urlscan.io logo urlscan.io
SecurityTrails logo

www.freedominternational.org Open in urlscan Pro
167.99.129.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://freedomcambodia.org/
Effective URL: https://www.freedominternational.org/
Submission: On November 29 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 35 HTTP transactions. The main IP is 167.99.129.42, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is www.freedominternational.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 7th 2019. Valid for: 3 months.
This is the only time www.freedominternational.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 142.93.108.123 14061 (DIGITALOC...)
1 167.99.129.42 14061 (DIGITALOC...)
16 13.225.84.180 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2600:9000:20e... 16509 (AMAZON-02)
4 2606:4700:30:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2600:9000:20e... 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
35 11
2    142.93.108.123 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
freedomcambodia.org
1    167.99.129.42 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
www.freedominternational.org
16    13.225.84.180 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-84-180.fra2.r.cloudfront.net
d33wubrfki0l68.cloudfront.net
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    2606:4700:20::6819:4211 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
widget.getgist.com
2    2600:9000:20eb:be00:15:30a:2f80:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d3sjgucddk68ji.cloudfront.net
4    2606:4700:30::681f:5aaf (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
onelineplayer.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    2600:9000:20eb:3400:7:a574:91c0:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d1v3uce98qr32f.cloudfront.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
Domain Requested by
16 d33wubrfki0l68.cloudfront.net www.freedominternational.org
4 onelineplayer.com www.freedominternational.org
3 fonts.gstatic.com www.freedominternational.org
2 www.facebook.com www.freedominternational.org
2 connect.facebook.net www.freedominternational.org
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.freedominternational.org
2 d3sjgucddk68ji.cloudfront.net www.freedominternational.org
d3sjgucddk68ji.cloudfront.net
2 freedomcambodia.org 2 redirects
1 d1v3uce98qr32f.cloudfront.net d3sjgucddk68ji.cloudfront.net
1 widget.getgist.com 1 redirects
1 www.googletagmanager.com www.freedominternational.org
1 fonts.googleapis.com www.freedominternational.org
1 www.freedominternational.org
35 13

This site contains links to these domains. Also see Links.

Domain
blog.freedominternational.org
www.facebook.com
www.iubenda.com
Subject Issuer Validity Valid
*.freedomcambodia.org
Let's Encrypt Authority X3		 2019-11-07 -
2020-02-05		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-05-22 -
2020-05-22		 a year crt.sh
*.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-11-06 -
2020-02-04		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.freedominternational.org/
Frame ID: 3C3BCA4C5894F5BBCDB59E4CDEA8CA76
Requests: 30 HTTP requests in this frame

Frame: https://onelineplayer.com/player.html?autoplay=false&autopause=false&muted=false&loop=false&url=https%3A%2F%2Fdretzgxiirpc8.cloudfront.net%2F90second-480.mov&poster=https%3A%2F%2Fwww.freedominternational.org%2Fimg%2F90second.jpg&time=true&progressBar=true&overlay=true&muteButton=true&fullscreenButton=false&style=light&quality=auto&playButton=true
Frame ID: 5D1DDF3DB82E0779E94665F1D28E368A
Requests: 1 HTTP requests in this frame

Frame: https://onelineplayer.com/player.html?autoplay=false&loop=false&autopause=false&muted=false&url=https%3A%2F%2Fdretzgxiirpc8.cloudfront.net%2Frathana-en-1000.mp4&poster=https%3A%2F%2Fwww.freedominternational.org%2Fimg%2Frathana.jpg&time=true&progressBar=true&playButton=true&overlay=true&muteButton=true&fullscreenButton=true&style=light&logo=false&quality=720p
Frame ID: E484A03D14F734F4C2D3ECD5E46B4BD9
Requests: 1 HTTP requests in this frame

Frame: https://onelineplayer.com/player.html?autoplay=false&loop=false&autopause=false&muted=false&url=https%3A%2F%2Fdretzgxiirpc8.cloudfront.net%2Fsoriya-en-1000.mp4&poster=https%3A%2F%2Fwww.freedominternational.org%2Fimg%2Fsoriya.jpg&time=true&progressBar=true&playButton=true&overlay=true&muteButton=true&fullscreenButton=true&style=light&logo=false&quality=720p
Frame ID: 635826A0A516892409EDF935E6CBA5DA
Requests: 1 HTTP requests in this frame

Frame: https://onelineplayer.com/player.html?autoplay=false&loop=false&autopause=false&muted=false&url=https%3A%2F%2Fdretzgxiirpc8.cloudfront.net%2Fheng-en-1000.mp4&poster=https%3A%2F%2Fwww.freedominternational.org%2Fimg%2Fheng.jpg&time=true&progressBar=true&playButton=true&overlay=true&muteButton=true&fullscreenButton=true&style=light&logo=false&quality=720p
Frame ID: E88482CAC6310F7398A2DE3A7ABF6ADC
Requests: 1 HTTP requests in this frame

Frame: https://d1v3uce98qr32f.cloudfront.net/chat-widget/assets/index-8e07c4e56b.html
Frame ID: 1A54CE80BC5AAF13CED2E3D9CCFF1C42
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://freedomcambodia.org/ HTTP 301
    https://freedomcambodia.org/ HTTP 301
    https://www.freedominternational.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^Netlify/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

35
Requests

100 %
HTTPS

77 %
IPv6

11
Domains

13
Subdomains

11
IPs

3
Countries

1448 kB
Transfer

3047 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://freedomcambodia.org/ HTTP 301
    https://freedomcambodia.org/ HTTP 301
    https://www.freedominternational.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://widget.getgist.com/ HTTP 302
  • https://d3sjgucddk68ji.cloudfront.net/gist-2441057782.min.js

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.freedominternational.org/
Redirect Chain
  • http://freedomcambodia.org/
  • https://freedomcambodia.org/
  • https://www.freedominternational.org/
27 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.99.129.42 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
8508bbb0ed16651f70c1509a48c4ecc4a170b948701719e48b760f6c33afe2bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
www.freedominternational.org
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
cache-control
public, max-age=0, must-revalidate
content-type
text/html; charset=UTF-8
date
Wed, 27 Nov 2019 08:08:55 GMT
etag
"bfe47add551bfe79fb681f5fd7ce4992-ssl-df"
strict-transport-security
max-age=31536000
content-encoding
gzip
content-length
6173
age
195632
server
Netlify
vary
Accept-Encoding
x-nf-request-id
fea251e3-1733-40af-b32e-c072ad8cfb17-24589335

Redirect headers

status
301
cache-control
public, max-age=0, must-revalidate
content-length
53
content-type
text/plain
date
Fri, 29 Nov 2019 14:29:26 GMT
location
https://www.freedominternational.org/
strict-transport-security
max-age=31536000
age
0
server
Netlify
x-nf-request-id
f4bb3d16-5238-4187-985b-6332761d229b-16954118
stack-interface.css
d33wubrfki0l68.cloudfront.net/css/5169fabc4bb9e795936186f4f31d4bc9ab086317/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d33wubrfki0l68.cloudfront.net/css/5169fabc4bb9e795936186f4f31d4bc9ab086317/css/stack-interface.css
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.84.180 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-84-180.fra2.r.cloudfront.net
Software
Netlify /
Resource Hash
7aa6cda402cf69ca51450f35ee8cba01800d59cc65b285866f30350d321d6e02

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
7df4600e-4c6b-4242-9c9b-7b1af8e19a67-15756200
date
Mon, 25 Nov 2019 12:41:26 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
status
200
content-length
672
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server
Netlify
etag
0b90fb0a9f3d52d201b487a971069b2abd8fc8dc-df
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
x-amz-cf-id
tJ5h5AM8mVN1_-hu6DOsb92Oowe3IQbdYRAl4mkOai7qX3LzU8WBQA==
2512ebf1cf860c63dace61b28d50705e31616c1d.css
d33wubrfki0l68.cloudfront.net/bundles/ 		155 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d33wubrfki0l68.cloudfront.net/bundles/2512ebf1cf860c63dace61b28d50705e31616c1d.css
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.84.180 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-84-180.fra2.r.cloudfront.net
Software
Netlify /
Resource Hash
bac94a4ce8113a8901b3c960a8ff18fe6a2add3a9a422bb0a3425a52546792be

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
7df4600e-4c6b-4242-9c9b-7b1af8e19a67-15756205
date
Mon, 25 Nov 2019 12:41:26 GMT
content-encoding
gzip
server
Netlify
x-amz-cf-pop
FRA2-C2
etag
8f20b558a42394f166f1883e946927f90c8735fd-df
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31556926
accept-ranges
bytes
access-control-allow-origin
*
x-amz-cf-id
ByBVHXIzJAv9x41Pw-_VXNFOWprju4zzQN04224apMrtR2Ily1aY7A==
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
df03c8a3df6a2a754b47fb1502f99bef3b16a792.css
d33wubrfki0l68.cloudfront.net/bundles/ 		160 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d33wubrfki0l68.cloudfront.net/bundles/df03c8a3df6a2a754b47fb1502f99bef3b16a792.css
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.84.180 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-84-180.fra2.r.cloudfront.net
Software
Netlify /
Resource Hash
e8c8f445003f7d81abb6b528591507af90908616862996177a23d2b0993e5aa7

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
63d77d36-be34-4554-ac27-c31c0491ecab-20390793
date
Mon, 25 Nov 2019 12:41:27 GMT
content-encoding
gzip
server
Netlify
x-amz-cf-pop
FRA2-C2
etag
85bd8777afe0cb89a22aa10f4b1dee61edc4a6d2-df
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31556926
accept-ranges
bytes
access-control-allow-origin
*
x-amz-cf-id
f19vOTbsu9buwCHqJPStZ9z399NOrUg_WfWoSSj_rOhEk8ZTAOQogw==
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
css
fonts.googleapis.com/ 		7 KB
747 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
dc561ac6b3c8c67d72212cba7eceb903a7a4b3a2e7a18b62b1841de9f73d6fee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 29 Nov 2019 14:29:27 GMT
server
ESF
access-control-allow-origin
*
date
Fri, 29 Nov 2019 14:29:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Fri, 29 Nov 2019 14:29:27 GMT
logo-dark.png
d33wubrfki0l68.cloudfront.net/7de2231b1b0b66a87cf4616c00a48a36249f60e3/c6bc0/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d33wubrfki0l68.cloudfront.net/7de2231b1b0b66a87cf4616c00a48a36249f60e3/c6bc0/img/logo-dark.png
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.84.180 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-84-180.fra2.r.cloudfront.net
Software
Netlify /
Resource Hash
f74a18ee64258d53212852ac6be18b0dc7b448586d2d9a05dc3c4c41068fbd37

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
7df4600e-4c6b-4242-9c9b-7b1af8e19a67-15757069
date
Mon, 25 Nov 2019 12:41:27 GMT
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server
Netlify
x-amz-cf-pop
FRA2-C2
etag
74c78f4da837d80c9839be99145c470a54ace3cf
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
public, max-age=31556926
accept-ranges
bytes
access-control-allow-origin
*
content-length
19397
x-amz-cf-id
v-4CuX_i1cc5x2tdwIqw5-538WqA1spGvG5DbWmAAFXnrtPq2Rq16g==
logo-light.png
d33wubrfki0l68.cloudfront.net/7de2231b1b0b66a87cf4616c00a48a36249f60e3/b26c3/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d33wubrfki0l68.cloudfront.net/7de2231b1b0b66a87cf4616c00a48a36249f60e3/b26c3/img/logo-light.png
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.84.180 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-84-180.fra2.r.cloudfront.net
Software
Netlify /
Resource Hash
f74a18ee64258d53212852ac6be18b0dc7b448586d2d9a05dc3c4c41068fbd37

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
63d77d36-be34-4554-ac27-c31c0491ecab-20391251
date
Mon, 25 Nov 2019 12:41:27 GMT
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server
Netlify
x-amz-cf-pop
FRA2-C2
etag
74c78f4da837d80c9839be99145c470a54ace3cf
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
public, max-age=31556926
accept-ranges
bytes
access-control-allow-origin
*
content-length
19397
x-amz-cf-id
82PzGku3zQ--aIQ8fJ4mCeQQxYIiuJljYms7hKu7B9bt38LIx0RLig==
logo-vector.png
d33wubrfki0l68.cloudfront.net/7de2231b1b0b66a87cf4616c00a48a36249f60e3/d471f/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d33wubrfki0l68.cloudfront.net/7de2231b1b0b66a87cf4616c00a48a36249f60e3/d471f/img/logo-vector.png
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.84.180 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-84-180.fra2.r.cloudfront.net
Software
Netlify /
Resource Hash
f74a18ee64258d53212852ac6be18b0dc7b448586d2d9a05dc3c4c41068fbd37

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
bcdf7b3f-e81b-46eb-a8fa-67766ba2bffa-6643574
date
Mon, 25 Nov 2019 12:41:27 GMT
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server
Netlify
x-amz-cf-pop
FRA2-C2
etag
74c78f4da837d80c9839be99145c470a54ace3cf
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
public, max-age=31556926
accept-ranges
bytes
access-control-allow-origin
*
content-length
19397
x-amz-cf-id
DTiU_X_A3fdBKdyNk0GnDYiDJ4-ML0QnD4y-U2d3YKk-sLAERHZFtg==
dontbetricked.jpg
d33wubrfki0l68.cloudfront.net/6089a9fd20c718f4d05a247769c7548ce4d38cc5/d7aad/img/ 		297 KB
298 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d33wubrfki0l68.cloudfront.net/6089a9fd20c718f4d05a247769c7548ce4d38cc5/d7aad/img/dontbetricked.jpg
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.84.180 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-84-180.fra2.r.cloudfront.net
Software
Netlify /
Resource Hash
c0dbf6f381bf860cd337a01dec9f1e9b6f15703b1f84a2f3395090bbbecb119f

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
63d77d36-be34-4554-ac27-c31c0491ecab-20391718
date
Mon, 25 Nov 2019 12:41:28 GMT
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server
Netlify
x-amz-cf-pop
FRA2-C2
etag
d55707dbc7ac5b00ff99291856443be6fc1feff1
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
public, max-age=31556926
accept-ranges
bytes
access-control-allow-origin
*
content-length
304138
x-amz-cf-id
CcJRMCl1aluvwuOqqsllmbqcG_opIp3gzwAcNwSVw0D8KEWkh5uczQ==
dontbetricked-m.jpg
d33wubrfki0l68.cloudfront.net/4beaaee4dbaa39a7b4c28cb63f82e2d95c4ac471/87b0e/img/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d33wubrfki0l68.cloudfront.net/4beaaee4dbaa39a7b4c28cb63f82e2d95c4ac471/87b0e/img/dontbetricked-m.jpg
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.84.180 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-84-180.fra2.r.cloudfront.net
Software
Netlify /
Resource Hash
7862b6ad74b0298cb71cf49e0831b5a48c162a8f4c211df8e423e04f4884c6a0

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
a224dd05-9fdb-4558-a69c-f4cca4eaa25e-3018837
date
Mon, 18 Nov 2019 09:04:32 GMT
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server
Netlify
x-amz-cf-pop
FRA2-C2
etag
b3d5cac628c4d204e2f62d3e033108990b098f2d
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
public, max-age=31556926
accept-ranges
bytes
access-control-allow-origin
*
content-length
108280
x-amz-cf-id
bH1YWidnTIE_LpeRc7dlJEdCl_5N-3NHVpt2kfowNll5831S3Kqa1A==
staff-simon.jpg
d33wubrfki0l68.cloudfront.net/1da59f6f0bf36a4bdd430f07c7f30f40b33fc77f/14ce0/img/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d33wubrfki0l68.cloudfront.net/1da59f6f0bf36a4bdd430f07c7f30f40b33fc77f/14ce0/img/staff-simon.jpg
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.84.180 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-84-180.fra2.r.cloudfront.net
Software
Netlify /
Resource Hash
4c4626904dba82597e10a33b60aa896036acc74b5e881501f95727f62985152f

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
63d77d36-be34-4554-ac27-c31c0491ecab-20392174
date
Mon, 25 Nov 2019 12:41:29 GMT
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server
Netlify
x-amz-cf-pop
FRA2-C2
etag
375e1a921d5fac8eaeb16e1c3bf6222ca36d319b
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
public, max-age=31556926
accept-ranges
bytes
access-control-allow-origin
*
content-length
29511
x-amz-cf-id
F-anFXfZDDXK8qw4ZkE_9eiCu1lFOv9HX-WbKXICyxAHDNlCVrGs7Q==
staff-kamini.jpg
d33wubrfki0l68.cloudfront.net/ef69babe909394539a3a521391fb017057a51ebb/c477d/img/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d33wubrfki0l68.cloudfront.net/ef69babe909394539a3a521391fb017057a51ebb/c477d/img/staff-kamini.jpg
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.84.180 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-84-180.fra2.r.cloudfront.net
Software
Netlify /
Resource Hash
0e3ee90cabf0a6c6ee1bf833ff3c0be2250b6c2c69baaa06d0ea077190b8da72

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
7df4600e-4c6b-4242-9c9b-7b1af8e19a67-15758351
date
Mon, 25 Nov 2019 12:41:29 GMT
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server
Netlify
x-amz-cf-pop
FRA2-C2
etag
09a7e239b3441fbf1c1828db12f22f6475eccc42
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
public, max-age=31556926
accept-ranges
bytes
access-control-allow-origin
*
content-length
31179
x-amz-cf-id
8MPlELE9qfoNcmeYvl6Pm5e3y4lYnuN0XfTetqwrByxCrbUx6mwusw==
staff-ravi.jpg
d33wubrfki0l68.cloudfront.net/5449305b2cfa74cf9dccf3c37500b37e563f3dee/26a01/img/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d33wubrfki0l68.cloudfront.net/5449305b2cfa74cf9dccf3c37500b37e563f3dee/26a01/img/staff-ravi.jpg
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.84.180 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-84-180.fra2.r.cloudfront.net
Software
Netlify /
Resource Hash
a81c6b301f54ab874e4a3629016c9d8fc19a8c571bc7326ed7581c67012ef542

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
63d77d36-be34-4554-ac27-c31c0491ecab-20392159
date
Mon, 25 Nov 2019 12:41:29 GMT
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server
Netlify
x-amz-cf-pop
FRA2-C2
etag
562b7ca9bb358e7d4131b46b0ace6d5fc61a15be
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
public, max-age=31556926
accept-ranges
bytes
access-control-allow-origin
*
content-length
28461
x-amz-cf-id
cvjy7dp0Sr5iFKW8ckGzLwtY9jrLH4Vqn3TZqivf-rd8nZ3EUDYR5w==
staff-phoebe.jpg
d33wubrfki0l68.cloudfront.net/eaea33fd22e28fdbe457a2e1c7737c795db4d91b/1d286/img/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d33wubrfki0l68.cloudfront.net/eaea33fd22e28fdbe457a2e1c7737c795db4d91b/1d286/img/staff-phoebe.jpg
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.84.180 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-84-180.fra2.r.cloudfront.net
Software
Netlify /
Resource Hash
ea6be3f0f239b3a0affb4a83015fd38ae034fbffa93d7c33b9e21ca6638b6ad4

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
bcdf7b3f-e81b-46eb-a8fa-67766ba2bffa-6644655
date
Mon, 25 Nov 2019 12:41:29 GMT
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server
Netlify
x-amz-cf-pop
FRA2-C2
etag
1cd6d855c24e4206a2576a7a4ce0dc5f93c66f73
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
public, max-age=31556926
accept-ranges
bytes
access-control-allow-origin
*
content-length
27414
x-amz-cf-id
0VWJqdPP0qeMcp90Hr6-78d3P5HeG4udq4FprXkOcf_UUaphA3f3fA==
staff-dan.jpg
d33wubrfki0l68.cloudfront.net/ae711d4db4ad967578343344916f252715f5736e/f945c/img/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d33wubrfki0l68.cloudfront.net/ae711d4db4ad967578343344916f252715f5736e/f945c/img/staff-dan.jpg
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.84.180 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-84-180.fra2.r.cloudfront.net
Software
Netlify /
Resource Hash
5d32fbe12c83bd57aa986be4621949108fa14da9910bfafab2a6167d9168a276

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
63d77d36-be34-4554-ac27-c31c0491ecab-20392166
date
Mon, 25 Nov 2019 12:41:29 GMT
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server
Netlify
x-amz-cf-pop
FRA2-C2
etag
f1d40219451fc264368880f33d375bcf219e6604
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
public, max-age=31556926
accept-ranges
bytes
access-control-allow-origin
*
content-length
26922
x-amz-cf-id
yMElXVPtkcxj0IrSyeu0IXAORVtXKId4_B-Hd3Nftp73Ap_EijUy0A==
staff-new.jpg
d33wubrfki0l68.cloudfront.net/f0dc0dcac19f15c1ea1d910079daca3b9db76270/561c1/img/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d33wubrfki0l68.cloudfront.net/f0dc0dcac19f15c1ea1d910079daca3b9db76270/561c1/img/staff-new.jpg
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.84.180 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-84-180.fra2.r.cloudfront.net
Software
Netlify /
Resource Hash
6253ae90604bd762919f68cdc12d2668e9656cca88faaf3806619a8f2db5bd35

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
e0ce25f9-4fff-487e-a8e4-9dcd9c22cc7a-8020813
date
Mon, 25 Nov 2019 12:41:29 GMT
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server
Netlify
x-amz-cf-pop
FRA2-C2
etag
5b1889cf99c78aea6481bc4a01af72388ccc17a2
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
public, max-age=31556926
accept-ranges
bytes
access-control-allow-origin
*
content-length
14612
x-amz-cf-id
T0pr8nu6JXep-uDOYRsAyKn5ejYiNrNd6umrAAz_AafRyI75SwiXQg==
5332f8ef023a5dbc2094490cc8016471eb77ef14.js
d33wubrfki0l68.cloudfront.net/bundles/ 		159 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d33wubrfki0l68.cloudfront.net/bundles/5332f8ef023a5dbc2094490cc8016471eb77ef14.js
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.84.180 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-84-180.fra2.r.cloudfront.net
Software
Netlify /
Resource Hash
2ac204fc66213aa730a489e6eff03eab1bbe0c4d9a0f6b4253e7a967bb89f288

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
ff9f8d7f-0cec-4d55-a9bf-b3c0a38f47c2-13033613
date
Tue, 12 Nov 2019 13:47:50 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
status
200
content-length
48123
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server
Netlify
etag
780a0b718ff1989878ecd6e61065b3ad94d56f7d-df
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
x-amz-cf-id
44wYUiSPJLuo-HJ96PbI_QzZrJg-AN1AOJPcpMlZXqwfD0aKiDHWYw==
gtm.js
www.googletagmanager.com/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N8J7X3R
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
79dcb5a67b0c7fa19e1a9b335b9956a56e43a54f6188b7af2a097296b502f58b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 29 Nov 2019 14:29:27 GMT
content-encoding
br
last-modified
Fri, 29 Nov 2019 12:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
23246
x-xss-protection
0
expires
Fri, 29 Nov 2019 14:29:27 GMT
gist-2441057782.min.js
d3sjgucddk68ji.cloudfront.net/
Redirect Chain
  • https://widget.getgist.com/
  • https://d3sjgucddk68ji.cloudfront.net/gist-2441057782.min.js
163 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3sjgucddk68ji.cloudfront.net/gist-2441057782.min.js
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:be00:15:30a:2f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5644222f301385937e85a45fb3406d42255a7e89694cd8274e2d8c302b0abad

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 04:53:30 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
age
380058
x-cache
Hit from cloudfront
status
200
content-length
36109
last-modified
Sat, 23 Nov 2019 15:29:24 GMT
server
cloudflare
etag
"9efa8bcb09a517ba9ac23e0983d0c865"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
cf-ray
53b104edeb3726ee-FRA
x-amz-cf-id
l1F9UGjcOwuCVBjICbYckgEEKXsLCX6ZiU14knJU-iC-ISD2DQzuUA==

Redirect headers

date
Fri, 29 Nov 2019 14:29:27 GMT
server
cloudflare
location
https://d3sjgucddk68ji.cloudfront.net/gist-2441057782.min.js
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
status
302
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
53d5461cdb46cbbc-VIE
expires
Thu, 01 Jan 1970 00:00:01 GMT
player.html
onelineplayer.com/ Frame 5D1D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onelineplayer.com/player.html?autoplay=false&autopause=false&muted=false&loop=false&url=https%3A%2F%2Fdretzgxiirpc8.cloudfront.net%2F90second-480.mov&poster=https%3A%2F%2Fwww.freedominternational.org%2Fimg%2F90second.jpg&time=true&progressBar=true&overlay=true&muteButton=true&fullscreenButton=false&style=light&quality=auto&playButton=true
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:5aaf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
onelineplayer.com
:scheme
https
:path
/player.html?autoplay=false&autopause=false&muted=false&loop=false&url=https%3A%2F%2Fdretzgxiirpc8.cloudfront.net%2F90second-480.mov&poster=https%3A%2F%2Fwww.freedominternational.org%2Fimg%2F90second.jpg&time=true&progressBar=true&overlay=true&muteButton=true&fullscreenButton=false&style=light&quality=auto&playButton=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.freedominternational.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.freedominternational.org/

Response headers

status
200
date
Fri, 29 Nov 2019 14:29:27 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=ddaee1012329da56ad09823bd2248f83c1575037767; expires=Sun, 29-Dec-19 14:29:27 GMT; path=/; domain=.onelineplayer.com; HttpOnly
last-modified
Fri, 11 Oct 2019 15:16:26 GMT
vary
Accept-Encoding
via
1.1 vegur
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
53d5461ced0dcbb4-VIE
content-encoding
br
player.html
onelineplayer.com/ Frame E484 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onelineplayer.com/player.html?autoplay=false&loop=false&autopause=false&muted=false&url=https%3A%2F%2Fdretzgxiirpc8.cloudfront.net%2Frathana-en-1000.mp4&poster=https%3A%2F%2Fwww.freedominternational.org%2Fimg%2Frathana.jpg&time=true&progressBar=true&playButton=true&overlay=true&muteButton=true&fullscreenButton=true&style=light&logo=false&quality=720p
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:5aaf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
onelineplayer.com
:scheme
https
:path
/player.html?autoplay=false&loop=false&autopause=false&muted=false&url=https%3A%2F%2Fdretzgxiirpc8.cloudfront.net%2Frathana-en-1000.mp4&poster=https%3A%2F%2Fwww.freedominternational.org%2Fimg%2Frathana.jpg&time=true&progressBar=true&playButton=true&overlay=true&muteButton=true&fullscreenButton=true&style=light&logo=false&quality=720p
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.freedominternational.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.freedominternational.org/

Response headers

status
200
date
Fri, 29 Nov 2019 14:29:27 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=ddaee1012329da56ad09823bd2248f83c1575037767; expires=Sun, 29-Dec-19 14:29:27 GMT; path=/; domain=.onelineplayer.com; HttpOnly
last-modified
Fri, 11 Oct 2019 15:16:26 GMT
vary
Accept-Encoding
via
1.1 vegur
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
53d5461ced13cbb4-VIE
content-encoding
br
player.html
onelineplayer.com/ Frame 6358 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onelineplayer.com/player.html?autoplay=false&loop=false&autopause=false&muted=false&url=https%3A%2F%2Fdretzgxiirpc8.cloudfront.net%2Fsoriya-en-1000.mp4&poster=https%3A%2F%2Fwww.freedominternational.org%2Fimg%2Fsoriya.jpg&time=true&progressBar=true&playButton=true&overlay=true&muteButton=true&fullscreenButton=true&style=light&logo=false&quality=720p
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:5aaf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
onelineplayer.com
:scheme
https
:path
/player.html?autoplay=false&loop=false&autopause=false&muted=false&url=https%3A%2F%2Fdretzgxiirpc8.cloudfront.net%2Fsoriya-en-1000.mp4&poster=https%3A%2F%2Fwww.freedominternational.org%2Fimg%2Fsoriya.jpg&time=true&progressBar=true&playButton=true&overlay=true&muteButton=true&fullscreenButton=true&style=light&logo=false&quality=720p
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.freedominternational.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.freedominternational.org/

Response headers

status
200
date
Fri, 29 Nov 2019 14:29:27 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=ddaee1012329da56ad09823bd2248f83c1575037767; expires=Sun, 29-Dec-19 14:29:27 GMT; path=/; domain=.onelineplayer.com; HttpOnly
last-modified
Fri, 11 Oct 2019 15:16:26 GMT
vary
Accept-Encoding
via
1.1 vegur
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
53d5461ced1ccbb4-VIE
content-encoding
br
player.html
onelineplayer.com/ Frame E884 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onelineplayer.com/player.html?autoplay=false&loop=false&autopause=false&muted=false&url=https%3A%2F%2Fdretzgxiirpc8.cloudfront.net%2Fheng-en-1000.mp4&poster=https%3A%2F%2Fwww.freedominternational.org%2Fimg%2Fheng.jpg&time=true&progressBar=true&playButton=true&overlay=true&muteButton=true&fullscreenButton=true&style=light&logo=false&quality=720p
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:5aaf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
onelineplayer.com
:scheme
https
:path
/player.html?autoplay=false&loop=false&autopause=false&muted=false&url=https%3A%2F%2Fdretzgxiirpc8.cloudfront.net%2Fheng-en-1000.mp4&poster=https%3A%2F%2Fwww.freedominternational.org%2Fimg%2Fheng.jpg&time=true&progressBar=true&playButton=true&overlay=true&muteButton=true&fullscreenButton=true&style=light&logo=false&quality=720p
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.freedominternational.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.freedominternational.org/

Response headers

status
200
date
Fri, 29 Nov 2019 14:29:27 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=ddaee1012329da56ad09823bd2248f83c1575037767; expires=Sun, 29-Dec-19 14:29:27 GMT; path=/; domain=.onelineplayer.com; HttpOnly
last-modified
Fri, 11 Oct 2019 15:16:26 GMT
vary
Accept-Encoding
via
1.1 vegur
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
53d5461ced1fcbb4-VIE
content-encoding
br
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
Origin
https://www.freedominternational.org

Response headers

date
Thu, 21 Nov 2019 07:11:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
717449
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9180
x-xss-protection
0
expires
Fri, 20 Nov 2020 07:11:58 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
Origin
https://www.freedominternational.org

Response headers

date
Thu, 21 Nov 2019 20:31:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:37 GMT
server
sffe
age
669506
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9016
x-xss-protection
0
expires
Fri, 20 Nov 2020 20:31:01 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
Origin
https://www.freedominternational.org

Response headers

date
Thu, 21 Nov 2019 17:13:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
681360
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
0
expires
Fri, 20 Nov 2020 17:13:27 GMT
iconsmind.woff
d33wubrfki0l68.cloudfront.net/0d48469cec6b87fc8665f2dc05c53a7e7c5f3826/876fb/fonts/ 		1 MB
500 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d33wubrfki0l68.cloudfront.net/0d48469cec6b87fc8665f2dc05c53a7e7c5f3826/876fb/fonts/iconsmind.woff
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.84.180 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-84-180.fra2.r.cloudfront.net
Software
Netlify /
Resource Hash
55167ff2dba40b2eb3734d4653b6a3b25a33094cfce64ffb09a23205f33777f7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d33wubrfki0l68.cloudfront.net/bundles/2512ebf1cf860c63dace61b28d50705e31616c1d.css
Origin
https://www.freedominternational.org

Response headers

x-nf-request-id
ed240462-492e-4467-967f-132ee4af17e2-5906174
date
Tue, 17 Sep 2019 08:40:11 GMT
content-encoding
gzip
server
Netlify
x-amz-cf-pop
FRA2-C2
etag
fbb7b3449f467ee00a62922019c51c9fa4c3432f-df
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/font-woff
status
200
cache-control
public, max-age=31556926
accept-ranges
bytes
access-control-allow-origin
*
x-amz-cf-id
6MIVM9cV7ATK4AgT-yQ3HBHCUyq9-0ZleOhzACN8YfGxK_kkt9EUUQ==
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8J7X3R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
6950
date
Fri, 29 Nov 2019 12:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Fri, 29 Nov 2019 14:33:37 GMT
fbevents.js
connect.facebook.net/en_US/ 		121 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
26702
x-xss-protection
0
pragma
public
x-fb-debug
eGocAqgcZghbt3i6nfbO4uW6jgLNXMOV6iVYCGE5jsndAWM3jFScPb22U+SUEQl6S77WJXr36HTJFs4FGJH1IQ==
x-fb-trip-id
420120009
date
Fri, 29 Nov 2019 14:29:27 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=975129471&t=pageview&_s=1&dl=https%3A%2F%2Fwww.freedominternational.org%2F&ul=en-us&de=UTF-8&dt=Freedom%20International&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=136360184&gjid=1341306619&cid=1206006485.1575037767&tid=UA-130948322-1&_gid=1110581908.1575037767&_r=1&gtm=2wgav9N8J7X3R&z=1554884288
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Nov 2019 14:29:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
340032433325723
connect.facebook.net/signals/config/ 		349 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/340032433325723?v=2.9.14&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
7f4eddaf031a191ba28ce76f82622b046ed056b11bc57d79d20f85920f228159
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
bHl4Ldcqg97B6Y0TsiF0CARQUx1sKwwBKmF/VNLvcJt1O4FiaNW3rRplt5WIiO7FydNadfbaIL64GUlwFmpR6Q==
x-fb-trip-id
420120009
date
Fri, 29 Nov 2019 14:29:27 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
index-8e07c4e56b.html
d1v3uce98qr32f.cloudfront.net/chat-widget/assets/ Frame 1A54 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d1v3uce98qr32f.cloudfront.net/chat-widget/assets/index-8e07c4e56b.html
Requested by
Host: d3sjgucddk68ji.cloudfront.net
URL: https://d3sjgucddk68ji.cloudfront.net/gist-2441057782.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:3400:7:a574:91c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
d1v3uce98qr32f.cloudfront.net
:scheme
https
:path
/chat-widget/assets/index-8e07c4e56b.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.freedominternational.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.freedominternational.org/

Response headers

status
200
content-type
text/html
date
Mon, 25 Nov 2019 04:53:34 GMT
last-modified
Sun, 24 Nov 2019 08:01:28 GMT
cache-control
max-age=31536000
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
53b10505ef34dfd3-FRA
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
On4EJvHdVe5J6lYnc4ZtM2L16eRmCxt6phSkh6RA2_1b0_nqPqnIMA==
age
380100
project_gnth9suw.txt
d3sjgucddk68ji.cloudfront.net/projects/settings_data/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d3sjgucddk68ji.cloudfront.net/projects/settings_data/project_gnth9suw.txt
Requested by
Host: d3sjgucddk68ji.cloudfront.net
URL: https://d3sjgucddk68ji.cloudfront.net/gist-2441057782.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:be00:15:30a:2f80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
72552cddf6b307410b40cc28877aea08ee7548f18684db3e20dca92dd192126f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.freedominternational.org/
Origin
https://www.freedominternational.org

Response headers

date
Mon, 25 Nov 2019 12:41:31 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
DYNAMIC
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Fri, 20 Sep 2019 10:51:42 GMT
server
cloudflare
etag
W/"4a2790df7b8391b52a015eac40966597"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/plain
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
cf-ray
53b3b27babdb9730-FRA
x-amz-cf-id
1ImS-jFa21S0oqjc3j_Wd5d4SP2a2L2gW4a2pU1mXvvl2tOMRRn2bA==
/
www.facebook.com/tr/ 		44 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=340032433325723&ev=PageView&dl=https%3A%2F%2Fwww.freedominternational.org%2F&rl=&if=false&ts=1575037767339&sw=1600&sh=1200&v=2.9.14&r=stable&ec=0&o=30&fbp=fb.1.1575037767338.10651125&it=1575037767251&coo=false&rqm=GET
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 29 Nov 2019 14:29:27 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Fri, 29 Nov 2019 14:29:27 GMT
/
www.facebook.com/tr/ 		44 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=340032433325723&ev=Microdata&dl=https%3A%2F%2Fwww.freedominternational.org%2F&rl=&if=false&ts=1575037767842&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Freedom%20International%22%2C%22meta%3Adescription%22%3A%22Breaking%20the%20chains%20of%20modern%20slavery%20in%20Cambodia.%20Become%20a%20freedom%20fighter%20and%20warn%20vulnerable%20kids%20about%20being%20tricked%2C%20trafficked%2C%20and%20sold.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Freedom%20International%22%2C%22og%3Adescription%22%3A%22Breaking%20the%20chains%20of%20modern%20slavery%20in%20Cambodia.%20Become%20a%20freedom%20fighter%20and%20warn%20vulnerable%20kids%20about%20being%20tricked%2C%20trafficked%2C%20and%20sold.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.freedominternational.org%2Fshare.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.freedominternational.org%22%2C%22og%3Asite_name%22%3A%22Freedom%20International%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.14&r=stable&ec=1&o=30&fbp=fb.1.1575037767338.10651125&it=1575037767251&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.freedominternational.org
URL: https://www.freedominternational.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.freedominternational.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 29 Nov 2019 14:29:27 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Fri, 29 Nov 2019 14:29:27 GMT

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| gist object| s object| e object| mr_parallax function| $ function| jQuery object| smoothScroll object| mr function| mrFormsCaptchaInit object| google_tag_manager string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| gtIsOpera boolean| gtIsFirefox boolean| gtIsSafari boolean| gtIsIE boolean| gtIsEdge boolean| gtIsChrome boolean| gtIsBlink boolean| favIconScriptLoad boolean| isFaviconPresent object| gtIpAddressDetails boolean| gtIpAddressAPIInitiateFlag boolean| gtFormSubmitStatus string| subDomain object| closedFormAjaxCallCount object| gtFixedElementDetails string| gtChatInterval string| identifyClearInterval string| gtLeadBotInterval boolean| gtPromptInitiated boolean| gtPersonCreated boolean| gtInitialScrollEvent boolean| triggeredChatOpen boolean| notificationChatOpen string| gtPageOriginalTitle number| pageLoadTime object| gtProjectSetting string| officeHoursOnline boolean| trackPageViewCalled boolean| officeHoursInitiated boolean| chatPromptInitiated string| gtBrowserLanguage boolean| gtSegmentsCalled object| gtPersonSegmentsArray boolean| gtChatReadAtPageLoad string| kbSettings boolean| kbViewStatus object| convertLinkOptionSecretArray object| convertLinkOptionArray object| gtFormsData boolean| formOpenedViaClick boolean| chatiframeLoaded boolean| chatiframeInitiated object| gtPromptDetails boolean| isChatHtmlRendered boolean| isQueryParamsCompleted boolean| isReloadChat boolean| isGtChatReady object| gtPageScrollPosition boolean| gtWindowResize number| gtUserType number| gtChatBottom number| gtChatRight object| gtChatLeft string| gtLauncherPosition string| gtWindowLocation boolean| gtPageIdeal object| defaultAllowedDomains string| gtAwsUrl string| gtGistCdn function| iframeContentLoad object| cfMath string| cfDefaultHost function| _cfVisualisationMode function| _cfFormView function| _cfIframeChat function| _formShowConditionPlugin function| _cfCommonFunctions boolean| cfAdBlockEnabled function| gtGist object| gtTemp object| convertfox object| gtGistReady object| gtGistChatReady object| alreadyExecutedFunctions object| params object| tempThis object| cfChatWindow object| head object| style string| cfChatAreaOpen object| liveForms

9 Cookies

Domain/Path Name / Value
.onelineplayer.com/ Name: _ga
Value: GA1.2.652576453.1575037768
.freedominternational.org/ Name: _fbp
Value: fb.1.1575037767338.10651125
.onelineplayer.com/ Name: __cfduid
Value: ddaee1012329da56ad09823bd2248f83c1575037767
.freedominternational.org/ Name: _gat_UA-130948322-1
Value: 1
.onelineplayer.com/ Name: _gat_gtag_UA_119543203_1
Value: 1
.freedominternational.org/ Name: _gid
Value: GA1.2.1110581908.1575037767
.onelineplayer.com/ Name: _gid
Value: GA1.2.364815816.1575037768
.freedominternational.org/ Name: _ga
Value: GA1.2.1206006485.1575037767
.freedominternational.org/ Name: _gcl_au
Value: 1.1.1449843897.1575037767

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
d1v3uce98qr32f.cloudfront.net
d33wubrfki0l68.cloudfront.net
d3sjgucddk68ji.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
freedomcambodia.org
onelineplayer.com
widget.getgist.com
www.facebook.com
www.freedominternational.org
www.google-analytics.com
www.googletagmanager.com
13.225.84.180
142.93.108.123
167.99.129.42
2600:9000:20eb:3400:7:a574:91c0:21
2600:9000:20eb:be00:15:30a:2f80:93a1
2606:4700:20::6819:4211
2606:4700:30::681f:5aaf
2a00:1450:4001:800::200a
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:81b::2008
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
0e3ee90cabf0a6c6ee1bf833ff3c0be2250b6c2c69baaa06d0ea077190b8da72
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2ac204fc66213aa730a489e6eff03eab1bbe0c4d9a0f6b4253e7a967bb89f288
4c4626904dba82597e10a33b60aa896036acc74b5e881501f95727f62985152f
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
55167ff2dba40b2eb3734d4653b6a3b25a33094cfce64ffb09a23205f33777f7
5d32fbe12c83bd57aa986be4621949108fa14da9910bfafab2a6167d9168a276
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
6253ae90604bd762919f68cdc12d2668e9656cca88faaf3806619a8f2db5bd35
71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394
72552cddf6b307410b40cc28877aea08ee7548f18684db3e20dca92dd192126f
7862b6ad74b0298cb71cf49e0831b5a48c162a8f4c211df8e423e04f4884c6a0
79dcb5a67b0c7fa19e1a9b335b9956a56e43a54f6188b7af2a097296b502f58b
7aa6cda402cf69ca51450f35ee8cba01800d59cc65b285866f30350d321d6e02
7f4eddaf031a191ba28ce76f82622b046ed056b11bc57d79d20f85920f228159
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8508bbb0ed16651f70c1509a48c4ecc4a170b948701719e48b760f6c33afe2bd
a81c6b301f54ab874e4a3629016c9d8fc19a8c571bc7326ed7581c67012ef542
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bac94a4ce8113a8901b3c960a8ff18fe6a2add3a9a422bb0a3425a52546792be
c0dbf6f381bf860cd337a01dec9f1e9b6f15703b1f84a2f3395090bbbecb119f
c5644222f301385937e85a45fb3406d42255a7e89694cd8274e2d8c302b0abad
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc561ac6b3c8c67d72212cba7eceb903a7a4b3a2e7a18b62b1841de9f73d6fee
e8c8f445003f7d81abb6b528591507af90908616862996177a23d2b0993e5aa7
ea6be3f0f239b3a0affb4a83015fd38ae034fbffa93d7c33b9e21ca6638b6ad4
f74a18ee64258d53212852ac6be18b0dc7b448586d2d9a05dc3c4c41068fbd37