Yzk4NjA1Njc0ZTU1NDliMWIzODk4MDQyYWYzOGQ3ZWM=', script-src 'none'
cache-control: public, max-age=1800
content-security-policy-report-only: sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals, sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
referrer-policy: same-origin
cf-ray: 8f281e382fbbab54-YYZ
accept-ranges: bytes
content-length: 42826
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 7bc7d7fo2o142mxw647eew5uk8d62707.jpg
img.msf.org/AssetLink/ 30 KB
31 KB 243ms
235ms Image
image/webp 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.msf.org/AssetLink/7bc7d7fo2o142mxw647eew5uk8d62707.jpg

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6549164cd9878a9c731dbce17d96778e4124ddf08c94072e782e1d50ac0f60d6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-ZTFkNDAyOGU0NGU3ZjY2MmQxNDRlNzY1YzgyODk1YjQ=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-ZTFkNDAyOGU0NGU3ZjY2MmQxNDRlNzY1YzgyODk1YjQ=', script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cf-bgj: imgq:85,h2pri
etag: 67435538e4eccb1c
cf-cache-status: REVALIDATED
x-content-type-options: nosniff, nosniff, nosniff
cf-polished: qual=85, origFmt=jpeg, origSize=38437
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/webp
vary: Accept
feature-policy: geolocation 'none'
content-disposition: inline; filename="7bc7d7fo2o142mxw647eew5uk8d62707.webp"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-ZTFkNDAyOGU0NGU3ZjY2MmQxNDRlNzY1YzgyODk1YjQ=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-ZTFkNDAyOGU0NGU3ZjY2MmQxNDRlNzY1YzgyODk1YjQ=', script-src 'none'
cache-control: public, max-age=1800
content-security-policy-report-only: sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals, sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
referrer-policy: same-origin
cf-ray: 8f281e387822ab54-YYZ
accept-ranges: bytes
content-length: 31044
x-xss-protection: 1; mode=block
server: cloudflare

GET gx224u8585br3y2ps11o73o8l0r3neyt.jpg
img.msf.org/AssetLink/ 0
0

GET a4m28u8363548h44kt33336v410kybwj.jpg
img.msf.org/AssetLink/ 0
0

GET
H2 200 u868kru061o8f765a3870i6t058b1qdv.jpg
img.msf.org/AssetLink/ 40 KB
41 KB 241ms
235ms Image
image/jpeg 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.msf.org/AssetLink/u868kru061o8f765a3870i6t058b1qdv.jpg

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b76d4472337251c4db419c030eab142d99186339aa87b0cea744cbfa8c67ba4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-MDQ5OTI4M2I3ODJlM2U1MTY1Y2YyMmQxZWM2YmRhMjU=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-MDQ5OTI4M2I3ODJlM2U1MTY1Y2YyMmQxZWM2YmRhMjU=', script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cf-bgj: imgq:85,h2pri
etag: 0ae1591cf2bd073b
cf-cache-status: REVALIDATED
x-content-type-options: nosniff, nosniff, nosniff
cf-polished: degrade=85, origSize=47691, status=webp_bigger
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/jpeg
content-disposition: inline; filename="Ops _ Assosa _ CTC15.jpg"
feature-policy: geolocation 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MDQ5OTI4M2I3ODJlM2U1MTY1Y2YyMmQxZWM2YmRhMjU=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MDQ5OTI4M2I3ODJlM2U1MTY1Y2YyMmQxZWM2YmRhMjU=', script-src 'none'
cache-control: public, max-age=1800
content-security-policy-report-only: sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals, sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
referrer-policy: same-origin
cf-ray: 8f281e387826ab54-YYZ
accept-ranges: bytes
content-length: 41042
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 28025n6t882p05m3k2o4k4b7v0fe580m.jpg
img.msf.org/AssetLink/ 44 KB
45 KB 222ms
216ms Image
image/jpeg 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.msf.org/AssetLink/28025n6t882p05m3k2o4k4b7v0fe580m.jpg

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1731831b2eb66d5f6be5282056d22cdbc373a076a5014000abf6808130abcb4a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-N2M5NDczNDdhODc0MDhiNGExYzhjZDY3YmViY2ZjNTg=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-N2M5NDczNDdhODc0MDhiNGExYzhjZDY3YmViY2ZjNTg=', script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cf-bgj: imgq:85,h2pri
etag: 6e578bd82168f130
cf-cache-status: REVALIDATED
x-content-type-options: nosniff, nosniff, nosniff
cf-polished: degrade=85, origSize=50087, status=webp_bigger
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/jpeg
content-disposition: inline; filename="Khost-1.jpg"
feature-policy: geolocation 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-N2M5NDczNDdhODc0MDhiNGExYzhjZDY3YmViY2ZjNTg=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-N2M5NDczNDdhODc0MDhiNGExYzhjZDY3YmViY2ZjNTg=', script-src 'none'
cache-control: public, max-age=1800
content-security-policy-report-only: sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals, sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
referrer-policy: same-origin
cf-ray: 8f281e387828ab54-YYZ
accept-ranges: bytes
content-length: 44552
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 tq03x40q8j6vcp0g6cj5td46v1lc6qj1.jpg
img.msf.org/AssetLink/ 28 KB
29 KB 238ms
232ms Image
image/jpeg 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.msf.org/AssetLink/tq03x40q8j6vcp0g6cj5td46v1lc6qj1.jpg

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87a34d64d091b5177e1791fed45cf5e9c798b9934d99bcd040f709b6a4a97eff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-OGMxNDI2NDkwZDIyZDYzMzJhNTk5Y2UxZjhhODAzNGQ=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-OGMxNDI2NDkwZDIyZDYzMzJhNTk5Y2UxZjhhODAzNGQ=', script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cf-bgj: imgq:85,h2pri
etag: 8173188135961309
cf-cache-status: REVALIDATED
x-content-type-options: nosniff, nosniff, nosniff
cf-polished: degrade=85, origSize=30725, status=webp_bigger
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/jpeg
content-disposition: inline; filename="WhatsApp Image 2024-12-03 at 19.00.12.jpg"
feature-policy: geolocation 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-OGMxNDI2NDkwZDIyZDYzMzJhNTk5Y2UxZjhhODAzNGQ=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-OGMxNDI2NDkwZDIyZDYzMzJhNTk5Y2UxZjhhODAzNGQ=', script-src 'none'
cache-control: public, max-age=1800
content-security-policy-report-only: sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals, sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
referrer-policy: same-origin
cf-ray: 8f281e387829ab54-YYZ
accept-ranges: bytes
content-length: 28602
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 5ak72bv0jw35i0v82d50y231mwro283b.jpg
img.msf.org/AssetLink/ 40 KB
41 KB 284ms
278ms Image
image/jpeg 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.msf.org/AssetLink/5ak72bv0jw35i0v82d50y231mwro283b.jpg

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

243c9510a368de1e402f1951c7292fb8f4afc911de1e4b1c8c5886558d8ff199

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-MDAxZDVjMmQ5ZjMwODU5NTc4YTUzMmFiYmJhYTE0NDU=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-MDAxZDVjMmQ5ZjMwODU5NTc4YTUzMmFiYmJhYTE0NDU=', script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cf-bgj: imgq:85,h2pri
etag: f461bac04ee10c30
cf-cache-status: REVALIDATED
x-content-type-options: nosniff, nosniff, nosniff
cf-polished: degrade=85, origSize=44865, status=webp_bigger
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/jpeg
content-disposition: inline; filename="MIB2024001C-4992.jpg"
feature-policy: geolocation 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MDAxZDVjMmQ5ZjMwODU5NTc4YTUzMmFiYmJhYTE0NDU=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-MDAxZDVjMmQ5ZjMwODU5NTc4YTUzMmFiYmJhYTE0NDU=', script-src 'none'
cache-control: public, max-age=1800
content-security-policy-report-only: sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals, sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
referrer-policy: same-origin
cf-ray: 8f281e38782bab54-YYZ
accept-ranges: bytes
content-length: 40609
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 oa04gxy75u8745fn2h663l3gs345o652.jpg
img.msf.org/AssetLink/ 40 KB
41 KB 239ms
233ms Image
image/jpeg 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.msf.org/AssetLink/oa04gxy75u8745fn2h663l3gs345o652.jpg

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d35fd22c77cd237716ef995479ff52bd5bb4c167f294c9b145f24c06b3b2138

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-Y2E0MTU2MjA2MjE4YTA3Nzg2OWVkNzUyMzZjMjNjODA=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-Y2E0MTU2MjA2MjE4YTA3Nzg2OWVkNzUyMzZjMjNjODA=', script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cf-bgj: imgq:85,h2pri
etag: 5990a806e83ba8c6
cf-cache-status: REVALIDATED
x-content-type-options: nosniff, nosniff, nosniff
cf-polished: origSize=43811, status=webp_bigger
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/jpeg
content-disposition: inline; filename="_MG_0279.jpg"
feature-policy: geolocation 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-Y2E0MTU2MjA2MjE4YTA3Nzg2OWVkNzUyMzZjMjNjODA=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-Y2E0MTU2MjA2MjE4YTA3Nzg2OWVkNzUyMzZjMjNjODA=', script-src 'none'
cache-control: public, max-age=1800
content-security-policy-report-only: sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals, sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
referrer-policy: same-origin
cf-ray: 8f281e38782cab54-YYZ
accept-ranges: bytes
content-length: 41183
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 hve6oetbrn7ecv33uq22610635dp4s8r.jpg
img.msf.org/AssetLink/ 37 KB
38 KB 229ms
224ms Image
image/jpeg 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.msf.org/AssetLink/hve6oetbrn7ecv33uq22610635dp4s8r.jpg

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd9d18d08ecabd32c901b2450f3ccbec0f085a30649b19ebdf479d4f4acb5b1d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-NTBkZDVhYTRhZTQxNDFkZTBhY2MyYzZlMTIxODI2YmQ=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-NTBkZDVhYTRhZTQxNDFkZTBhY2MyYzZlMTIxODI2YmQ=', script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cf-bgj: imgq:85,h2pri
etag: fe2aa8e302855cea
cf-cache-status: REVALIDATED
x-content-type-options: nosniff, nosniff, nosniff
cf-polished: degrade=85, origSize=43642, status=webp_bigger
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/jpeg
content-disposition: inline; filename="Overview of the heavy fighting on 21, Ochi.jpg"
feature-policy: geolocation 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-NTBkZDVhYTRhZTQxNDFkZTBhY2MyYzZlMTIxODI2YmQ=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-NTBkZDVhYTRhZTQxNDFkZTBhY2MyYzZlMTIxODI2YmQ=', script-src 'none'
cache-control: public, max-age=1800
content-security-policy-report-only: sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals, sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
referrer-policy: same-origin
cf-ray: 8f281e38782dab54-YYZ
accept-ranges: bytes
content-length: 37650
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 4l3742jj3u50011226gsf2v54255a8s2.jpg
img.msf.org/AssetLink/ 9 KB
10 KB 227ms
222ms Image
image/webp 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.msf.org/AssetLink/4l3742jj3u50011226gsf2v54255a8s2.jpg

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69dbf75b6caf348cbc83dd2e0fde84c19fe00089c1077fe9c1b0e465773ca1d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-ZGUxZWQ0YWE2N2YwMTY0NGNjYjA1NTBkZWM0Yzg4MmY=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-ZGUxZWQ0YWE2N2YwMTY0NGNjYjA1NTBkZWM0Yzg4MmY=', script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cf-bgj: imgq:85,h2pri
etag: f9fb98330e9e5008
cf-cache-status: REVALIDATED
x-content-type-options: nosniff, nosniff, nosniff
cf-polished: qual=85, origFmt=jpeg, origSize=14949
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/webp
vary: Accept
feature-policy: geolocation 'none'
content-disposition: inline; filename="4l3742jj3u50011226gsf2v54255a8s2.webp"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-ZGUxZWQ0YWE2N2YwMTY0NGNjYjA1NTBkZWM0Yzg4MmY=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-ZGUxZWQ0YWE2N2YwMTY0NGNjYjA1NTBkZWM0Yzg4MmY=', script-src 'none'
cache-control: public, max-age=1800
content-security-policy-report-only: sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals, sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
referrer-policy: same-origin
cf-ray: 8f281e38782fab54-YYZ
accept-ranges: bytes
content-length: 9070
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 141s005c35mev72g6m5f21e07dy58k5c.jpg
img.msf.org/AssetLink/ 36 KB
38 KB 282ms
277ms Image
image/webp 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.msf.org/AssetLink/141s005c35mev72g6m5f21e07dy58k5c.jpg

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7846c0fd38331f24dabc1faeaab9578162994d4b26df453d1569486e73b55dd7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-ODNjOWEyOWEwM2E0YTZiMmVkODdhYmYxYjhhNGRhOTc=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-ODNjOWEyOWEwM2E0YTZiMmVkODdhYmYxYjhhNGRhOTc=', script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cf-bgj: imgq:85,h2pri
etag: 70e6df5b0b9457c8
cf-cache-status: REVALIDATED
x-content-type-options: nosniff, nosniff, nosniff
cf-polished: qual=85, origFmt=jpeg, origSize=70777
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/webp
vary: Accept
feature-policy: geolocation 'none'
content-disposition: inline; filename="141s005c35mev72g6m5f21e07dy58k5c.webp"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-ODNjOWEyOWEwM2E0YTZiMmVkODdhYmYxYjhhNGRhOTc=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-ODNjOWEyOWEwM2E0YTZiMmVkODdhYmYxYjhhNGRhOTc=', script-src 'none'
cache-control: public, max-age=1800
content-security-policy-report-only: sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals, sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
referrer-policy: same-origin
cf-ray: 8f281e387832ab54-YYZ
accept-ranges: bytes
content-length: 37194
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 eu25do64x3p4g0q8xly7628u00l6s255.jpg
img.msf.org/AssetLink/ 51 KB
52 KB 230ms
225ms Image
image/jpeg 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.msf.org/AssetLink/eu25do64x3p4g0q8xly7628u00l6s255.jpg

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bc23b8c4bc2b2c95fe882ee88c01215ab79a32e91ec7a5566e275029f15a6e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-NjE0NWFlMDMyMzAxYWNjYTgwODZkYWQyNTc0ZDU0Yzc=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-NjE0NWFlMDMyMzAxYWNjYTgwODZkYWQyNTc0ZDU0Yzc=', script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cf-bgj: imgq:85,h2pri
etag: 6b37d677cc006414
cf-cache-status: REVALIDATED
x-content-type-options: nosniff, nosniff, nosniff
cf-polished: degrade=85, origSize=61569, status=webp_bigger
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/jpeg
content-disposition: inline; filename="_DSC0881.jpg"
feature-policy: geolocation 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-NjE0NWFlMDMyMzAxYWNjYTgwODZkYWQyNTc0ZDU0Yzc=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-NjE0NWFlMDMyMzAxYWNjYTgwODZkYWQyNTc0ZDU0Yzc=', script-src 'none'
cache-control: public, max-age=1800
content-security-policy-report-only: sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals, sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
referrer-policy: same-origin
cf-ray: 8f281e387834ab54-YYZ
accept-ranges: bytes
content-length: 52001
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 logo-white-en.svg
www.msf.org/themes/custom/msf_theme/src/kss/components/icons/assets/ 12 KB
5 KB 60ms
56ms Image
image/svg+xml 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.msf.org/themes/custom/msf_theme/src/kss/components/icons/assets/logo-white-en.svg
Requested by: Host: www.msf.org
URL: https://www.msf.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aaba19520fb39cd79e2f2080e503695ae06e64701d8aa3a33926b09309647416

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

x-varnish-cache: MISS
x-host: www.msf.org
cf-cache-status: HIT
etag: W/"67582f48-2f38"
age: 1164
content-encoding: br
x-url: /themes/custom/msf_theme/src/kss/components/icons/assets/logo-white-en.svg
x-varnish: 53547702
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 12:08:40 GMT
vary: Accept-Encoding
x-varnish-grace: none
x-varnish-clientip: 127.0.0.1
cache-control: max-age=1800
via: 1.1 varnish (Varnish/6.0)
cf-ray: 8f281e382d2cab72-YYZ
x-varnish-methodreq: GET
server: cloudflare

GET
H2 200 email-decode.min.js Show response
www.msf.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
853 B 48ms
39ms Script
application/javascript 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.msf.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"675318bd-4d7"
x-content-type-options: nosniff
cf-ray: 8f281e382d22ab72-YYZ
expires: Tue, 17 Dec 2024 17:22:50 GMT
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 15:31:09 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 js_QUF6IK4Wh3PNptXrj6LFaup6hmHVC2PHZH-qg2VGCko.js Show response
www.msf.org/sites/default/files/js/ 2 MB
531 KB 405ms
397ms Script
application/javascript 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.msf.org/sites/default/files/js/js_QUF6IK4Wh3PNptXrj6LFaup6hmHVC2PHZH-qg2VGCko.js?scope=footer&delta=0&language=en&theme=msf_theme&include=eJzLLU6LL8lIzU3VT8_JT0rM0UmtKMnJzMvWTykqLUjM0YNydXKB6tJLcvWhdHxxSWJJZjIA_5QYhA
Requested by: Host: www.msf.org
URL: https://www.msf.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fd38a89efa2608fdae9dc62f35d32bee18f18c61d50ba01b9c92e6c72765301

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

x-varnish-cache: MISS
content-encoding: gzip
x-host: www.msf.org
etag: W/"675c10b1-18291b"
cf-cache-status: REVALIDATED
x-url: /sites/default/files/js/js_QUF6IK4Wh3PNptXrj6LFaup6hmHVC2PHZH-qg2VGCko.js?scope=footer&delta=0&language=en&theme=msf_theme&include=eJzLLU6LL8lIzU3VT8_JT0rM0UmtKMnJzMvWTykqLUjM0YNydXKB6tJLcvWhdHxxSWJJZjIA_5QYhA
x-varnish: 63414059
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: application/javascript
last-modified: Fri, 13 Dec 2024 10:47:13 GMT
vary: Accept-Encoding
x-varnish-grace: none
x-varnish-clientip: 127.0.0.1
cache-control: max-age=1800
via: 1.1 varnish (Varnish/6.0)
cf-ray: 8f281e382d23ab72-YYZ
x-varnish-methodreq: GET
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 287 KB
92 KB 639ms
113ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WTXQQLZ

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

baeaf91ca8715816e46a3bf6f0becd67a84e48299015f8db996f636da16afe96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 15 Dec 2024 17:22:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 15 Dec 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93773
x-xss-protection: 0
server: Google Tag Manager

GET
DATA 200
OK truncated
/ 222 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 466b0b0a75f05b15c0c8a2dd472cc30e2fb82550930dedbcc1013b92bd4789c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 441 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 351c6e3933b9f0079a26b7836955545f6c992380960e0c5f24f2a57990a61513

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 222 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87770ba469dbf3f5b424079259b0d5abbde6eed6d4223aef72b24b30751b5d9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 GT-America-Condensed-Medium.woff2
www.msf.org/themes/custom/msf_theme/dist/fonts/ 49 KB
49 KB 66ms
62ms Font
font/woff2 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.msf.org/themes/custom/msf_theme/dist/fonts/GT-America-Condensed-Medium.woff2
Requested by: Host: www.msf.org
URL: https://www.msf.org/sites/default/files/css/css_6pmh35V74l-QoDap6nzb0TaNrw59jp1Srlv-9JeE2QU.css?delta=1&language=en&theme=msf_theme&include=eJxlj2tuxDAIhC8UkiNVJCa2FdtYgPdx-7qrVsuqf5D4ZhgN-lSjuu2otFQ9vyxRpS0W3rE4wI1MhtpCDyu5XVuQ0bGsv6tznsxGAmqSW_zHl46CUbAn_Yt4k3W0PvaSNVFwl5VCRtiF8JoBb57byWCzAeyFD9_hQPEBWnKYZeAHw4y35ZbprttrrpXDKP75gkZqcHAzauaExJU6RoKK3X9GaEMoQMfjmrKTLnrCmeNU1dGGN8gN-qc3kfCn6RtELZ9F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c938aad7d5966fd0cc46aa56f5a96a548302af782b63d9dcb97f36eed4e24c18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.msf.org
Referer: https://www.msf.org/sites/default/files/css/css_6pmh35V74l-QoDap6nzb0TaNrw59jp1Srlv-9JeE2QU.css?delta=1&language=en&theme=msf_theme&include=eJxlj2tuxDAIhC8UkiNVJCa2FdtYgPdx-7qrVsuqf5D4ZhgN-lSjuu2otFQ9vyxRpS0W3rE4wI1MhtpCDyu5XVuQ0bGsv6tznsxGAmqSW_zHl46CUbAn_Yt4k3W0PvaSNVFwl5VCRtiF8JoBb57byWCzAeyFD9_hQPEBWnKYZeAHw4y35ZbprttrrpXDKP75gkZqcHAzauaExJU6RoKK3X9GaEMoQMfjmrKTLnrCmeNU1dGGN8gN-qc3kfCn6RtELZ9F

Response headers

x-varnish-cache: MISS
x-host: www.msf.org
cf-cache-status: HIT
etag: "67582f48-c3f0"
age: 1164
x-url: /themes/custom/msf_theme/dist/fonts/GT-America-Condensed-Medium.woff2
x-varnish: 60954807
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: font/woff2
last-modified: Tue, 10 Dec 2024 12:08:40 GMT
vary: Accept-Encoding
x-varnish-grace: none
x-varnish-clientip: 127.0.0.1
cache-control: max-age=1800
via: 1.1 varnish (Varnish/6.0)
cf-ray: 8f281e389da2ab72-YYZ
x-varnish-methodreq: GET
accept-ranges: bytes
content-length: 50160
server: cloudflare

GET
H2 200 Tajawal-Medium.woff2
www.msf.org/themes/custom/msf_theme/dist/fonts/ 20 KB
20 KB 67ms
63ms Font
font/woff2 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.msf.org/themes/custom/msf_theme/dist/fonts/Tajawal-Medium.woff2
Requested by: Host: www.msf.org
URL: https://www.msf.org/sites/default/files/css/css_6pmh35V74l-QoDap6nzb0TaNrw59jp1Srlv-9JeE2QU.css?delta=1&language=en&theme=msf_theme&include=eJxlj2tuxDAIhC8UkiNVJCa2FdtYgPdx-7qrVsuqf5D4ZhgN-lSjuu2otFQ9vyxRpS0W3rE4wI1MhtpCDyu5XVuQ0bGsv6tznsxGAmqSW_zHl46CUbAn_Yt4k3W0PvaSNVFwl5VCRtiF8JoBb57byWCzAeyFD9_hQPEBWnKYZeAHw4y35ZbprttrrpXDKP75gkZqcHAzauaExJU6RoKK3X9GaEMoQMfjmrKTLnrCmeNU1dGGN8gN-qc3kfCn6RtELZ9F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb3fe3494f9e04df7ec847b35320f93c3ab6ddce359101c16623b291a360d562

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.msf.org
Referer: https://www.msf.org/sites/default/files/css/css_6pmh35V74l-QoDap6nzb0TaNrw59jp1Srlv-9JeE2QU.css?delta=1&language=en&theme=msf_theme&include=eJxlj2tuxDAIhC8UkiNVJCa2FdtYgPdx-7qrVsuqf5D4ZhgN-lSjuu2otFQ9vyxRpS0W3rE4wI1MhtpCDyu5XVuQ0bGsv6tznsxGAmqSW_zHl46CUbAn_Yt4k3W0PvaSNVFwl5VCRtiF8JoBb57byWCzAeyFD9_hQPEBWnKYZeAHw4y35ZbprttrrpXDKP75gkZqcHAzauaExJU6RoKK3X9GaEMoQMfjmrKTLnrCmeNU1dGGN8gN-qc3kfCn6RtELZ9F

Response headers

x-varnish-cache: MISS
x-host: www.msf.org
cf-cache-status: HIT
etag: "67582f48-4e80"
age: 1163
x-url: /themes/custom/msf_theme/dist/fonts/Tajawal-Medium.woff2
x-varnish: 58044144
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: font/woff2
last-modified: Tue, 10 Dec 2024 12:08:40 GMT
vary: Accept-Encoding
x-varnish-grace: none
x-varnish-clientip: 127.0.0.1
cache-control: max-age=1800
via: 1.1 varnish (Varnish/6.0)
cf-ray: 8f281e389da3ab72-YYZ
x-varnish-methodreq: GET
accept-ranges: bytes
content-length: 20096
server: cloudflare

GET
H2 200 GT-America-Compressed-Bold.woff2
www.msf.org/themes/custom/msf_theme/dist/fonts/ 47 KB
48 KB 69ms
66ms Font
font/woff2 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.msf.org/themes/custom/msf_theme/dist/fonts/GT-America-Compressed-Bold.woff2
Requested by: Host: www.msf.org
URL: https://www.msf.org/sites/default/files/css/css_6pmh35V74l-QoDap6nzb0TaNrw59jp1Srlv-9JeE2QU.css?delta=1&language=en&theme=msf_theme&include=eJxlj2tuxDAIhC8UkiNVJCa2FdtYgPdx-7qrVsuqf5D4ZhgN-lSjuu2otFQ9vyxRpS0W3rE4wI1MhtpCDyu5XVuQ0bGsv6tznsxGAmqSW_zHl46CUbAn_Yt4k3W0PvaSNVFwl5VCRtiF8JoBb57byWCzAeyFD9_hQPEBWnKYZeAHw4y35ZbprttrrpXDKP75gkZqcHAzauaExJU6RoKK3X9GaEMoQMfjmrKTLnrCmeNU1dGGN8gN-qc3kfCn6RtELZ9F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f837e6d553c2ab7d8663fe4296376353986e5ec8f2ae52384a31383ebb3177

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.msf.org
Referer: https://www.msf.org/sites/default/files/css/css_6pmh35V74l-QoDap6nzb0TaNrw59jp1Srlv-9JeE2QU.css?delta=1&language=en&theme=msf_theme&include=eJxlj2tuxDAIhC8UkiNVJCa2FdtYgPdx-7qrVsuqf5D4ZhgN-lSjuu2otFQ9vyxRpS0W3rE4wI1MhtpCDyu5XVuQ0bGsv6tznsxGAmqSW_zHl46CUbAn_Yt4k3W0PvaSNVFwl5VCRtiF8JoBb57byWCzAeyFD9_hQPEBWnKYZeAHw4y35ZbprttrrpXDKP75gkZqcHAzauaExJU6RoKK3X9GaEMoQMfjmrKTLnrCmeNU1dGGN8gN-qc3kfCn6RtELZ9F

Response headers

x-varnish-cache: MISS
x-host: www.msf.org
cf-cache-status: HIT
etag: "67582f48-bd4c"
age: 1164
x-url: /themes/custom/msf_theme/dist/fonts/GT-America-Compressed-Bold.woff2
x-varnish: 58044138
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: font/woff2
last-modified: Tue, 10 Dec 2024 12:08:40 GMT
vary: Accept-Encoding
x-varnish-grace: none
x-varnish-clientip: 127.0.0.1
cache-control: max-age=1800
via: 1.1 varnish (Varnish/6.0)
cf-ray: 8f281e389da5ab72-YYZ
x-varnish-methodreq: GET
accept-ranges: bytes
content-length: 48460
server: cloudflare

GET
H2 200 TiemposHeadlineWeb-Light.woff
www.msf.org/themes/custom/msf_theme/dist/fonts/ 53 KB
53 KB 72ms
69ms Font
font/woff 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.msf.org/themes/custom/msf_theme/dist/fonts/TiemposHeadlineWeb-Light.woff
Requested by: Host: www.msf.org
URL: https://www.msf.org/sites/default/files/css/css_6pmh35V74l-QoDap6nzb0TaNrw59jp1Srlv-9JeE2QU.css?delta=1&language=en&theme=msf_theme&include=eJxlj2tuxDAIhC8UkiNVJCa2FdtYgPdx-7qrVsuqf5D4ZhgN-lSjuu2otFQ9vyxRpS0W3rE4wI1MhtpCDyu5XVuQ0bGsv6tznsxGAmqSW_zHl46CUbAn_Yt4k3W0PvaSNVFwl5VCRtiF8JoBb57byWCzAeyFD9_hQPEBWnKYZeAHw4y35ZbprttrrpXDKP75gkZqcHAzauaExJU6RoKK3X9GaEMoQMfjmrKTLnrCmeNU1dGGN8gN-qc3kfCn6RtELZ9F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b0d6dcf37796f50bf2f0da678092426597f0e38253d0ca31a5eb9eb69dd27d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.msf.org
Referer: https://www.msf.org/sites/default/files/css/css_6pmh35V74l-QoDap6nzb0TaNrw59jp1Srlv-9JeE2QU.css?delta=1&language=en&theme=msf_theme&include=eJxlj2tuxDAIhC8UkiNVJCa2FdtYgPdx-7qrVsuqf5D4ZhgN-lSjuu2otFQ9vyxRpS0W3rE4wI1MhtpCDyu5XVuQ0bGsv6tznsxGAmqSW_zHl46CUbAn_Yt4k3W0PvaSNVFwl5VCRtiF8JoBb57byWCzAeyFD9_hQPEBWnKYZeAHw4y35ZbprttrrpXDKP75gkZqcHAzauaExJU6RoKK3X9GaEMoQMfjmrKTLnrCmeNU1dGGN8gN-qc3kfCn6RtELZ9F

Response headers

x-varnish-cache: MISS
x-host: www.msf.org
cf-cache-status: HIT
etag: "67582f48-d43a"
age: 1164
x-url: /themes/custom/msf_theme/dist/fonts/TiemposHeadlineWeb-Light.woff
x-varnish: 53547711
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: font/woff
last-modified: Tue, 10 Dec 2024 12:08:40 GMT
vary: Accept-Encoding
x-varnish-grace: none
x-varnish-clientip: 127.0.0.1
cache-control: max-age=1800
via: 1.1 varnish (Varnish/6.0)
cf-ray: 8f281e389da7ab72-YYZ
x-varnish-methodreq: GET
accept-ranges: bytes
content-length: 54330
server: cloudflare

GET
H2 200 TiemposHeadlineWeb-LightItalic.woff
www.msf.org/themes/custom/msf_theme/dist/fonts/ 56 KB
56 KB 68ms
65ms Font
font/woff 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.msf.org/themes/custom/msf_theme/dist/fonts/TiemposHeadlineWeb-LightItalic.woff
Requested by: Host: www.msf.org
URL: https://www.msf.org/sites/default/files/css/css_6pmh35V74l-QoDap6nzb0TaNrw59jp1Srlv-9JeE2QU.css?delta=1&language=en&theme=msf_theme&include=eJxlj2tuxDAIhC8UkiNVJCa2FdtYgPdx-7qrVsuqf5D4ZhgN-lSjuu2otFQ9vyxRpS0W3rE4wI1MhtpCDyu5XVuQ0bGsv6tznsxGAmqSW_zHl46CUbAn_Yt4k3W0PvaSNVFwl5VCRtiF8JoBb57byWCzAeyFD9_hQPEBWnKYZeAHw4y35ZbprttrrpXDKP75gkZqcHAzauaExJU6RoKK3X9GaEMoQMfjmrKTLnrCmeNU1dGGN8gN-qc3kfCn6RtELZ9F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d6559229bb4339266a39ba6d5bc9c67612a9edddaa762f9debf192bf9374a3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.msf.org
Referer: https://www.msf.org/sites/default/files/css/css_6pmh35V74l-QoDap6nzb0TaNrw59jp1Srlv-9JeE2QU.css?delta=1&language=en&theme=msf_theme&include=eJxlj2tuxDAIhC8UkiNVJCa2FdtYgPdx-7qrVsuqf5D4ZhgN-lSjuu2otFQ9vyxRpS0W3rE4wI1MhtpCDyu5XVuQ0bGsv6tznsxGAmqSW_zHl46CUbAn_Yt4k3W0PvaSNVFwl5VCRtiF8JoBb57byWCzAeyFD9_hQPEBWnKYZeAHw4y35ZbprttrrpXDKP75gkZqcHAzauaExJU6RoKK3X9GaEMoQMfjmrKTLnrCmeNU1dGGN8gN-qc3kfCn6RtELZ9F

Response headers

x-varnish-cache: MISS
x-host: www.msf.org
cf-cache-status: HIT
etag: "67582f48-df2e"
age: 1164
x-url: /themes/custom/msf_theme/dist/fonts/TiemposHeadlineWeb-LightItalic.woff
x-varnish: 58726472
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: font/woff
last-modified: Tue, 10 Dec 2024 12:08:40 GMT
vary: Accept-Encoding
x-varnish-grace: none
x-varnish-clientip: 127.0.0.1
cache-control: max-age=1800
via: 1.1 varnish (Varnish/6.0)
cf-ray: 8f281e389da9ab72-YYZ
x-varnish-methodreq: GET
accept-ranges: bytes
content-length: 57134
server: cloudflare

GET
H2 200 TiemposHeadlineWeb-Semibold.woff
www.msf.org/themes/custom/msf_theme/dist/fonts/ 41 KB
41 KB 73ms
70ms Font
font/woff 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.msf.org/themes/custom/msf_theme/dist/fonts/TiemposHeadlineWeb-Semibold.woff
Requested by: Host: www.msf.org
URL: https://www.msf.org/sites/default/files/css/css_6pmh35V74l-QoDap6nzb0TaNrw59jp1Srlv-9JeE2QU.css?delta=1&language=en&theme=msf_theme&include=eJxlj2tuxDAIhC8UkiNVJCa2FdtYgPdx-7qrVsuqf5D4ZhgN-lSjuu2otFQ9vyxRpS0W3rE4wI1MhtpCDyu5XVuQ0bGsv6tznsxGAmqSW_zHl46CUbAn_Yt4k3W0PvaSNVFwl5VCRtiF8JoBb57byWCzAeyFD9_hQPEBWnKYZeAHw4y35ZbprttrrpXDKP75gkZqcHAzauaExJU6RoKK3X9GaEMoQMfjmrKTLnrCmeNU1dGGN8gN-qc3kfCn6RtELZ9F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 859dd0365666198c2be1d3b4de0373f6ebe68de55f3808664446f3f51ddcad92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.msf.org
Referer: https://www.msf.org/sites/default/files/css/css_6pmh35V74l-QoDap6nzb0TaNrw59jp1Srlv-9JeE2QU.css?delta=1&language=en&theme=msf_theme&include=eJxlj2tuxDAIhC8UkiNVJCa2FdtYgPdx-7qrVsuqf5D4ZhgN-lSjuu2otFQ9vyxRpS0W3rE4wI1MhtpCDyu5XVuQ0bGsv6tznsxGAmqSW_zHl46CUbAn_Yt4k3W0PvaSNVFwl5VCRtiF8JoBb57byWCzAeyFD9_hQPEBWnKYZeAHw4y35ZbprttrrpXDKP75gkZqcHAzauaExJU6RoKK3X9GaEMoQMfjmrKTLnrCmeNU1dGGN8gN-qc3kfCn6RtELZ9F

Response headers

x-varnish-cache: MISS
x-host: www.msf.org
cf-cache-status: HIT
etag: "67582f48-a2c0"
age: 1163
x-url: /themes/custom/msf_theme/dist/fonts/TiemposHeadlineWeb-Semibold.woff
x-varnish: 59172780
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: font/woff
last-modified: Tue, 10 Dec 2024 12:08:40 GMT
vary: Accept-Encoding
x-varnish-grace: none
x-varnish-clientip: 127.0.0.1
cache-control: max-age=1800
via: 1.1 varnish (Varnish/6.0)
cf-ray: 8f281e389daaab72-YYZ
x-varnish-methodreq: GET
accept-ranges: bytes
content-length: 41664
server: cloudflare

GET
H2 200 medical-activities.jpg
www.msf.org/sites/default/files/images/ 13 KB
13 KB 50ms
49ms Image
image/webp 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.msf.org/sites/default/files/images/medical-activities.jpg
Requested by: Host: www.msf.org
URL: https://www.msf.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56ef109a958838fde546c07daebfc36498f4ba65acfced5c09dcfa67cc7171e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

x-varnish-cache: MISS
x-host: www.msf.org
cf-bgj: imgq:85,h2pri
etag: "66b5dfaf-3c86"
age: 1164
cf-cache-status: HIT
x-url: /sites/default/files/images/medical-activities.jpg
x-varnish: 62831609
cf-polished: qual=85, origFmt=jpeg, origSize=15494
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/webp
content-disposition: inline; filename="medical-activities.webp"
vary: Accept
last-modified: Fri, 09 Aug 2024 09:21:51 GMT
x-varnish-clientip: 127.0.0.1
x-varnish-grace: none
cache-control: max-age=1800
via: 1.1 varnish (Varnish/6.0)
cf-ray: 8f281e387d82ab72-YYZ
x-varnish-methodreq: GET
accept-ranges: bytes
content-length: 13038
server: cloudflare

GET
H2 200 crisis-settings.jpg
www.msf.org/sites/default/files/images/ 20 KB
21 KB 66ms
66ms Image
image/jpeg 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.msf.org/sites/default/files/images/crisis-settings.jpg
Requested by: Host: www.msf.org
URL: https://www.msf.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2281cc6363e3de8967b8c9b7673293ddfd03d9608e838484d4c1366ee9da21de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

x-varnish-cache: MISS
x-host: www.msf.org
cf-bgj: imgq:85,h2pri
etag: "66b5f2ef-76dc"
age: 1164
cf-cache-status: HIT
x-url: /sites/default/files/images/crisis-settings.jpg
x-varnish: 1062105153
cf-polished: degrade=85, origSize=30428, status=webp_bigger
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/jpeg
last-modified: Fri, 09 Aug 2024 10:43:59 GMT
vary: Accept-Encoding
x-varnish-clientip: 127.0.0.1
x-varnish-grace: none
cache-control: max-age=1800
via: 1.1 varnish (Varnish/6.0)
cf-ray: 8f281e389da0ab72-YYZ
x-varnish-methodreq: GET
accept-ranges: bytes
content-length: 20706
server: cloudflare

GET
H2 200 in-focus.jpg
www.msf.org/sites/default/files/images/ 17 KB
18 KB 99ms
98ms Image
image/webp 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.msf.org/sites/default/files/images/in-focus.jpg
Requested by: Host: www.msf.org
URL: https://www.msf.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68314d8575b9054e8e168015e9b62dea21f6c676c59af3481421d3544304d2ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

x-varnish-cache: MISS
x-host: www.msf.org
cf-bgj: imgq:85,h2pri
etag: "66b5dfb0-4cb0"
age: 1164
cf-cache-status: HIT
x-url: /sites/default/files/images/in-focus.jpg
x-varnish: 59559199
cf-polished: qual=85, origFmt=jpeg, origSize=19632
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/webp
content-disposition: inline; filename="in-focus.webp"
vary: Accept
last-modified: Fri, 09 Aug 2024 09:21:52 GMT
x-varnish-clientip: 127.0.0.1
x-varnish-grace: none
cache-control: max-age=1800
via: 1.1 varnish (Varnish/6.0)
cf-ray: 8f281e390e36ab72-YYZ
x-varnish-methodreq: GET
accept-ranges: bytes
content-length: 17860
server: cloudflare

GET
H2 200 gx224u8585br3y2ps11o73o8l0r3neyt.jpg
img.msf.org/AssetLink/ 58 KB
59 KB 172ms
171ms Image
image/jpeg 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.msf.org/AssetLink/gx224u8585br3y2ps11o73o8l0r3neyt.jpg

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f35b3c5ca332af80767c6e8d206e07aa1ce1fccb62da8d72affee9a6074c2a3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-OTk4Yjg3M2EzOTc0NjJiOTIwNjY2MDM2NDlmYWU0MWQ=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-OTk4Yjg3M2EzOTc0NjJiOTIwNjY2MDM2NDlmYWU0MWQ=', script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cf-bgj: imgq:85,h2pri
etag: 9530bb3b1afb355f
cf-cache-status: REVALIDATED
x-content-type-options: nosniff, nosniff, nosniff
cf-polished: degrade=85, origSize=67798, status=webp_bigger
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/jpeg
content-disposition: inline; filename="WhatsApp Image 2024-09-16 at 15.02.22 (1).jpg"
feature-policy: geolocation 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-OTk4Yjg3M2EzOTc0NjJiOTIwNjY2MDM2NDlmYWU0MWQ=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-OTk4Yjg3M2EzOTc0NjJiOTIwNjY2MDM2NDlmYWU0MWQ=', script-src 'none'
cache-control: public, max-age=1800
content-security-policy-report-only: sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals, sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
referrer-policy: same-origin
cf-ray: 8f281e38d8c6ab54-YYZ
accept-ranges: bytes
content-length: 59899
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 a4m28u8363548h44kt33336v410kybwj.jpg
img.msf.org/AssetLink/ 36 KB
37 KB 179ms
179ms Image
image/jpeg 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.msf.org/AssetLink/a4m28u8363548h44kt33336v410kybwj.jpg

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72a26ffdc9f0a50cb6e16eb479d7633f68fbd73b75389df3d028a42bb1d1b666

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-M2VlM2M3ODcwN2MwNTJjYTQ2MDI4ZTFhNjcxNGNmZjY=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://.orangelogic.com https://.orangelogic.systems https://.orangelogicdam.com https://.orangelogicdam.systems https://.orangelogicmam.com https://.orangelogicmam.systems https://.orangelogicdns.com https://.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://.amazonaws.com https://.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: .google-analytics.com js.stripe.com checkout.stripe.com .googletagmanager.com 'nonce-M2VlM2M3ODcwN2MwNTJjYTQ2MDI4ZTFhNjcxNGNmZjY=', script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

cf-bgj: imgq:85,h2pri
etag: 6f99a0d18140bfaa
cf-cache-status: REVALIDATED
x-content-type-options: nosniff, nosniff, nosniff
cf-polished: degrade=85, origSize=41994, status=webp_bigger
date: Sun, 15 Dec 2024 17:22:50 GMT
content-type: image/jpeg
content-disposition: inline; filename="photo syria fullres IMG_6524.jpg"
feature-policy: geolocation 'none'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-M2VlM2M3ODcwN2MwNTJjYTQ2MDI4ZTFhNjcxNGNmZjY=', frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com orangelogic2022-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com link.orangelogic.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;img-src 'self' https://img.msf.org https://*.orangelogic.com https://*.orangelogic.systems https://*.orangelogicdam.com https://*.orangelogicdam.systems https://*.orangelogicmam.com https://*.orangelogicmam.systems https://*.orangelogicdns.com https://*.ol-docker.internal https://msf-a.orangelogic.com https://msf-b.orangelogic.com https://media.msf.org https://msf-backup.orangelogic.com blob: data: https://cdn.datatables.net https://*.amazonaws.com https://*.cloudfront.net https://link.orangelogic.com ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com *.googletagmanager.com 'nonce-M2VlM2M3ODcwN2MwNTJjYTQ2MDI4ZTFhNjcxNGNmZjY=', script-src 'none'
cache-control: public, max-age=1800
content-security-policy-report-only: sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals, sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
referrer-policy: same-origin
cf-ray: 8f281e38d8caab54-YYZ
accept-ranges: bytes
content-length: 36701
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 50000000 Show response
eu.httpbin.org/stream-bytes/ 100 KB
100 KB 558ms
193ms Fetch
application/octet-stream 34.226.108.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.httpbin.org/stream-bytes/50000000
Requested by: Host: www.msf.org
URL: https://www.msf.org/sites/default/files/js/js_QUF6IK4Wh3PNptXrj6LFaup6hmHVC2PHZH-qg2VGCko.js?scope=footer&delta=0&language=en&theme=msf_theme&include=eJzLLU6LL8lIzU3VT8_JT0rM0UmtKMnJzMvWTykqLUjM0YNydXKB6tJLcvWhdHxxSWJJZjIA_5QYhA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.108.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-108-155.compute-1.amazonaws.com
Software: gunicorn/19.9.0 /
Resource Hash: c5ef89a07c0a5c2d04154a0763a2eae77e56512d0901dd4f8fac66894bd2c447

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

access-control-allow-origin: https://www.msf.org
date: Sun, 15 Dec 2024 17:22:51 GMT
content-type: application/octet-stream
server: gunicorn/19.9.0
access-control-allow-credentials: true

POST
H/1.1 200
OK user-action Show response
api.consentframework.com/api/v1/public/ 0
330 B 2269ms
1181ms Fetch 148.251.96.221
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.consentframework.com/api/v1/public/user-action

Requested by

Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/35212/c/UcKKO/cmp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.96.221 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),

Reverse DNS

hetzner-prod.ipsfailover.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.msf.org/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: no-store
Connection: keep-alive
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://www.msf.org
Content-Length: 0
Date: Sun, 15 Dec 2024 17:22:53 GMT
Access-Control-Allow-Headers: Content-Type

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 810ms
120ms Script
text/javascript 172.217.197.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.msf.org
URL: https://www.msf.org/sites/default/files/js/js_QUF6IK4Wh3PNptXrj6LFaup6hmHVC2PHZH-qg2VGCko.js?scope=footer&delta=0&language=en&theme=msf_theme&include=eJzLLU6LL8lIzU3VT8_JT0rM0UmtKMnJzMvWTykqLUjM0YNydXKB6tJLcvWhdHxxSWJJZjIA_5QYhA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.197.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f136.1e100.net

Software

ESF /

Resource Hash

f8d1544bb47c74ef9a9b177a721c628aeff0be0f9f6a57b18769a7d67055c759

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

content-encoding: br
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options: nosniff
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires: Sun, 15 Dec 2024 17:22:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date: Sun, 15 Dec 2024 17:22:51 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script'
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

GET
H2 200 current-year Show response
www.msf.org/api/map/ 177 KB
11 KB 462ms
462ms XHR
application/json 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.msf.org/api/map/current-year

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69063e4e3cec744bcccc8ab24e3141c96c8da7c421f04bd2e64386830d2087f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.msf.org/

Response headers

x-varnish-cache: MISS
x-host: www.msf.org
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 0
x-content-type-options: nosniff
x-generator: Drupal 10 (https://www.drupal.org)
expires: Sun, 19 Nov 1978 05:00:00 GMT
x-url: /api/map/current-year
x-varnish: 69337793
date: Sun, 15 Dec 2024 17:22:51 GMT
content-type: application/json
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-varnish-grace: none
x-varnish-clientip: 127.0.0.1
cache-control: must-revalidate, no-cache, private
via: 1.1 varnish (Varnish/6.0)
cf-ray: 8f281e3c695bab72-YYZ
x-varnish-methodreq: GET
accept-ranges: bytes
content-language: en
server: cloudflare

GET
H2

200

contacts Show response
www.msf.org/api/map/
Redirect Chain

https://www.msf.org/api/map/contacts/
https://www.msf.org/api/map/contacts

605 KB
32 KB

275ms
275ms

XHR
application/json

172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.msf.org/api/map/contacts

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Server

172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90c5777f7164a160182d14527b291102d29be038511e949bee0d6a326f074583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

x-varnish-cache: MISS
x-host: www.msf.org
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 0
x-content-type-options: nosniff
x-generator: Drupal 10 (https://www.drupal.org)
expires: Sun, 19 Nov 1978 05:00:00 GMT
x-url: /api/map/contacts
x-varnish: 69337796
date: Sun, 15 Dec 2024 17:22:51 GMT
content-type: application/json
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-varnish-grace: none
x-varnish-clientip: 127.0.0.1
cache-control: must-revalidate, no-cache, private
via: 1.1 varnish (Varnish/6.0)
cf-ray: 8f281e3daa86ab72-YYZ
x-varnish-methodreq: GET
accept-ranges: bytes
content-language: en
server: cloudflare

Redirect headers

x-varnish-cache: HIT
x-host: www.msf.org
cf-cache-status: DYNAMIC
age: 6042
x-content-type-options: nosniff
x-generator: Drupal 10 (https://www.drupal.org)
expires: Sun, 19 Nov 1978 05:00:00 GMT
x-url: /api/map/contacts/
x-varnish: 69436800 65946333
date: Sun, 15 Dec 2024 17:22:51 GMT
content-type: text/html; charset=utf-8
vary: Cookie, Accept-Encoding
x-drupal-cache: MISS
x-frame-options: SAMEORIGIN
last-modified: Sun, 15 Dec 2024 15:42:08 GMT
x-cache-ttl-remaining
x-drupal-route-normalizer: 1
cache-control: max-age=900, public
location: https://www.msf.org/api/map/contacts
purge-cache-tags: page_manager_route_name:msf_contacts_interactive_map.post http_response
x-varnish-grace: none
x-varnish-cache-hits: 939
via: 1.1 varnish (Varnish/6.0)
x-varnish-clientip: 127.0.0.1
cf-ray: 8f281e3ca991ab72-YYZ
x-varnish-methodreq: GET
content-language: en
server: cloudflare

GET
H/1.1 200
OK uuid Show response
tag.analytics-helper.com/ans/ 31 KB
31 KB 2154ms
1122ms Script
text/javascript 148.251.96.239
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.analytics-helper.com/ans/uuid?pa=35212&c=1756

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTXQQLZ

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.96.239 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),

Reverse DNS

hetzner-prod.ipsfailover.com

Software

Resource Hash

301b368b3c948ea3748ee9949b0e3d5e2ddb729493d9ffde2abd5222e26565a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Expires: Sun, 15 Dec 2024 18:28:53 GMT
Cache-Control: public, max-age=360, stale-while-revalidate=600, stale-if-error=6000
Date: Sun, 15 Dec 2024 17:22:53 GMT
Content-Type: text/javascript
Connection: keep-alive

GET
H2 200 hotjar-1043273.js Show response
static.hotjar.com/c/ 14 KB
6 KB 567ms
148ms Script
application/javascript 18.160.41.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1043273.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTXQQLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.41.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-41-53.iad55.r.cloudfront.net

Software

Resource Hash

1ba0d237499d67a480ae864b4479d3beac8742693f275d858b55df757c759333

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/1a856c231fd2263aad10e1b1baa6f1f5
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 3718533b4f5d67c52ce24dc2e8ef04b4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: E_MP1-yl9L17uykW76-4gMWUYqFYY16IRyrUIRedIwnaQLWA2mDVew==
date: Sun, 15 Dec 2024 17:22:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: IAD55-P1

GET
H2 200 wonderpush-loader.min.js Show response
cdn.by.wonderpush.com/sdk/1.1/ 2 KB
1 KB 629ms
48ms Script
application/javascript 104.18.18.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTXQQLZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 837579f91de390bfc837d0c7e052f56874ee2db5591e2a16e74c9b24dcdd965b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
etag: "465aa62ce2d9e9ce2f572d2bee5a186ded6e"
age: 1139
access-control-allow-methods: HEAD, GET
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: YKvKev_yUi-tzLYx-h0kR2vDHB2C7NLqrfhN-qwTqdnYndUYc9tSuw==
date: Sun, 15 Dec 2024 17:22:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 06 Dec 2024 08:58:48 GMT
vary: Accept-Encoding
cache-control: public,max-age=3600
via: 1.1 ab915a3ce6dc98e388c0fb6b4aaf8306.cloudfront.net (CloudFront)
cf-ray: 8f281e405f2f36d7-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 881
x-amz-cf-pop: MCI50-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
63 KB 691ms
78ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-On69w1o7' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 15 Dec 2024 17:22:51 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-On69w1o7' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=13, mss=1392, tbw=3000, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: 5upH+Ss6Y2pDz8+Clbaj5r5wiXwK62Q0mK5HNoAeiiM0hFdnty/cNuRVRU4rfAP+742I5wJq608kHp5eyVCyCg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62283
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 modules.675199526fcb21f102e5.js Show response
script.hotjar.com/ 222 KB
56 KB 1502ms
1047ms Script
application/javascript 3.167.56.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.675199526fcb21f102e5.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1043273.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.56.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-56-26.iad61.r.cloudfront.net

Software

Resource Hash

e61c3520c8110a709d981083ddc93cf042c2d2ba25a21903b5df270edb3a05c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

x-robots-tag: none
content-encoding: br
etag: "787cb060b057c5d555662c23eb0e0d17"
age: 443746
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: BmMWyUwgIF05lylzKfjRuLCvi4dgUFwlJ5pWhsS_umHuN3UgxWwN2w==
date: Tue, 10 Dec 2024 14:07:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 10 Dec 2024 14:06:32 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 20848d4ff5765e0130bd5ac1450af23e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56361
x-amz-cf-pop: IAD61-P5

GET
H2 200 672252696572757 Show response
connect.facebook.net/signals/config/ 86 KB
18 KB 164ms
163ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/672252696572757?v=2.9.179&r=stable&domain=www.msf.org&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

04ab6cd824f381032e398a261a0ea91149ea8528e84ab3c2203f717e71afad2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-niMx4u9w' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 15 Dec 2024 17:22:51 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-niMx4u9w' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=60, mss=1392, tbw=67957, tp=-1, tpl=-1, uplat=101, ullat=0
pragma: public
x-fb-debug: R4jglinNDi5/Tvci5n0J1VvOVwXUJb5XtHHUwCcAAPN4+rNRyq5UMFmOqIP+/TbdX1Y2JtybuT8SGwlpVa6xrg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/f8f53e1a/www-widgetapi.vflset/ 30 KB
10 KB 101ms
100ms Script
text/javascript 172.217.197.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f8f53e1a/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.197.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f136.1e100.net

Software

sffe /

Resource Hash

14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

content-encoding: br
age: 138395
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 14 Dec 2025 02:56:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 02:56:16 GMT
last-modified: Wed, 11 Dec 2024 05:16:51 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10165
x-xss-protection: 0
server: sffe

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 1359ms
124ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=672252696572757&ev=PageView&dl=https%3A%2F%2Fwww.msf.org&rl=&if=false&ts=1734283371980&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4124&fbp=fb.1.1734283371977.198885588685798441&cs_est=true&pm=1&hrl=d869ce&ler=empty&cdl=API_unavailable&it=1734283371756&coo=false&cs_cc=1&rqm=GET

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1392, tbw=3027, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 15 Dec 2024 17:22:53 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 1482ms
249ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=672252696572757&ev=PageView&dl=https%3A%2F%2Fwww.msf.org&rl=&if=false&ts=1734283371980&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4124&fbp=fb.1.1734283371977.198885588685798441&cs_est=true&pm=1&hrl=d869ce&ler=empty&cdl=API_unavailable&it=1734283371756&coo=false&cs_cc=1&rqm=FGET

Requested by

Host: www.msf.org
URL: https://www.msf.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7448690370960788461"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 15 Dec 2024 17:22:53 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: vXeU/tECnqik4rqi32Y6HNKJeW1ruIFnKmWaRb1q6bzmetKoJp/Z/O7Or/Bbq3HFcN2269Se4PsuFyzF6cqb5A==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7448690370960788461", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1392, tbw=3345, tp=-1, tpl=-1, uplat=148, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 408 KB
132 KB 80ms
79ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5VEVQ8DLCR&l=dataLayer&cx=c&gtm=45He4cc1v810097954za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTXQQLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

3e781394d30bc154684b2c0cdf8397c2adf474e1826dbddca6da1fda41919685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 15 Dec 2024 17:22:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 17:22:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 134534
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK collect Show response
event.analytics-helper.com/ans/ga/forward/g/ 0
487 B 1301ms
244ms Fetch 148.251.96.221
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL

https://event.analytics-helper.com/ans/ga/forward/g/collect?v=2&tid=G-5VEVQ8DLCR&gtm=45je4cc1v868777741z8810097954za200zb810097954&_p=1734283370237&gcs=G111&gcd=13r3r3r3r5l1&npa=0&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102081485~102198178&gdid=dOWE1OT&cid=1174635717.1734283373&ecid=1388955342&ul=en-ca&sr=1600x1200&_fplc=0&ur=CA-ON&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.rnd=870620418.1734283373&sst.etld=google.ca&sst.tft=1734283370237&sst.ude=0&_s=1&sid=1734283373&sct=1&seg=0&dl=https%3A%2F%2Fwww.msf.org%2F&dt=MSF%20-%20M%C3%A9decins%20Sans%20Fronti%C3%A8res%20%7C%20Medical%20humanitarian%20organisation&en=page_view&_fv=1&_ss=1&ep.sah_pa=35212&ep.sah_c=1756&ep.sah_consent=1&tfd=5665&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5VEVQ8DLCR&l=dataLayer&cx=c&gtm=45He4cc1v810097954za200

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.96.221 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),

Reverse DNS

hetzner-prod.ipsfailover.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: no-store, max-age=0, s-maxage=0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,OPTIONS,POST
Access-Control-Allow-Origin: https://www.msf.org
Content-Length: 0
Date: Sun, 15 Dec 2024 17:22:54 GMT
X-Xss-Protection: 0
Access-Control-Allow-Headers: Authorization, Content-Type, Accept, x-requested-with, Cache-Control, Expires, Pragma

GET
H2 200 favicon.ico
www.msf.org/themes/custom/msf_theme/ 1 KB
575 B 51ms
50ms Other
image/x-icon 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.msf.org/themes/custom/msf_theme/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c28e2e1623e0c31f326794d64288bb45c7e3e86d3771779bcb682c2d65d0bd2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

x-varnish-cache: MISS
x-host: www.msf.org
cf-cache-status: HIT
etag: W/"67582f48-47e"
age: 1166
content-encoding: br
x-url: /themes/custom/msf_theme/favicon.ico
x-varnish: 58726491
date: Sun, 15 Dec 2024 17:22:53 GMT
content-type: image/x-icon
last-modified: Tue, 10 Dec 2024 12:08:40 GMT
vary: Accept-Encoding
x-varnish-grace: none
x-varnish-clientip: 127.0.0.1
cache-control: max-age=1800
via: 1.1 varnish (Varnish/6.0)
cf-ray: 8f281e4c6883ab72-YYZ
x-varnish-methodreq: GET
server: cloudflare

GET
H2 200 favicon-32x32.png
www.msf.org/themes/custom/msf_theme/ 554 B
837 B 394ms
393ms Other
image/webp 172.67.13.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.msf.org/themes/custom/msf_theme/favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.13.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d2e0259d7d7df5ea2124a585f04355c0b960ada7ad22ef5a0d5626d17113a46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

x-varnish-cache: MISS
x-host: www.msf.org
cf-bgj: imgq:85,h2pri
etag: "67582f48-765"
cf-cache-status: REVALIDATED
x-url: /themes/custom/msf_theme/favicon-32x32.png
x-varnish: 61177620
cf-polished: origFmt=png, origSize=1893
date: Sun, 15 Dec 2024 17:22:53 GMT
content-type: image/webp
content-disposition: inline; filename="favicon-32x32.webp"
vary: Accept
last-modified: Tue, 10 Dec 2024 12:08:40 GMT
x-varnish-clientip: 127.0.0.1
x-varnish-grace: none
cache-control: max-age=1800
via: 1.1 varnish (Varnish/6.0)
cf-ray: 8f281e4cf90fab72-YYZ
x-varnish-methodreq: GET
accept-ranges: bytes
content-length: 554
server: cloudflare

GET
H/1.1 200
OK collect Show response
event.analytics-helper.com/ans/ga/forward/g/ 0
487 B 913ms
246ms Fetch 148.251.96.221
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL

https://event.analytics-helper.com/ans/ga/forward/g/collect?v=2&tid=G-5VEVQ8DLCR&gtm=45je4cc1v868777741z8810097954za200zb810097954&_p=1734283370237&gcs=G111&gcd=13r3r3r3r5l1&npa=0&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102081485~102198178&gdid=dOWE1OT&cid=1174635717.1734283373&ecid=1388955342&ul=en-ca&sr=1600x1200&_fplc=0&ur=CA-ON&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.rnd=870620418.1734283373&sst.etld=google.ca&sst.tft=1734283370237&sst.ude=0&_s=2&sid=1734283373&sct=1&seg=0&dl=https%3A%2F%2Fwww.msf.org%2F&dt=MSF%20-%20M%C3%A9decins%20Sans%20Fronti%C3%A8res%20%7C%20Medical%20humanitarian%20organisation&en=section%20gouping&ep.sah_pa=35212&ep.sah_c=1756&ep.sah_consent=1&ep.Section=home&ep.Language=en&_et=45&tfd=6212&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5VEVQ8DLCR&l=dataLayer&cx=c&gtm=45He4cc1v810097954za200

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.96.221 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),

Reverse DNS

hetzner-prod.ipsfailover.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: no-store, max-age=0, s-maxage=0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,OPTIONS,POST
Access-Control-Allow-Origin: https://www.msf.org
Content-Length: 0
Date: Sun, 15 Dec 2024 17:22:54 GMT
X-Xss-Protection: 0
Access-Control-Allow-Headers: Authorization, Content-Type, Accept, x-requested-with, Cache-Control, Expires, Pragma

GET
H2 200 wonderpush.min.js Show response
cdn.by.wonderpush.com/sdk/1.1.35.2/ 376 KB
91 KB 51ms
49ms Script
application/javascript 104.18.18.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/sdk/1.1.35.2/wonderpush.min.js
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1946923a429bd001a0ee74110bf1eda6bdbb5fc53f47be7341d187759085fd3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
etag: "584f5137aed306c64f1902d861d5f6a2ed6e"
age: 807834
access-control-allow-methods: HEAD, GET
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: LQekoK5lEoaI3iaFq1y30orV823QerRlp-vmjNi6kb1mxV8y-FYz0w==
date: Sun, 15 Dec 2024 17:22:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 06 Dec 2024 08:58:44 GMT
vary: Accept-Encoding
cache-control: public,max-age=31536000
via: 1.1 2cd732b3fedea7af49f60c3497dbaec2.cloudfront.net (CloudFront)
cf-ray: 8f281e51ee7f36d7-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 92615
x-amz-cf-pop: ORD53-C3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 d5446e1f2ab04c08f18eacc63334ad5b69f9605bf0890405ef5f3f5373548ebc Show response
cdn.by.wonderpush.com/config/webkeys/ 4 KB
2 KB 538ms
64ms Fetch
application/json 104.18.18.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/config/webkeys/d5446e1f2ab04c08f18eacc63334ad5b69f9605bf0890405ef5f3f5373548ebc?_=1734283374526
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.35.2/wonderpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81973a26e293458c87144cda32a273c2d21bbabceb620ba19ae081cc40d0913e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
etag: "7a776655a371b2e216ef203540a6565aed6e"
age: 1014
access-control-allow-methods: HEAD, GET
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 9CKNGQQNfpHg-ADM-HXm0scu4OOpAFWyV10EKXlwNyeUrCZEn6QrGQ==
date: Sun, 15 Dec 2024 17:22:55 GMT
content-type: application/json
last-modified: Thu, 05 Dec 2024 12:58:21 GMT
vary: Accept-Encoding
cache-control: max-age=3600
via: 1.1 87fe250b32fc87699b1f30c0c5ab6004.cloudfront.net (CloudFront)
cf-ray: 8f281e55e905ec6f-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1422
x-amz-cf-pop: JFK50-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 inappmessaging.min.js Show response
cdn.by.wonderpush.com/sdk/1.1.35.2/ 95 KB
20 KB 51ms
50ms Script
application/javascript 104.18.18.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/sdk/1.1.35.2/inappmessaging.min.js
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.35.2/wonderpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff0593997ed220dcde87f2605768f50f84ea5d8a94de203dd3278f944d091b77

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.msf.org/

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
etag: "a73b313495919c0499b144fd70899e72ed6e"
age: 807702
access-control-allow-methods: HEAD, GET
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 4OYQcwDn6-EsblXhLrjP3w1CL7Bnqf-3hYfhscSNRGo7DEqmAOSEfQ==
date: Sun, 15 Dec 2024 17:22:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 06 Dec 2024 08:58:39 GMT
vary: Accept-Encoding
cache-control: public,max-age=31536000
via: 1.1 c009db1e63457ed5d5ed01409314f6ea.cloudfront.net (CloudFront)
cf-ray: 8f281e565a6d36d7-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20709
x-amz-cf-pop: MIA50-P1
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H2 202 events Show response
measurements-api.wonderpush.com/v1/ 94 B
269 B 696ms
182ms XHR
application/json 216.239.34.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://measurements-api.wonderpush.com/v1/events
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.35.2/wonderpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2215.1e100.net
Software: Google Frontend /
Resource Hash: 78b73a0cf0a1d05a756e8d03e6c3862a33be7bba972279d0b3c58dadfe795d75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://www.msf.org/

Response headers

access-control-allow-origin: https://www.msf.org
content-length: 94
date: Sun, 15 Dec 2024 17:22:55 GMT
content-type: application/json
x-cloud-trace-context: aa44d99181d56c3edb50d700d68de6a8
server: Google Frontend
access-control-allow-credentials: true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: img.msf.org
URL: https://img.msf.org/AssetLink/gx224u8585br3y2ps11o73o8l0r3neyt.jpg

Domain: img.msf.org
URL: https://img.msf.org/AssetLink/a4m28u8363548h44kt33336v410kybwj.jpg

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: FYkpbMNm49U
.youtube.com/	1970-01-21 06:03:55	Name: VISITOR_INFO1_LIVE Value: pQ3fEW7wlw4
.youtube.com/	1970-01-21 06:03:55	Name: VISITOR_PRIVACY_METADATA Value: CgJDQRIEGgAgEQ%3D%3D
.msf.org/	1970-01-21 03:54:19	Name: _fbp Value: fb.1.1734283371977.198885588685798441
.msf.org/	1970-01-21 10:30:19	Name: _hjSessionUser_1043273 Value: eyJpZCI6ImFhMzMzZmFmLWI1MzgtNWQ2OC05ZjJjLWIyNDlkMWYyN2E4OCIsImNyZWF0ZWQiOjE3MzQyODMzNzMxMjYsImV4aXN0aW5nIjpmYWxzZX0=
.msf.org/	1970-01-21 01:44:45	Name: _hjSession_1043273 Value: eyJpZCI6Ijk3YzY5ZWM0LWVmMDMtNDk1My04Njc1LTM1YzFiMDgxNzY0YiIsImMiOjE3MzQyODMzNzMxMjcsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.msf.org/	1970-01-21 10:23:07	Name: ga_helper_consent Value: eyJzZENpZCI6IjExNzQ2MzU3MTcuMTczNDI4MzM3MyIsInNkU2lkIjpudWxsLCJzZFRzIjpudWxsLCJ2ZXJzaW9uIjo5OTk5OX0=
.msf.org/	1970-01-21 11:20:43	Name: _ga Value: GA1.1.1174635717.1734283373
.msf.org/	1970-01-21 11:20:43	Name: _ga_5VEVQ8DLCR Value: GS1.1.1734283373.1.0.1734283373.0.0.1388955342

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.consentframework.com
cache.consentframework.com
cdn.by.wonderpush.com
choices.consentframework.com
connect.facebook.net
eu.httpbin.org
event.analytics-helper.com
img.msf.org
measurements-api.wonderpush.com
msf.org
script.hotjar.com
static.hotjar.com
tag.analytics-helper.com
www.facebook.com
www.googletagmanager.com
www.msf.org
www.youtube.com
img.msf.org
104.18.18.183
148.251.96.221
148.251.96.239
172.217.197.136
172.217.222.97
172.67.13.134
172.67.74.105
18.160.41.53
216.239.34.21
3.167.56.26
31.13.66.19
31.13.66.35
34.226.108.155
04ab6cd824f381032e398a261a0ea91149ea8528e84ab3c2203f717e71afad2a
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
1731831b2eb66d5f6be5282056d22cdbc373a076a5014000abf6808130abcb4a
1946923a429bd001a0ee74110bf1eda6bdbb5fc53f47be7341d187759085fd3d
1ba0d237499d67a480ae864b4479d3beac8742693f275d858b55df757c759333
20c8e4c9abf65e61ee8dfbcf7e03bc9f11b56fc5982834b3ad0efab6e72be60d
2281cc6363e3de8967b8c9b7673293ddfd03d9608e838484d4c1366ee9da21de
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
243c9510a368de1e402f1951c7292fb8f4afc911de1e4b1c8c5886558d8ff199
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2f35b3c5ca332af80767c6e8d206e07aa1ce1fccb62da8d72affee9a6074c2a3
301b368b3c948ea3748ee9949b0e3d5e2ddb729493d9ffde2abd5222e26565a0
351c6e3933b9f0079a26b7836955545f6c992380960e0c5f24f2a57990a61513
3d2e0259d7d7df5ea2124a585f04355c0b960ada7ad22ef5a0d5626d17113a46
3d35fd22c77cd237716ef995479ff52bd5bb4c167f294c9b145f24c06b3b2138
3e781394d30bc154684b2c0cdf8397c2adf474e1826dbddca6da1fda41919685
3fd38a89efa2608fdae9dc62f35d32bee18f18c61d50ba01b9c92e6c72765301
466b0b0a75f05b15c0c8a2dd472cc30e2fb82550930dedbcc1013b92bd4789c2
4b6f98cbed102610dec362f3f811ae8f87d3ddb4b95400c1da8277f1291b3572
4bc23b8c4bc2b2c95fe882ee88c01215ab79a32e91ec7a5566e275029f15a6e6
4de6adbaf80d21084cef00f676dce8fbfbbe50d0339bfb69199230bb123fdd76
54123b4b43276320a7561667c5d81081fcd53f016baa5e6e2bda0e83fce81f32
543efa0ab5be1d818632323c8a21ea6376854b336e3ded6d049a657c3bb00e37
56ef109a958838fde546c07daebfc36498f4ba65acfced5c09dcfa67cc7171e3
584719dfb92450ffc534c2e26b7617b49b5688b3e25ac2f26dfd0ebee936eb67
624f57f36a82c952da06b37f0ab7c7fc162747ed328895c62e0716f999b2159a
6549164cd9878a9c731dbce17d96778e4124ddf08c94072e782e1d50ac0f60d6
68314d8575b9054e8e168015e9b62dea21f6c676c59af3481421d3544304d2ff
69063e4e3cec744bcccc8ab24e3141c96c8da7c421f04bd2e64386830d2087f5
69dbf75b6caf348cbc83dd2e0fde84c19fe00089c1077fe9c1b0e465773ca1d8
72a26ffdc9f0a50cb6e16eb479d7633f68fbd73b75389df3d028a42bb1d1b666
7846c0fd38331f24dabc1faeaab9578162994d4b26df453d1569486e73b55dd7
78b73a0cf0a1d05a756e8d03e6c3862a33be7bba972279d0b3c58dadfe795d75
7b76d4472337251c4db419c030eab142d99186339aa87b0cea744cbfa8c67ba4
81973a26e293458c87144cda32a273c2d21bbabceb620ba19ae081cc40d0913e
836da9298d3b2ed24a439c1bf3fd0e58be408423bf8feb2e7bbbac6cf8b15ff5
837579f91de390bfc837d0c7e052f56874ee2db5591e2a16e74c9b24dcdd965b
859dd0365666198c2be1d3b4de0373f6ebe68de55f3808664446f3f51ddcad92
87770ba469dbf3f5b424079259b0d5abbde6eed6d4223aef72b24b30751b5d9e
87a34d64d091b5177e1791fed45cf5e9c798b9934d99bcd040f709b6a4a97eff
90c5777f7164a160182d14527b291102d29be038511e949bee0d6a326f074583
99f837e6d553c2ab7d8663fe4296376353986e5ec8f2ae52384a31383ebb3177
9b0d6dcf37796f50bf2f0da678092426597f0e38253d0ca31a5eb9eb69dd27d7
9c28e2e1623e0c31f326794d64288bb45c7e3e86d3771779bcb682c2d65d0bd2
9d6559229bb4339266a39ba6d5bc9c67612a9edddaa762f9debf192bf9374a3d
a4ab8f2d7b499044ae511e827c078b54e5852b6fa2eda684f73fc211a018c819
a86eeb4d7ec00dcef525450e7a7d5ec60f3f12b3b9406a9da5d5235bd6ab5898
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aaba19520fb39cd79e2f2080e503695ae06e64701d8aa3a33926b09309647416
b09f9e0f9eeb79acd63f176597a28b46399620c549b3cb838b6de73adbdc1253
baeaf91ca8715816e46a3bf6f0becd67a84e48299015f8db996f636da16afe96
bd9d18d08ecabd32c901b2450f3ccbec0f085a30649b19ebdf479d4f4acb5b1d
c5ef89a07c0a5c2d04154a0763a2eae77e56512d0901dd4f8fac66894bd2c447
c938aad7d5966fd0cc46aa56f5a96a548302af782b63d9dcb97f36eed4e24c18
cb3fe3494f9e04df7ec847b35320f93c3ab6ddce359101c16623b291a360d562
db78a0ddb184481cf48a8e6dd6e9a0f45b4d76d4a47f93e54283f624f8b43137
dcb8923ee5c4537aab7d7abb65e8f41d5a607e9bc1cd54214a980a585f32de71
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61c3520c8110a709d981083ddc93cf042c2d2ba25a21903b5df270edb3a05c5
f8d1544bb47c74ef9a9b177a721c628aeff0be0f9f6a57b18769a7d67055c759
fc747b11f5932641dbc0198fbf4adb264af9decf65b8ba4bd39f8896e9d18a9d
ff0593997ed220dcde87f2605768f50f84ea5d8a94de203dd3278f944d091b77

www.msf.org Open in urlscan Pro 172.67.13.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

95 %HTTPS

0 %IPv6

10 Domains

17 Subdomains

14 IPs

3 Countries

3765 kBTransfer

9239 kBSize

9 Cookies

72 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.msf.org Open in urlscan Pro
172.67.13.134 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

95 %
HTTPS

0 %
IPv6

10
Domains

17
Subdomains

14
IPs

3
Countries

3765 kB
Transfer

9239 kB
Size

9
Cookies

64 HTTP transactions
3 data transactions