give.unrefugees.org Open in urlscan Pro
54.200.172.250 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.e.unrefugees.org/?qs=ae927f9d876e181a2d3e4adadc3e6b2be008d3dde83c2abe3dac28a8293b69828b8614577692cb92eb7762889c54...
Effective URL:
https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_ca...
Submission: On June 29 via manual (June 29th 2023, 4:50:28 pm UTC) from IN — Scanned from DE

Summary HTTP 230 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 76 IPs in 7 countries across 62 domains to perform 230 HTTP transactions. The main IP is 54.200.172.250, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is give.unrefugees.org.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 8th 2023. Valid for: 10 months.

This is the only time give.unrefugees.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.228.216 13.111.228.216	22606 (EXACT-7) (EXACT-7)
13	54.200.172.250 54.200.172.250	16509 (AMAZON-02) (AMAZON-02)
7	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	108.157.194.102 108.157.194.102	16509 (AMAZON-02) (AMAZON-02)
1 3	18.210.95.94 18.210.95.94	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700:21:... 2606:4700:21::681b:c358	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
6	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:400c:c0a::5c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.249.9.253 13.249.9.253	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	46.137.33.47 46.137.33.47	16509 (AMAZON-02) (AMAZON-02)
1	35.190.72.228 35.190.72.228	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:7... 2600:1901:0:7d2::	15169 (GOOGLE) (GOOGLE)
1	18.66.112.57 18.66.112.57	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:3c00:1e:549f:95c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2 4	52.203.49.201 52.203.49.201	14618 (AMAZON-AES) (AMAZON-AES)
3	174.129.208.36 174.129.208.36	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.227.237.181 35.227.237.181	15169 (GOOGLE) (GOOGLE)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	44.207.218.163 44.207.218.163	14618 (AMAZON-AES) (AMAZON-AES)
1	18.235.225.8 18.235.225.8	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ed3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	52.54.79.53 52.54.79.53	14618 (AMAZON-AES) (AMAZON-AES)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
1	2600:9000:211... 2600:9000:211a:9200:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
2	2.19.126.72 2.19.126.72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
13 17	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1	52.25.243.35 52.25.243.35	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:219... 2600:9000:219c:d000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
12 12	65.9.66.102 65.9.66.102	16509 (AMAZON-02) (AMAZON-02)
9	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 3	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3 6	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
3 6	54.155.194.178 54.155.194.178	16509 (AMAZON-02) (AMAZON-02)
3	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	3.120.214.218 3.120.214.218	16509 (AMAZON-02) (AMAZON-02)
3	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
3	3.88.89.196 3.88.89.196	14618 (AMAZON-AES) (AMAZON-AES)
3 6	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
3 6	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
3	2600:1f18:612... 2600:1f18:612b:4216:fca7:6f27:4f1c:9be8	14618 (AMAZON-AES) (AMAZON-AES)
3	52.209.185.252 52.209.185.252	16509 (AMAZON-02) (AMAZON-02)
3	52.50.52.186 52.50.52.186	16509 (AMAZON-02) (AMAZON-02)
3 6	3.73.11.83 3.73.11.83	16509 (AMAZON-02) (AMAZON-02)
4 6	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
12	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	3.66.114.155 3.66.114.155	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	34.252.63.13 34.252.63.13	16509 (AMAZON-02) (AMAZON-02)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
1	13.32.158.98 13.32.158.98	16509 (AMAZON-02) (AMAZON-02)
230	76

1 13.111.228.216 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.e.unrefugees.org

click.e.unrefugees.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 54.200.172.250 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-172-250.us-west-2.compute.amazonaws.com

give.unrefugees.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.194.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-194-102.mxp53.r.cloudfront.net

cdn.unrefugees.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.210.95.94 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-95-94.compute-1.amazonaws.com

app.dafwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:21::681b:c358 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.65.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0a::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.9.253 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-253.cdg53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.137.33.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-33-47.eu-west-1.compute.amazonaws.com

collector-3219.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.228 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 228.72.190.35.bc.googleusercontent.com

www.tp88trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:7d2:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

g1782759016.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-57.fra56.r.cloudfront.net

js.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:3c00:1e:549f:95c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.veritonic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.203.49.201 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-49-201.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 174.129.208.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-208-36.compute-1.amazonaws.com

ad.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.237.181 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 181.237.227.35.bc.googleusercontent.com

event.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.207.218.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-218-163.compute-1.amazonaws.com

data.adxcel-ec2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.225.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-225-8.compute-1.amazonaws.com

px.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ed3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.79.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-79-53.compute-1.amazonaws.com

atr.veritonicmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:9200:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

4647326.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.126.72 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-72.deploy.static.akamaitechnologies.com

storage.cloud.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 193.0.160.131 (United States) 13 redirects

ASN54312 (ROCKETFUEL, US)

20669309p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
20826429p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
20826430p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.25.243.35 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-243-35.us-west-2.compute.amazonaws.com

lyibja.unrefugees.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:219c:d000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 65.9.66.102 (United States) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-102.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.171.52 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.155.194.178 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-194-178.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.214.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.88.89.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-88-89-196.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.94.180.125 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:612b:4216:fca7:6f27:4f1c:9be8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.209.185.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-185-252.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.50.52.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-52-186.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.73.11.83 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-11-83.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.66.49 (United States) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.114.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-114-155.eu-central-1.compute.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.63.13 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-63-13.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

zrtzph91fuyexre632vj7u2axfj363emfbsmm56ld6b489bc874a3396am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.158.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-158-98.cdg50.r.cloudfront.net

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 10 pay.google.com — Cisco Umbrella Rank: 3447 adservice.google.com — Cisco Umbrella Rank: 113 region1.analytics.google.com — Cisco Umbrella Rank: 2556 play.google.com — Cisco Umbrella Rank: 58	462 KB
18	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 3030 zrtzph91fuyexre632vj7u2axfj363emfbsmm56ld6b489bc874a3396am1.e.aa.online-metrix.net	112 KB
17	rfihub.com 13 redirects 20669309p.rfihub.com 20826429p.rfihub.com 20826430p.rfihub.com p.rfihub.com — Cisco Umbrella Rank: 977 a.rfihub.com — Cisco Umbrella Rank: 3394	26 KB
16	unrefugees.org 1 redirects click.e.unrefugees.org give.unrefugees.org cdn.unrefugees.org lyibja.unrefugees.org	675 KB
13	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 ad.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 4647326.fls.doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 254	6 KB
12	rezync.com 12 redirects live.rezync.com — Cisco Umbrella Rank: 1580	9 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	713 KB
9	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 428	269 B
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	84 KB
8	paypal.com www.paypal.com — Cisco Umbrella Rank: 2380 t.paypal.com — Cisco Umbrella Rank: 3125	88 KB
8	typekit.net use.typekit.net — Cisco Umbrella Rank: 614 p.typekit.net — Cisco Umbrella Rank: 795	197 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1040 t.clarity.ms — Cisco Umbrella Rank: 7954 c.clarity.ms — Cisco Umbrella Rank: 1589	27 KB
6	everesttech.net 4 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 796	1 KB
6	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	3 KB
6	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 794	3 KB
6	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635	4 KB
6	demdex.net 3 redirects dpm.demdex.net — Cisco Umbrella Rank: 218	5 KB
6	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	6 KB
6	google.de www.google.de — Cisco Umbrella Rank: 4752	903 B
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 896	1 KB
4	trkn.us 2 redirects trkn.us — Cisco Umbrella Rank: 2345	3 KB
4	ipredictive.com js.ipredictive.com — Cisco Umbrella Rank: 18632 ad.ipredictive.com — Cisco Umbrella Rank: 5697	4 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 390 c.bing.com — Cisco Umbrella Rank: 258	15 KB
3	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 620	1010 B
3	agkn.com aa.agkn.com — Cisco Umbrella Rank: 533	1 KB
3	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1248	523 B
3	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1609	546 B
3	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1922	325 B
3	media.net contextual.media.net — Cisco Umbrella Rank: 675	2 KB
3	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1132	1 KB
3	openx.net us-u.openx.net — Cisco Umbrella Rank: 496	485 B
3	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 1036	617 B
3	kargo.com storage.cloud.kargo.com — Cisco Umbrella Rank: 6083 crb.kargo.com — Cisco Umbrella Rank: 1783 kds-pixel.kargo.com Failed	6 KB
3	g1782759016.co g1782759016.co — Cisco Umbrella Rank: 188597	503 B
3	dafwidget.com 1 redirects app.dafwidget.com	4 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	260 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1250 pixel.quantserve.com — Cisco Umbrella Rank: 1003	10 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2178	33 KB
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1150	710 B
2	veritonicmetrics.com atr.veritonicmetrics.com — Cisco Umbrella Rank: 19004	132 B
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 524	1 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 538	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	213 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	197 KB
1	cloudfront.net d6tizftlrpuof.cloudfront.net	2 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 331	627 B
1	usabilla.com w.usabilla.com — Cisco Umbrella Rank: 4319	11 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 535	15 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1172	1 KB
1	turn.com r.turn.com — Cisco Umbrella Rank: 3947	398 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5437	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	900 B
1	adentifi.com px.adentifi.com — Cisco Umbrella Rank: 12797	35 B
1	adxcel-ec2.com data.adxcel-ec2.com — Cisco Umbrella Rank: 4551	131 B
1	mrtnsvr.com 1 redirects event.mrtnsvr.com — Cisco Umbrella Rank: 81102	253 B
1	veritonic.com cdn.veritonic.com — Cisco Umbrella Rank: 67934	2 KB
1	tp88trk.com www.tp88trk.com — Cisco Umbrella Rank: 24946	19 KB
1	tvsquared.com collector-3219.tvsquared.com	190 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 169	2 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1047	16 KB
1	plyr.io cdn.plyr.io — Cisco Umbrella Rank: 13020	32 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 749	30 KB
230	62

	Domain	Requested by
17	h.online-metrix.net	give.unrefugees.org h.online-metrix.net
13	give.unrefugees.org	give.unrefugees.org
12	play.google.com	www.gstatic.com
12	live.rezync.com	12 redirects
10	p.rfihub.com	9 redirects give.unrefugees.org
10	www.gstatic.com	www.google.com pay.google.com www.gstatic.com
9	idsync.rlcdn.com	give.unrefugees.org 20826429p.rfihub.com 20826430p.rfihub.com
9	www.google.com	1 redirects give.unrefugees.org www.gstatic.com www.google.com
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
7	use.typekit.net	give.unrefugees.org use.typekit.net
6	sync-tm.everesttech.net	4 redirects give.unrefugees.org
6	x.bidswitch.net	3 redirects give.unrefugees.org
6	sync.search.spotxchange.com	3 redirects give.unrefugees.org
6	dsum-sec.casalemedia.com	3 redirects give.unrefugees.org
6	dpm.demdex.net	3 redirects give.unrefugees.org
6	ib.adnxs.com	3 redirects give.unrefugees.org
6	www.google.de	give.unrefugees.org
6	www.paypal.com	give.unrefugees.org www.paypal.com www.paypalobjects.com
5	tr.snapchat.com	sc-static.net
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
4	trkn.us	2 redirects give.unrefugees.org
4	pay.google.com	give.unrefugees.org pay.google.com www.gstatic.com
3	beacon.krxd.net	give.unrefugees.org 20826429p.rfihub.com 20826430p.rfihub.com
3	aa.agkn.com	give.unrefugees.org 20826429p.rfihub.com 20826430p.rfihub.com
3	partners.tremorhub.com	give.unrefugees.org
3	x.dlx.addthis.com	give.unrefugees.org 20826429p.rfihub.com 20826430p.rfihub.com
3	bpi.rtactivate.com	give.unrefugees.org 20826429p.rfihub.com 20826430p.rfihub.com
3	contextual.media.net	give.unrefugees.org 20826429p.rfihub.com 20826430p.rfihub.com
3	ps.eyeota.net	give.unrefugees.org
3	us-u.openx.net	give.unrefugees.org 20826429p.rfihub.com 20826430p.rfihub.com
3	image2.pubmatic.com	give.unrefugees.org 20826429p.rfihub.com 20826430p.rfihub.com
3	a.rfihub.com	3 redirects
3	cm.g.doubleclick.net	3 redirects
3	t.clarity.ms	www.clarity.ms
3	ad.ipredictive.com	give.unrefugees.org js.ipredictive.com
3	g1782759016.co	give.unrefugees.org
3	bat.bing.com	www.googletagmanager.com bat.bing.com give.unrefugees.org
3	app.dafwidget.com	1 redirects give.unrefugees.org app.dafwidget.com
2	c.clarity.ms	1 redirects
2	20826429p.rfihub.com	c1.rfihub.net
2	www.facebook.com	give.unrefugees.org
2	storage.cloud.kargo.com	www.googletagmanager.com storage.cloud.kargo.com
2	4647326.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	t.paypal.com	give.unrefugees.org
2	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	sp.analytics.yahoo.com	give.unrefugees.org
2	atr.veritonicmetrics.com	cdn.veritonic.com
2	region1.analytics.google.com	www.googletagmanager.com
2	pixel.tapad.com	1 redirects give.unrefugees.org
2	adservice.google.com	give.unrefugees.org 4647326.fls.doubleclick.net
2	ad.doubleclick.net	2 redirects
2	s.yimg.com	give.unrefugees.org s.yimg.com
2	connect.facebook.net	give.unrefugees.org connect.facebook.net
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	give.unrefugees.org www.googletagmanager.com
1	d6tizftlrpuof.cloudfront.net	give.unrefugees.org
1	zrtzph91fuyexre632vj7u2axfj363emfbsmm56ld6b489bc874a3396am1.e.aa.online-metrix.net
1	bam.nr-data.net	js-agent.newrelic.com
1	w.usabilla.com	give.unrefugees.org
1	c.bing.com	1 redirects
1	js-agent.newrelic.com	give.unrefugees.org
1	crb.kargo.com	storage.cloud.kargo.com
1	pixel.quantserve.com	give.unrefugees.org
1	rules.quantcount.com	secure.quantserve.com
1	20826430p.rfihub.com	c1.rfihub.net
1	lyibja.unrefugees.org	connect.facebook.net
1	r.turn.com	give.unrefugees.org
1	20669309p.rfihub.com	1 redirects
1	secure.quantserve.com	give.unrefugees.org
1	c1.rfihub.net	give.unrefugees.org
1	p.typekit.net	use.typekit.net
1	fonts.googleapis.com	give.unrefugees.org
1	px.adentifi.com	give.unrefugees.org
1	data.adxcel-ec2.com	give.unrefugees.org
1	event.mrtnsvr.com	1 redirects
1	cdn.veritonic.com	give.unrefugees.org
1	js.ipredictive.com	www.googletagmanager.com
1	www.tp88trk.com	www.googletagmanager.com
1	collector-3219.tvsquared.com	give.unrefugees.org
1	www.googleadservices.com	www.googletagmanager.com
1	sc-static.net	www.googletagmanager.com
1	cdn.plyr.io	give.unrefugees.org
1	code.jquery.com	give.unrefugees.org
1	cdn.unrefugees.org	give.unrefugees.org
1	click.e.unrefugees.org	1 redirects
0	kds-pixel.kargo.com Failed	storage.cloud.kargo.com
230	88

This site contains links to these domains. Also see Links.

Domain
dafwidget.com
www.unrefugees.org

Subject Issuer	Validity	Valid
unrefugees.org Amazon RSA 2048 M01	`2023-02-08` - `2023-12-06`	10 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-01-09` - `2024-01-23`	a year	crt.sh
*.unrefugees.org Amazon RSA 2048 M01	`2023-04-06` - `2024-05-04`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
cdn.plyr.io Cloudflare Inc ECC CA-3	`2023-04-12` - `2024-04-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-08` - `2023-07-07`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-22` - `2023-07-12`	2 months	crt.sh
*.tvsquared.com Amazon RSA 2048 M01	`2023-02-10` - `2023-08-30`	7 months	crt.sh
tp88trk.com Starfield Secure Certificate Authority - G2	`2022-12-17` - `2024-01-18`	a year	crt.sh
g1782759016.co GTS CA 1D4	`2023-06-17` - `2023-09-15`	3 months	crt.sh
*.ipredictive.com Amazon RSA 2048 M02	`2023-03-14` - `2024-04-11`	a year	crt.sh
cdn.veritonic.com Amazon RSA 2048 M02	`2023-02-21` - `2023-09-15`	7 months	crt.sh
adxcel-ec2.com Amazon RSA 2048 M02	`2023-02-24` - `2023-11-16`	9 months	crt.sh
adentifi.com Amazon RSA 2048 M02	`2023-02-22` - `2023-09-03`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.veritonicmetrics.com Amazon RSA 2048 M01	`2023-04-20` - `2024-05-18`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-30` - `2023-11-22`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.imarketsmart.com Amazon RSA 2048 M02	`2023-01-25` - `2024-02-23`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.rfihub.net Amazon RSA 2048 M01	`2023-02-24` - `2023-12-29`	10 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
kargo.com R3	`2023-05-10` - `2023-08-08`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
lyibja.unrefugees.org R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-27` - `2024-04-27`	a year	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.dev.kargo.com Amazon RSA 2048 M01	`2023-02-13` - `2024-03-12`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
w.usabilla.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-09`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-06-14` - `2024-07-01`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Frame ID: BC125333DC582662D09CF4A4257A09B9
Requests: 114 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 13EAA62712CA359A647782C05520F06D
Requests: 2 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgive.unrefugees.org&mid=
Frame ID: 132FD95BD5EAB6FBABE8BB4CCF5FE5F6
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=normal&cb=dp4nx41ctfe
Frame ID: A1453E0AF00E6AD213C6EF304625748D
Requests: 8 HTTP requests in this frame

Frame: https://ad.ipredictive.com/d/track/event?upid=101374&cache_buster=1688057421&url=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&val=undefined&tn=undefined&itms=undefined
Frame ID: D0DDBC043BE50861B05E33C9CFA2B66F
Requests: 1 HTTP requests in this frame

Frame: https://4647326.fls.doubleclick.net/activityi;dc_pre=CJnb8ff36P8CFShDkQUdMhYDnw;src=4647326;type=unrefcms;cat=donfvis;ord=6619650278858;gtm=45He36s0;auiddc=360581829.1688057421;u3=undefined;u2=undefined;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC
Frame ID: 4DD43B39216B7EC84399BA181CC2E183
Requests: 2 HTTP requests in this frame

Frame: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=40035459830303965
Frame ID: B97BE2ECD1D1A34D720A7C3167CFB4FE
Requests: 19 HTTP requests in this frame

Frame: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=6408097557162367
Frame ID: 7FEFCCA7CCD8C60D3D4E649B944F9F2C
Requests: 19 HTTP requests in this frame

Frame: https://20826430p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826430&_o=9587&_t=20826430&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=28839988058696675
Frame ID: 1082B185C6658F5F0C31F4EFFFC8486D
Requests: 19 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm
Frame ID: 7128D8668F2CAB0DF7A2C8576EE4EBFC
Requests: 3 HTTP requests in this frame

Frame: https://crb.kargo.com/api/v1/initsync/17472fad-8544-4c6d-bc35-87fe364865c6?partners=Tapad&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: D4E53D45617D8719487FF39FBECF27BA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 463E1FE267852298F0971313DE531BF3
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/check.js;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396&jb=35392e24687b6f753f55616e666f7f71246a7b673d576b6e6c6d7571273a38313226687360773d416a706f6d6d24687b623d416a7a6f6f652d303231393c
Frame ID: 1FBF618671EA80F8C7A2DA29B7AAD61B
Requests: 11 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=cda0845c-e241-4b98-8d4b-abdc76d31d9d&u_scsid=ca0547a7-d462-48d6-8fca-46ba6d801709&u_sclid=6c89019d-8af5-4dc7-adcc-9468b0d66e9f
Frame ID: 8C673CFE53A3A1C7D53F8896580E0700
Requests: 1 HTTP requests in this frame

Frame: https://w.usabilla.com/fa5b33ed7c80.js?lv=1
Frame ID: B401C44BBDFE685294A396AB9552E729
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396
Frame ID: 0C99371E7491959D4635DEE0AF3A2C29
Requests: 3 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396
Frame ID: 5BB71A8398E31386AD6447BA9A71CE93
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/top_fp.html;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396
Frame ID: 0744E806243985FA70489EA065A033F8
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/unhcr-button-ca8fba580979f02c2694fa49ed8ef52a.png
Frame ID: E81FD4C0DE854A96B2ACEA54C8B3A55C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Make a Monthly Gift for World Refugee Day | USA for UNHCR

Page URL History Show full URLs

https://click.e.unrefugees.org/?qs=ae927f9d876e181a2d3e4adadc3e6b2be008d3dde83c2abe3dac28a8293b69828b861457... HTTP 302
https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_sour... Page URL

Detected technologies

Plyr (Video players) Expand

Overall confidence: 100%
Detected patterns

https://cdn\.plyr\.io/([0-9.]+)/.+\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

230
Requests

84 %
HTTPS

34 %
IPv6

62
Domains

88
Subdomains

76
IPs

7
Countries

3022 kB
Transfer

7919 kB
Size

80
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://dafwidget.com/terms-and-privacy-policy/?SF_monthly=7011K000002Ohy1QAC&SF_onetime=7011K000002OhxwQAC&utm_medium=email&utm_source=u4u-update
Title: Terms of Service and Privacy Policy

Search URL Search Domain Scan URL

URL: https://dafwidget.com/add-a-new-fund-to-the-dafwidget/?SF_monthly=7011K000002Ohy1QAC&SF_onetime=7011K000002OhxwQAC&utm_medium=email&utm_source=u4u-update
Title: Don't see your fund? Let us know.

Search URL Search Domain Scan URL

URL: https://www.unrefugees.org/privacy-policy/?SF_monthly=7011K000002Ohy1QAC&SF_onetime=7011K000002OhxwQAC&utm_medium=email&utm_source=u4u-update
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.unrefugees.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.e.unrefugees.org/?qs=ae927f9d876e181a2d3e4adadc3e6b2be008d3dde83c2abe3dac28a8293b69828b8614577692cb92eb7762889c54b27e4008ee8b126851d1 HTTP 302
https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://app.dafwidget.com/api/js/source.js HTTP 301
https://app.dafwidget.com/public/embed.js

Request Chain 35

https://ad.doubleclick.net/ddm/activity/src=4269937;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=4269937;dc_pre=CJW4wvf36P8CFU5DwgodrkYK5g;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=4269937;dc_pre=CJW4wvf36P8CFU5DwgodrkYK5g;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 36

https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=11536835 HTTP 302
https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=11536835;ip=80.255.10.200;cuidchk=1

Request Chain 37

https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=1492153242 HTTP 302
https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=1492153242;ip=80.255.10.200;cuidchk=1

Request Chain 40

https://event.mrtnsvr.com/?adv=17114&cb=1060348778&ref=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&gtmcb=218587862 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=l9srJt1ap&gdpr=0 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3203&partner_device_id=l9srJt1ap&gdpr=0

Request Chain 56

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10934040069/?random=1096455664&cv=11&fst=1688057420838&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&tiba=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&value=0&auid=360581829.1688057421&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TLadZP_xNsOU7_UPtZy50A0&sscte=1&crd=&eitems=ChEI8Nf0pAYQgNzfg8PrmJjGARIdAEWJZf9tO3kjW6gedGxcot7h1r6gWUHqkfcFjKU&pscrd=Ek5DaEVJOE5mMHBBWVFvWXYwdmZURzA1UHJBUklsQUJHWDdnUTQ1TjFqVUZqTlFoMGJHR1N1alZhdlJvTk1Sd0xpNk9HZkVwSzBuU281Y3caWENoRUk4TmYwcEFZUXVhTEwyZTNCM3VDX0FSSXRBTENwZkdJRnNZRUxpUTI5MnRmbUl3UmUtYTBtdDFXYW1QcUEyXzQzV05CS0kyQjhEdDlFTFFQT3FnMzgiEwj_x7v39-j_AhVDyrsIHTVODto HTTP 302
https://www.google.com/pagead/1p-conversion/10934040069/?random=1096455664&cv=11&fst=1688057420838&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&tiba=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&value=0&auid=360581829.1688057421&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE5mMHBBWVFvWXYwdmZURzA1UHJBUklsQUJHWDdnUTQ1TjFqVUZqTlFoMGJHR1N1alZhdlJvTk1Sd0xpNk9HZkVwSzBuU281Y3caWENoRUk4TmYwcEFZUXVhTEwyZTNCM3VDX0FSSXRBTENwZkdJRnNZRUxpUTI5MnRmbUl3UmUtYTBtdDFXYW1QcUEyXzQzV05CS0kyQjhEdDlFTFFQT3FnMzgiEwj_x7v39-j_AhVDyrsIHTVODto&is_vtc=1&ocp_id=TLadZP_xNsOU7_UPtZy50A0&cid=CAQSKQBygQiDz7sk7L_ijyPBlJsOXrRq-4g93YmjeeRpXkffyPv5nKR72FaQ&eitems=ChEI8Nf0pAYQgNzfg8PrmJjGARIdAEWJZf8VCPFTbEpG86mJEKcQ2E2BOs3hchgIGII&random=395960849 HTTP 302
https://www.google.de/pagead/1p-conversion/10934040069/?random=1096455664&cv=11&fst=1688057420838&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&tiba=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&value=0&auid=360581829.1688057421&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE5mMHBBWVFvWXYwdmZURzA1UHJBUklsQUJHWDdnUTQ1TjFqVUZqTlFoMGJHR1N1alZhdlJvTk1Sd0xpNk9HZkVwSzBuU281Y3caWENoRUk4TmYwcEFZUXVhTEwyZTNCM3VDX0FSSXRBTENwZkdJRnNZRUxpUTI5MnRmbUl3UmUtYTBtdDFXYW1QcUEyXzQzV05CS0kyQjhEdDlFTFFQT3FnMzgiEwj_x7v39-j_AhVDyrsIHTVODto&is_vtc=1&ocp_id=TLadZP_xNsOU7_UPtZy50A0&cid=CAQSKQBygQiDz7sk7L_ijyPBlJsOXrRq-4g93YmjeeRpXkffyPv5nKR72FaQ&eitems=ChEI8Nf0pAYQgNzfg8PrmJjGARIdAEWJZf8VCPFTbEpG86mJEKcQ2E2BOs3hchgIGII&random=395960849&ipr=y&ezwbk=AZuM4hBmJd2UX0pJUaysN6Nj4aa7NiOZN4v_SqT6xjqxRCTJ-Rx_AwZ1L9RzjLEEydTQmRDwbscbzpShovU4Vxbm2N3K

Request Chain 88

https://4647326.fls.doubleclick.net/activityi;src=4647326;type=unrefcms;cat=donfvis;ord=6619650278858;gtm=45He36s0;auiddc=360581829.1688057421;u3=undefined;u2=undefined;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC HTTP 302
https://4647326.fls.doubleclick.net/activityi;dc_pre=CJnb8ff36P8CFShDkQUdMhYDnw;src=4647326;type=unrefcms;cat=donfvis;ord=6619650278858;gtm=45He36s0;auiddc=360581829.1688057421;u3=undefined;u2=undefined;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC

Request Chain 92

https://20669309p.rfihub.com/ca.gif?rb=9587&ca=20669309&ra=78997106 HTTP 302
https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=

Request Chain 115

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%253A1688057422.2925417%26_%3D1688057422.2947848&cb=1688057422.2948105 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%253A1688057422.2925417%26_%3D1688057422.2947848 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.2947848

Request Chain 116

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyNjQwNTEyOTQyMA==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEI_101iyd9d0kUT1OxLnV5M&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%253A1688057422.2925417%26_%3D1688057422.7438915&cb=1688057422.7439184 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%253A1688057422.2925417%26_%3D1688057422.7438915 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.7438915

Request Chain 117

https://ib.adnxs.com/setuid?entity=18&code=5133329526405129420 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329526405129420

Request Chain 118

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329526405129420&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329526405129420&redir=

Request Chain 121

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5133329526405129420&bid=omt9pi0

Request Chain 124

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329526405129420&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329526405129420&forward=&C=1

Request Chain 127

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329526405129420&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329526405129420&img=1&__user_check__=1&sync_id=09c7f9bf-169d-11ee-a38d-1dbc55590406

Request Chain 131

https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329526405129420&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329526405129420&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}

Request Chain 132

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZJ22TgAIRYsF_gBR

Request Chain 133

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=cd42ba9b-d26c-46f1-8e33-08d94f73cfa8%3A1688057422.2922428&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dcd42ba9b-d26c-46f1-8e33-08d94f73cfa8%253A1688057422.2922428%26_%3D1688057422.2933414&cb=1688057422.2933643 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dcd42ba9b-d26c-46f1-8e33-08d94f73cfa8%253A1688057422.2922428%26_%3D1688057422.2933414 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=cd42ba9b-d26c-46f1-8e33-08d94f73cfa8%3A1688057422.2922428&_=1688057422.2933414

Request Chain 134

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyNjQwNTEyOTQyMA==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEI_101iyd9d0kUT1OxLnV5M&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%253A1688057422.2925417%26_%3D1688057422.7474952&cb=1688057422.7475295 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%253A1688057422.2925417%26_%3D1688057422.7474952 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.7474952

Request Chain 135

https://ib.adnxs.com/setuid?entity=18&code=5133329526405129420 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329526405129420

Request Chain 136

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329526405129420&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329526405129420&redir=

Request Chain 139

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5133329526405129420&bid=omt9pi0

Request Chain 142

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329526405129420&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329526405129420&forward=&C=1

Request Chain 145

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329526405129420&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329526405129420&img=1&__user_check__=1&sync_id=09c7db90-169d-11ee-99b2-1d34abdd0206

Request Chain 148

https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329526405129420&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329526405129420&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}

Request Chain 149

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZJ22TgAVYi0FgQBS

Request Chain 151

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=187d4b7e-b793-44e4-9bbc-f4a38033366a%3A1688057422.2920985&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D187d4b7e-b793-44e4-9bbc-f4a38033366a%253A1688057422.2920985%26_%3D1688057422.293175&cb=1688057422.2932017 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D187d4b7e-b793-44e4-9bbc-f4a38033366a%253A1688057422.2920985%26_%3D1688057422.293175 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=187d4b7e-b793-44e4-9bbc-f4a38033366a%3A1688057422.2920985&_=1688057422.293175

Request Chain 152

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyNjQwNTEyOTQyMA==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEI_101iyd9d0kUT1OxLnV5M&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%253A1688057422.2925417%26_%3D1688057422.749815&cb=1688057422.7498424 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%253A1688057422.2925417%26_%3D1688057422.749815 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.749815

Request Chain 153

https://ib.adnxs.com/setuid?entity=18&code=5133329526405129420 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329526405129420

Request Chain 154

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329526405129420&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329526405129420&redir=

Request Chain 157

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5133329526405129420&bid=omt9pi0

Request Chain 160

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329526405129420&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329526405129420&forward=&C=1

Request Chain 163

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329526405129420&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329526405129420&img=1&__user_check__=1&sync_id=09c7dffa-169d-11ee-bfc0-1860f0710206

Request Chain 166

https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329526405129420&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329526405129420&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}

Request Chain 167

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZJ22TgALSZEnSQBI HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZJ22TgALSZEnSQBI&_test=ZJ22TgALSZEnSQBI

Request Chain 197

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=76040DB90DBE45E2AB2696A46D94EDB4&RedC=c.clarity.ms&MXFR=3357E88A25E96BAA162FFBB521E9658A HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=76040DB90DBE45E2AB2696A46D94EDB4&MUID=0BCE87CDA35269143E6194F2A2D96876

230 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 220613wrd_mainpg_p_3000 Show response
give.unrefugees.org/
Redirect Chain

https://click.e.unrefugees.org/?qs=ae927f9d876e181a2d3e4adadc3e6b2be008d3dde83c2abe3dac28a8293b69828b8614577692cb92eb7762889c54b27e4008ee8b126851d1
https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K...

39 KB
15 KB

1198ms
778ms

Document
text/html

54.200.172.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.200.172.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-172-250.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 41dd005b9072a6b100d4ce08a2cf1b9a17086766fdcc8125728324f7d2f696cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 15268
content-type: text/html; charset=utf-8
date: Thu, 29 Jun 2023 16:50:20 GMT
vary: Accept-Encoding

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 381
Content-Type: text/html; charset=utf-8
Date: Thu, 29 Jun 2023 16:50:18 GMT
Location: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC

GET
H2 200 index.css
give.unrefugees.org/css/ 192 KB
25 KB 181ms
180ms Stylesheet
text/css 54.200.172.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://give.unrefugees.org/css/index.css?v=9.3
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.200.172.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-172-250.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: fd8226264cfd611c285f0ad0155bbfcaddc31b03ebdb8442431146379e4340b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
content-encoding: gzip
last-modified: Thu, 09 Mar 2023 22:58:48 GMT
etag: "0442bb5da52d91:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 25183

GET
H2 200 plyr.css
give.unrefugees.org/css/ 24 KB
5 KB 180ms
179ms Stylesheet
text/css 54.200.172.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://give.unrefugees.org/css/plyr.css
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.200.172.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-172-250.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 465ecd3c27cf42a3309af6bda6e2b8c4b9cb7a78788908904e0d6761a2c3102a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
content-encoding: gzip
last-modified: Sat, 23 Feb 2019 20:10:20 GMT
etag: "09e7cdb3cbd41:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4215

GET
H2 200 hrp3szy.css
use.typekit.net/ 7 KB
1 KB 188ms
123ms Stylesheet
text/css 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/hrp3szy.css

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

111f96ceeeb374dce4a178a719d2c1a18ee2d01921025345ed93a29a1f7af221

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 29 Jun 2023 16:50:20 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1032

GET
H/1.1 200
OK tags.js Show response
h.online-metrix.net/fp/ 94 KB
13 KB 74ms
21ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/tags.js?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

63cba2737b92688fd6c6019de8ef1203c98bc3e506573f474c9b1d020dea268f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:50:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 nudge_arrow.png
give.unrefugees.org/img/ 1 KB
2 KB 327ms
322ms Image
image/png 54.200.172.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/img/nudge_arrow.png
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.200.172.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-172-250.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 394e68bb96ac874b1a9f9b39286a16349ab781c8513ce632ce5c7ba8bb2ba0ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
cache-control: no-cache
last-modified: Thu, 08 Sep 2022 15:48:50 GMT
accept-ranges: bytes
etag: "05d2e7d9ac3d81:0"
content-length: 1102
content-type: image/png

GET
H2 200 lock-secure-donation.png
give.unrefugees.org/img/ 8 KB
8 KB 327ms
323ms Image
image/png 54.200.172.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/img/lock-secure-donation.png
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.200.172.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-172-250.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 9b9c0898e129c8c18b79f176435c368cecfe30a903797c9feba7a82ee19902bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
cache-control: no-cache
last-modified: Thu, 08 Sep 2022 15:48:50 GMT
accept-ranges: bytes
etag: "05d2e7d9ac3d81:0"
content-length: 8196
content-type: image/png

GET
H/1.1 200
OK wrd-main-monthly-rf1217855x530.jpg
cdn.unrefugees.org/u4uforms2020/media/0r4chx2l/ 55 KB
55 KB 117ms
18ms Image
image/jpeg 108.157.194.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uforms2020/media/0r4chx2l/wrd-main-monthly-rf1217855x530.jpg
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.194.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-194-102.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9781b176b621773091d98d7dc0a6738d105d1c3436a76e9b8f71cb4da19ddbdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 14:05:00 GMT
Via: 1.1 207f5507d6d59dcf535e37d1db1f70bc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MXP53-P2
Age: 9921
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-local-date-created: 132996139601824925
Content-Length: 55852
x-amz-meta-local-date-modified: 132996139601834867
Last-Modified: Mon, 13 Jun 2022 17:13:42 GMT
Server: AmazonS3
ETag: "15c48cbebd0a402e61150ecd3949706a"
Content-Type: image/jpeg
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: wlF0TkWYFLg2Vm72p9ozaBOtpS4d9l67PT2ka77wZrtOl_Z2KyMC3Q==

GET
H2

200

embed.js Show response
app.dafwidget.com/public/
Redirect Chain

https://app.dafwidget.com/api/js/source.js
https://app.dafwidget.com/public/embed.js

7 KB
2 KB

92ms
92ms

Script
text/javascript

18.210.95.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.dafwidget.com/public/embed.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Server: 18.210.95.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-95-94.compute-1.amazonaws.com
Software: /
Resource Hash: a6aea90164a685a02afe0e574bb4c668c83a4b6cdff9ab4b09b0ecbd53e4fd66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:21 GMT
content-encoding: gzip
x-cache-hit: 1
last-modified: Mon, 19 Jun 2023 14:59:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

Redirect headers

location: https://app.dafwidget.com:443/public/embed.js
date: Thu, 29 Jun 2023 16:50:20 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 bbb-logo-173x87.png
give.unrefugees.org/media/1017/ 33 KB
34 KB 327ms
323ms Image
image/png 54.200.172.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/media/1017/bbb-logo-173x87.png
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.200.172.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-172-250.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 97880bcd7fcc199a008ea736ab008f7f92e9cf6c0addc2afb6c92b3e70d9c9a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
cache-control: no-cache
last-modified: Wed, 28 Mar 2018 18:24:27 GMT
accept-ranges: bytes
etag: "a937c21c2c6d31:0"
content-length: 33886
content-type: image/png

GET
H2 200 guide-star-platinum.png
give.unrefugees.org/media/1005/ 16 KB
17 KB 327ms
324ms Image
image/png 54.200.172.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/media/1005/guide-star-platinum.png
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.200.172.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-172-250.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 53b492f729960ead9c5779dc772534e0f00e2dcdbd1687a0d236af95417549b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
cache-control: no-cache
last-modified: Tue, 05 Dec 2017 18:17:59 GMT
accept-ranges: bytes
etag: "af9bd561f56dd31:0"
content-length: 16468
content-type: image/png

GET
H2 200 unhcr-visibility-horizontal-white-cmyk-v2016.svg
give.unrefugees.org/img/ 12 KB
4 KB 327ms
325ms Image
image/svg+xml 54.200.172.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/img/unhcr-visibility-horizontal-white-cmyk-v2016.svg
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.200.172.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-172-250.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6bfbae61daf6218548d35bd824d5299e6f0517f156050c302ddd83fa0e8abdc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 15:48:50 GMT
etag: "05d2e7d9ac3d81:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-cache
accept-ranges: bytes
content-length: 4074

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 46ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://give.unrefugees.org/
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15851"
vary: Accept-Encoding
x-hw: 1688057420.dop147.fr8.t,1688057420.cds132.fr8.hn,1688057420.cds236.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H2 200 plyr.js Show response
cdn.plyr.io/3.5.2/ 111 KB
32 KB 98ms
30ms Script
application/javascript 2606:4700:21::681b:c358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.5.2/plyr.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8608c7129a24079dd332403d0aef583dcefdf0bfc02914d626a6559a3ac049ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6070539
cf-polished: origSize=113855
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 20 Apr 2023 10:33:42 GMT
server: cloudflare
etag: W/"26d009457000af80d7306229fc132b15"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjH5K5fGD%2FggTlevhKYlhusnyP7C61fiUlvT8o8ZCOP0tyYR5g7iUJe3lO44iWlvSDmu%2FxMDyo6orGEdHXarW6nA%2Fo389sgPkEOBmYDUUuNoFI8XH8m8GQUsPxhkqdjUj7gPxjn5FbM4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 7defaaff99e68867-LHR

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
874 B 44ms
18ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

be289deeec23907337aa1bb44dfe993bcfa92d7a283eee4fdd4cb48f7ceaefe0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554
x-xss-protection: 1; mode=block
expires: Thu, 29 Jun 2023 16:50:20 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 273 KB
77 KB 56ms
10ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a4d8fed43c183464d59468c502eace502696f43068d22256dfbf4b4ab2710221

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-uKgh3V2SEniJkY1UtNyots5hswbRrVypJLM+wxqw/8czw4t5' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-uKgh3V2SEniJkY1UtNyots5hswbRrVypJLM+wxqw/8czw4t5' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-uKgh3V2SEniJkY1UtNyots5hswbRrVypJLM+wxqw/8czw4t5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-uKgh3V2SEniJkY1UtNyots5hswbRrVypJLM+wxqw/8czw4t5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Jun 2023 16:50:20 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 9922
x-cache: HIT
p3p: true
paypal-debug-id: f941135014df0
server-timing: "traceparent;desc="00-0000000000000000000f941135014df0-536a974e0c1ab6c7-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 76752
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230023-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f941135014df0-d66093c6c6b393e7-01
x-timer: S1688057421.703423,VS0,VE2
etag: W/"12bd0-2IzPjb9acoUHb3RMwM7ohQ1HGP0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 index.min.js Show response
give.unrefugees.org/scripts/lib/ 759 KB
486 KB 325ms
320ms Script
application/javascript 54.200.172.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://give.unrefugees.org/scripts/lib/index.min.js?v=9.3
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.200.172.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-172-250.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 458ee255c6d13348f36f7ea70ae12bc6810e7ab5ae56f92fa4aabb4752ab32e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
content-encoding: gzip
last-modified: Thu, 09 Mar 2023 21:50:48 GMT
etag: "0ac4c35d152d91:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 496501

GET
H2 200 commerce.min.js Show response
give.unrefugees.org/scripts/lib/ 52 KB
13 KB 324ms
319ms Script
application/javascript 54.200.172.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://give.unrefugees.org/scripts/lib/commerce.min.js?v=9.3
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.200.172.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-172-250.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 5c3b7d893de324e949b760db1406424f87425597516760d0e6c46fc6dc190c15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
content-encoding: gzip
last-modified: Mon, 08 May 2023 14:47:28 GMT
etag: "040812bc81d91:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 12824

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 117 KB
36 KB 132ms
67ms Script
application/javascript 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19a0f014c0d3edf26067c94da12902d1d211cbdfbf242cba8112f60163e15e99

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-nMOHMyO30xowORY3MXoD0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-nMOHMyO30xowORY3MXoD0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 29 Jun 2023 16:50:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 416 KB
109 KB 74ms
42ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ffc31b055189bb8aa10aeac6fb9f6751a34f1e926a218e6757e359d5d0ab64e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110964
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:08:58 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Jun 2023 16:50:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 37ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Jun 2023 16:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 898
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 29 Jun 2023 18:35:22 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 173 KB
63 KB 55ms
25ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-M6SN8J6

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f2dd128bef6bea6453ed26457e389d8fb704ea91d8947b60c634dc7119ec2d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 64224
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Jun 2023 16:50:20 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957115417/ 3 KB
2 KB 65ms
30ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957115417/?random=1688057420817&cv=11&fst=1688057420817&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&hn=www.googleadservices.com&frm=0&tiba=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&auid=360581829.1688057421&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cda3d0a2e4ce797bd0606475272c0e41a339e4b5c34d1ae9799e2ab21ddedcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1496
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 76ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 29 Jun 2023 16:50:20 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1CF85F9B712545948007F3226BEAF202 Ref B: FRA31EDGE0221 Ref C: 2023-06-29T16:50:20Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 scevent.min.js Show response
sc-static.net/ 37 KB
16 KB 118ms
54ms Script
application/javascript 13.249.9.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.9.253 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-9-253.cdg53.r.cloudfront.net
Software: CloudFront /
Resource Hash: ea2ca9888a45e1c5def3ccaf9f51f25832f15b08ebe4834ae7622f76d6e7ebe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
content-encoding: gzip
via: 1.1 45dddc65ba3da4a1716d9c10f4aaaa08.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: CDG53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 15993
x-amz-cf-id: FhMnyDQREqhA-e0eed2roxr0vvcnmCVFDv94MJhfdrzTlZ0pC6sKZQ==

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/10934040069/ 3 KB
2 KB 67ms
23ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10934040069/?random=1688057420838&cv=11&fst=1688057420838&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&tiba=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&value=0&bttype=purchase&auid=360581829.1688057421&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

6acb1346242f7c72b1a7c45bf5f6316144c439ce3b8b004c21a232d68729cf04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1808
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 52ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e33937c8718b4891cefe03686c4bac285d9265052427e705bce7e677659ed765

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Jun 2023 16:50:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: pCQ3lju6WeDBXtDQYRbikO6pP0kPdXK3XGDfHAavw+S5FegC8irJcUWjxbD0NzgupZguICTfTaOjavMs1IFEAg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 78ms
11ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:49:50 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: BWN5TT2GYTD2D7NR
age: 31
x-amz-server-side-encryption: AES256
x-amz-id-2: JomH7res6+Sow+fSa6+8AVUp7Ck8jgtnKkwYqVtzXWCvUrwRuf0cZEI27jtVcTbfzkcbumKbDTk=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H/1.1 200
OK tv2track.js Show response
collector-3219.tvsquared.com/ 0
190 B 198ms
31ms Script
application/javascript 46.137.33.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-3219.tvsquared.com/tv2track.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.33.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-33-47.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:50:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Content-Type: application/javascript, application/javascript

GET
H2 200 everflow.js Show response
www.tp88trk.com/scripts/sdk/ 60 KB
19 KB 148ms
111ms Script
text/javascript 35.190.72.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tp88trk.com/scripts/sdk/everflow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.72.228 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 228.72.190.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 11fa603ce72adba4dfc745fc81f365afe3d714fd117d4b515c64e1d57cf5af5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: 07292a7b-b24a-4eb9-b051-1af5c203dd62
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gp Show response
g1782759016.co/ 26 B
303 B 61ms
21ms Script
application/javascript 2600:1901:0:7d2::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g1782759016.co/gp?id=-L_Ny2xXp1FWryzFl6qy&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&cw=1600&ch=1200
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7d2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: eb7e68073ee5ed998d26671859e008697e757f3276759a8ec173e5a62d34a404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
via: 1.1 google
server: Google Frontend
x-powered-by: Express
etag: W/"1a-7KeVhWk+843gX+8y2fD4wjI8a34"
content-type: application/javascript; charset=utf-8
x-cloud-trace-context: 55218be2e25a402acf2355e3a977d028
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26

GET
H2 200 gp Show response
g1782759016.co/ 26 B
113 B 61ms
22ms Script
application/javascript 2600:1901:0:7d2::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g1782759016.co/gp?id=-LXPWq_CG-cVgJYLdmun&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&cw=1600&ch=1200
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7d2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: eb7e68073ee5ed998d26671859e008697e757f3276759a8ec173e5a62d34a404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
via: 1.1 google
server: Google Frontend
x-powered-by: Express
etag: W/"1a-7KeVhWk+843gX+8y2fD4wjI8a34"
content-type: application/javascript; charset=utf-8
x-cloud-trace-context: 91d6d1114acdba5775f67a0b205fd756
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26

GET
H2 200 gp Show response
g1782759016.co/ 0
87 B 49ms
23ms Script
application/javascript 2600:1901:0:7d2::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g1782759016.co/gp?id=-LFI9dAMttdUZNQm4p8O&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&cw=1600&ch=1200
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7d2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
via: 1.1 google
server: Google Frontend
x-powered-by: Express
content-type: application/javascript
x-cloud-trace-context: d1c4ed0864d4af0073cc9cdf824c1216
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 adelphic_universal_pixel.js Show response
js.ipredictive.com/ 2 KB
2 KB 54ms
8ms Script
application/javascript 18.66.112.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ipredictive.com/adelphic_universal_pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-57.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:09:49 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
last-modified: Fri, 30 Sep 2022 15:42:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 2432
etag: "83b469155694c51d4c5581028a6788bc"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2108
x-amz-cf-id: TnBsOGsBzrFATVl8dPF8s05xNOH0DA7CQG9uBeZ4iErS6BMSD1Y8sA==

GET
H2 200 vpr.min.js Show response
cdn.veritonic.com/static/ 4 KB
2 KB 68ms
9ms Script
application/javascript 2600:9000:21f3:3c00:1e:549f:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.veritonic.com/static/vpr.min.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:1e:549f:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 561c37dd8e1b8a9bc6d9b5d9e620fa080452bf68ae4cf31ad2588697f82a88f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: lpM9pHakfw6gqKkC2wOrxLlrGh49F.Zh
content-encoding: gzip
via: 1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
date: Thu, 29 Jun 2023 02:25:36 GMT
last-modified: Wed, 21 Sep 2022 16:23:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 51885
x-amz-server-side-encryption: AES256
etag: W/"2ad48ac6e466c6833db7b2a2a6f52c40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: RC7ggoCmoxFbiFCHxws7m6mXnF3V-vj7xnExuJbqNcXVvq5FXhrCxw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
88 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P9YZZV758Y&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

679e214ed1ace52e8f61fdaa95e1138199179b58bb73f0dc9e9415bd235347c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90343
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Jun 2023 16:50:20 GMT

GET
H2

200

src=4269937;dc_pre=CJW4wvf36P8CFU5DwgodrkYK5g;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=4269937;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=4269937;dc_pre=CJW4wvf36P8CFU5DwgodrkYK5g;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=4269937;dc_pre=CJW4wvf36P8CFU5DwgodrkYK5g;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
401 B

91ms
53ms

Image
image/gif

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=4269937;dc_pre=CJW4wvf36P8CFU5DwgodrkYK5g;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Protocol

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:21 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=4269937;dc_pre=CJW4wvf36P8CFU5DwgodrkYK5g;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=11536835
https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=11536835;ip=80.255.10.200;cuidchk=1

42 B
780 B

610ms
610ms

Image
image/gif

52.203.49.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=11536835;ip=80.255.10.200;cuidchk=1

Requested by

Protocol

HTTP/1.1

Server

52.203.49.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-49-201.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Thu, 29 Jun 2023 16:50:21 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=UTF-8
Location: /pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=11536835;ip=80.255.10.200;cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ppt=18676;g=sitewide;gid=43404;ord=undefined
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=1492153242
https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=1492153242;ip=80.255.10.200;cuidchk=1

42 B
780 B

1113ms
1113ms

Image
image/gif

52.203.49.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=1492153242;ip=80.255.10.200;cuidchk=1

Requested by

Protocol

HTTP/1.1

Server

52.203.49.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-49-201.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Thu, 29 Jun 2023 16:50:21 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=UTF-8
Location: /pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=1492153242;ip=80.255.10.200;cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK pixel
ad.ipredictive.com/d/rt/ 631 B
787 B 391ms
91ms Image
image/jpeg 174.129.208.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=60700&uuid=d5534c09-ec00-4f6f-9451-54fa79df98bb&rr=CACHE_BUSTER&gtmcb=1392976150
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.129.208.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-208-36.compute-1.amazonaws.com
Software: /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:50:21 GMT
Content-Encoding: gzip
Connection: keep-alive
X-CI-RTID: 51c9f901-a64e-4f6d-a3c1-86481e21ad0a
Content-Length: 479
Content-Type: image/jpeg

GET
H/1.1 200
OK pixel
ad.ipredictive.com/d/track/cvt/ 631 B
858 B 393ms
92ms Image
image/jpeg 174.129.208.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.ipredictive.com/d/track/cvt/pixel?acct_id=58684&cache_buster=[timestamp]&gtmcb=1496336037
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.129.208.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-208-36.compute-1.amazonaws.com
Software: /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:50:21 GMT
Content-Encoding: gzip
Connection: keep-alive
X-CI-RTID: c3f00ccd-5e11-4bc9-bd83-4633aaca171d
Content-Length: 479
Content-Type: image/jpeg

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://event.mrtnsvr.com/?adv=17114&cb=1060348778&ref=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26ut...
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=l9srJt1ap&gdpr=0
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3203&partner_device_id=l9srJt1ap&gdpr=0

95 B
435 B

21ms
20ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3203&partner_device_id=l9srJt1ap&gdpr=0

Requested by

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Thu, 29 Jun 2023 16:50:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3203&partner_device_id=l9srJt1ap&gdpr=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK /
data.adxcel-ec2.com/pixel/ 43 B
131 B 400ms
93ms Image
image/gif 44.207.218.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=content&pixid=f2fb3240-c0e1-432f-91c7-686941e6de69
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.207.218.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-207-218-163.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 Pixels
px.adentifi.com/ 0
35 B 297ms
90ms Image
text/plain 18.235.225.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adentifi.com/Pixels?a_id=10893;rev=undefined;cv_1=undefined;cv_2=undefined;p_url=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC;uq=276929208065.6949
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.225.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-225-8.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
900 B 61ms
19ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Kalam|Lato&display=swap

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

589021bd4abd0d6c7e0848edb41abe88e0da8f30b8346ce0946a98c1964fcc8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Jun 2023 16:50:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:50:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jun 2023 16:50:20 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 79ms
8ms Stylesheet
text/css 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=hrp3szy&ht=tk&f=139.140.171.173.174.175.176.15701.15703.15705.15708&a=1630018&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:20 GMT
last-modified: Fri, 21 Apr 2023 14:15:25 GMT
server: nginx
etag: "64429a7d-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
184 B 16ms
15ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=680101757&t=pageview&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&ul=en-us&de=UTF-8&dt=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiAABRAAAAC~&jid=292942162&gjid=523531779&cid=858421627.1688057421&tid=UA-3754388-9&_gid=634322230.1688057421&_slc=1&gtm=45He36s0n81N9KWLLF&cd1=7011K000002OhxwQAC&cd2=7011K000002Ohy1QAC&z=717478232

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3754388-9&cid=858421627.1688057421&jid=292942162&gjid=523531779&_gid=634322230.1688057421&_u=YGBAiAABRAAAAG~&z=375305264

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Jun 2023 16:50:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 18ms
17ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=680101757&t=pageview&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&ul=en-us&de=UTF-8&dt=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEABRAAAAGAAI~&jid=1399706474&gjid=571534292&cid=858421627.1688057421&tid=UA-1473340-18&_gid=634322230.1688057421&_slc=1&gtm=45He36s0n81N9KWLLF&cd3=USA&cd5=GTM-N9KWLLF_71&cd6=GTM-N9KWLLF&z=321102448

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 29ms
20ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1473340-18&cid=858421627.1688057421&jid=1399706474&gjid=571534292&_gid=634322230.1688057421&_u=aGDAiEABRAAAAGAAI~&z=1501279311

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Jun 2023 16:50:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/957115417/ 42 B
327 B 26ms
25ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/957115417/?random=1688057420817&cv=11&fst=1688054400000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&frm=0&tiba=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&fmt=3&is_vtc=1&random=3967768668&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/957115417/ 42 B
455 B 53ms
21ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/957115417/?random=1688057420817&cv=11&fst=1688054400000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&frm=0&tiba=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&fmt=3&is_vtc=1&random=3967768668&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 363860773806760 Show response
connect.facebook.net/signals/config/ 535 KB
166 KB 613ms
612ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/363860773806760?v=2.9.110&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3eaa632b311dd5fba237242f453e8fa5679c70da27ee08abf816fce866a147a1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Jun 2023 16:50:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: QdWLABkTVSCCjSTO3mkvVCJboEI//cKvQkYzNSAgdGJgxhpdxY2wl1sdmYxNDSonri7goxvWrxTxYBkspyX2Jw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 44ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P9YZZV758Y&gtm=45je36s0&_p=680101757&_gaz=1&cid=858421627.1688057421&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1688057421&sct=1&seg=0&dl=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&dt=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P9YZZV758Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 20ms
19ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P9YZZV758Y&cid=858421627.1688057421&gtm=45je36s0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P9YZZV758Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 34ms
32ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P9YZZV758Y&cid=858421627.1688057421&gtm=45je36s0&aip=1&z=937788303

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5612726.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 114ms
114ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5612726.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

53843b6e2eb716d2061efc33c0c42304b86a8af6a5a1dcb7eabf6d272887223d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Thu, 29 Jun 2023 16:50:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FA35E1DB3C56466DB1858AEFCBF04808 Ref B: FRA31EDGE0221 Ref C: 2023-06-29T16:50:21Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H3

200

/
www.google.de/pagead/1p-conversion/10934040069/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10934040069/?random=1096455664&cv=11&fst=1688057420838&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgi...
https://www.google.com/pagead/1p-conversion/10934040069/?random=1096455664&cv=11&fst=1688057420838&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F2...
https://www.google.de/pagead/1p-conversion/10934040069/?random=1096455664&cv=11&fst=1688057420838&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F22...

42 B
64 B

28ms
28ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/10934040069/?random=1096455664&cv=11&fst=1688057420838&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&tiba=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&value=0&auid=360581829.1688057421&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE5mMHBBWVFvWXYwdmZURzA1UHJBUklsQUJHWDdnUTQ1TjFqVUZqTlFoMGJHR1N1alZhdlJvTk1Sd0xpNk9HZkVwSzBuU281Y3caWENoRUk4TmYwcEFZUXVhTEwyZTNCM3VDX0FSSXRBTENwZkdJRnNZRUxpUTI5MnRmbUl3UmUtYTBtdDFXYW1QcUEyXzQzV05CS0kyQjhEdDlFTFFQT3FnMzgiEwj_x7v39-j_AhVDyrsIHTVODto&is_vtc=1&ocp_id=TLadZP_xNsOU7_UPtZy50A0&cid=CAQSKQBygQiDz7sk7L_ijyPBlJsOXrRq-4g93YmjeeRpXkffyPv5nKR72FaQ&eitems=ChEI8Nf0pAYQgNzfg8PrmJjGARIdAEWJZf8VCPFTbEpG86mJEKcQ2E2BOs3hchgIGII&random=395960849&ipr=y&ezwbk=AZuM4hBmJd2UX0pJUaysN6Nj4aa7NiOZN4v_SqT6xjqxRCTJ-Rx_AwZ1L9RzjLEEydTQmRDwbscbzpShovU4Vxbm2N3K

Requested by

Protocol

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/10934040069/?random=1096455664&cv=11&fst=1688057420838&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&tiba=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&value=0&auid=360581829.1688057421&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE5mMHBBWVFvWXYwdmZURzA1UHJBUklsQUJHWDdnUTQ1TjFqVUZqTlFoMGJHR1N1alZhdlJvTk1Sd0xpNk9HZkVwSzBuU281Y3caWENoRUk4TmYwcEFZUXVhTEwyZTNCM3VDX0FSSXRBTENwZkdJRnNZRUxpUTI5MnRmbUl3UmUtYTBtdDFXYW1QcUEyXzQzV05CS0kyQjhEdDlFTFFQT3FnMzgiEwj_x7v39-j_AhVDyrsIHTVODto&is_vtc=1&ocp_id=TLadZP_xNsOU7_UPtZy50A0&cid=CAQSKQBygQiDz7sk7L_ijyPBlJsOXrRq-4g93YmjeeRpXkffyPv5nKR72FaQ&eitems=ChEI8Nf0pAYQgNzfg8PrmJjGARIdAEWJZf8VCPFTbEpG86mJEKcQ2E2BOs3hchgIGII&random=395960849&ipr=y&ezwbk=AZuM4hBmJd2UX0pJUaysN6Nj4aa7NiOZN4v_SqT6xjqxRCTJ-Rx_AwZ1L9RzjLEEydTQmRDwbscbzpShovU4Vxbm2N3K
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 37ms
36ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3754388-9&cid=858421627.1688057421&jid=292942162&_u=YGBAiAABRAAAAG~&z=1188551839

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 36ms
30ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3754388-9&cid=858421627.1688057421&jid=292942162&_u=YGBAiAABRAAAAG~&z=1188551839

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 37ms
34ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1473340-18&cid=858421627.1688057421&jid=1399706474&_u=aGDAiEABRAAAAGAAI~&z=869505937

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 41ms
36ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1473340-18&cid=858421627.1688057421&jid=1399706474&_u=aGDAiEABRAAAAGAAI~&z=869505937

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10095779.json Show response
s.yimg.com/wi/config/ 46 B
682 B 26ms
10ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10095779.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

81f701abbdb3dcd7318338357add41af96a3b776549dc928c4703cf1cf9f2ffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 13:19:58 GMT
x-amz-version-id: AO6OvHycU6oPxWJjvTRCjyjUvfXH8wEk
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: SQ70MN9PPDEYD3CS
age: 12624
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: LREsqcI9ERBdu5W/l3fLHT/iIAiZBKXJAjXtkfjemxLMQjddXGngrvWo/y7w16EypLRUGCjzOTo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 20 Oct 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 14 Sep 2022 20:58:25 GMT
server: ATS
etag: "ca96ec3516187adbafe0fb0d4f2e4932"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

POST
H2 200 / Show response
atr.veritonicmetrics.com/ 13 B
132 B 141ms
140ms XHR
application/json 52.54.79.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://atr.veritonicmetrics.com/
Requested by: Host: cdn.veritonic.com
URL: https://cdn.veritonic.com/static/vpr.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.79.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-79-53.compute-1.amazonaws.com
Software: /
Resource Hash: b232b740e35e175a9a671a7695fc317efc0d86304efd2733f0f8d70105c744c9

Request headers

Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 29 Jun 2023 16:50:21 GMT
content-length: 13
apigw-requestid: HSlsKicdoAMEJXA=
content-type: application/json

OPTIONS
H2 200 /
atr.veritonicmetrics.com/ Frame 0
0 321ms
108ms Preflight
image/gif 52.54.79.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://atr.veritonicmetrics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.79.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-79-53.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.unrefugees.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS,POST
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: HSlsJhRMoAMEJgQ=
content-length: 43
content-type: image/gif
date: Thu, 29 Jun 2023 16:50:21 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 125ms
34ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2029%20Jun%202023%2016%3A50%3A21%20GMT&n=0&b=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&.yp=10095779&f=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Jun 2023 16:50:21 GMT

GET
H2 200 l
use.typekit.net/af/180254/00000000000000000001522c/27/ 45 KB
46 KB 36ms
9ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/180254/00000000000000000001522c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 38c9c1413e17c7a5ee87095bdb4cad0da069451ee937cb801c8f37f2c734644f

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:21 GMT
server: nginx
etag: "d8f0e75543cc417069e2148d573e1b3687264d73"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46404

GET
H2 200 checkmark-icon.svg
give.unrefugees.org/img/ 899 B
1 KB 324ms
321ms Image
image/svg+xml 54.200.172.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/img/checkmark-icon.svg
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=9.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.200.172.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-172-250.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 2f61f967f0f19fe63c743f330f862db14d88fcc7e09eae7d22998e87a4e97749

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/css/index.css?v=9.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:21 GMT
cache-control: no-cache
last-modified: Thu, 08 Sep 2022 15:48:50 GMT
accept-ranges: bytes
etag: "05d2e7d9ac3d81:0"
content-length: 899
content-type: image/svg+xml

GET
H2 200 l
use.typekit.net/af/925423/00000000000000003b9b038f/27/ 19 KB
20 KB 33ms
10ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/925423/00000000000000003b9b038f/27/l?subset_id=2&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7c707b4d486575fcdf35497e30073fd70f0a9ea072e4ca1ca724da7fbab22a9b

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:21 GMT
server: nginx
etag: "af967ea1356382090341795946181a15b4b5bcf0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19900

GET
H2 200 l
use.typekit.net/af/220823/000000000000000000015231/27/ 45 KB
45 KB 31ms
8ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/220823/000000000000000000015231/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 73ef385046533349dbdb6264bfdb814819b44a3a7ddeedf7611db7d55f567c7c

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:21 GMT
server: nginx
etag: "25d9000ed11ad93413dd9fab416a1870c8ae46cd"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46076

GET
H2 200 YA9dr0Wd4kDdMthROCc.woff2
fonts.gstatic.com/s/kalam/v16/ 22 KB
22 KB 34ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kalam/v16/YA9dr0Wd4kDdMthROCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kalam|Lato&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

954410601a823f37e219f7930b7446f86afa15621326a7078d56fb9c910135cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 17:54:51 GMT
x-content-type-options: nosniff
age: 514530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22336
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:47:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jun 2024 17:54:51 GMT

GET
H2 200 fontello.woff2
give.unrefugees.org/font/ 4 KB
5 KB 324ms
322ms Font
application/x-font-woff2 54.200.172.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://give.unrefugees.org/font/fontello.woff2?47325548
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=9.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.200.172.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-172-250.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: fd8c794bb43e5220596bc1c5d50f865268cd2655c86f0d3175875d7e1c3afcc6

Request headers

Referer: https://give.unrefugees.org/css/index.css?v=9.3
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:21 GMT
last-modified: Wed, 17 May 2017 10:53:35 GMT
accept-ranges: bytes
etag: "bc6dfed4fbced21:0"
content-length: 4328
content-type: application/x-font-woff2

GET
H2 200 l
use.typekit.net/af/8e11d4/00000000000000003b9b038c/27/ 19 KB
19 KB 34ms
12ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8e11d4/00000000000000003b9b038c/27/l?subset_id=2&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 62c0466b6e78094d8bb9b9fb50f13f3eb39e3be88dce7663ecfbcabde18b64bc

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:21 GMT
server: nginx
etag: "50fb462bb968fa8996b7f205254cfa92e534ea41"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19600

GET
H2 200 l
use.typekit.net/af/bdde80/00000000000000000001522d/27/ 47 KB
47 KB 31ms
8ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/bdde80/00000000000000000001522d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b00ea6dbf24a120110b2c029c3113cf214fe6a5ea3b6dc0c89f021c81bbb6a68

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:21 GMT
server: nginx
etag: "58e390be81d6dc97507673691b0fec8d83b8db8f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47672

GET
H2 200 button.css
app.dafwidget.com/public/ 3 KB
1 KB 93ms
91ms Stylesheet
text/css 18.210.95.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.dafwidget.com/public/button.css
Requested by: Host: app.dafwidget.com
URL: https://app.dafwidget.com/api/js/source.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.95.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-95-94.compute-1.amazonaws.com
Software: /
Resource Hash: d941abaa1c3e1a6da66e5a4eb0ba6a5e52c910591fc656e5de987e6a96e3a9c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:21 GMT
content-encoding: gzip
last-modified: Mon, 19 Jun 2023 14:59:27 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
x-cache-hit: 1
accept-ranges: bytes
content-length: 905

GET
H2 200 5612726 Show response
www.clarity.ms/tag/uet/ 826 B
1 KB 155ms
110ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5612726
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5612726.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: df62634d73536ee7e09dc74647871b1996398b865baf55170408add698b8bb73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: -1
date: Thu, 29 Jun 2023 16:50:21 GMT
x-azure-ref: 20230629T165021Z-4zex3xb67940mf4thvz2nadgws0000000k50000000009a0k
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 826
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 unhcr-visibility-horizontal-blue.svg
give.unrefugees.org/img/ 12 KB
4 KB 181ms
177ms Image
image/svg+xml 54.200.172.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/img/unhcr-visibility-horizontal-blue.svg
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=9.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.200.172.250 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-172-250.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e9027cbc9f2efbff37e09740f41c16a1ffd89eae8f1555f6a5955d3198d9c31d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/css/index.css?v=9.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:21 GMT
content-encoding: gzip
last-modified: Tue, 31 Oct 2017 17:19:01 GMT
etag: "80b0fc576c52d31:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-cache
accept-ranges: bytes
content-length: 4075

GET
H2 200 l
use.typekit.net/af/219c30/00000000000000003b9b0389/27/ 19 KB
19 KB 10ms
7ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/219c30/00000000000000003b9b0389/27/l?subset_id=2&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 50bfd91bb65762023b74efba030d3212fef8f6261707ba8edb9e4b28d13bb5ed

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:21 GMT
server: nginx
etag: "7c243ed5f8437a6687e49316f96967fcfd3feb05"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19160

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 13 KB
6 KB 11ms
10ms Script
application/x-javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=give.unrefugees.org&t=xo&v=5.0.383&source=payments_sdk&client_id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dc4db0c6d81bfc0e126c2596a1f83ef4f5d39b8b3128329e333bf448a3d4119d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-KlBd6pD3U9dAZ90vgD7qBZax3VY6OxXOy2efW57OCQqb3Vn0' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-KlBd6pD3U9dAZ90vgD7qBZax3VY6OxXOy2efW57OCQqb3Vn0' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Jun 2023 16:50:21 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 74436
x-cache: HIT
paypal-debug-id: f445991c4630e
server-timing: "traceparent;desc="00-0000000000000000000f445991c4630e-b5714f1ccc235e6d-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4743
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230023-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f445991c4630e-03c0668932b11730-01
x-timer: S1688057421.361919,VS0,VE3
etag: W/"3537-PFZLtdJPfNel/cVyNErkytJce2Y"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ 431 KB
174 KB 37ms
10ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177423
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 16:27:27 GMT

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
17 KB 56ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=give.unrefugees.org&t=xo&v=5.0.383&source=payments_sdk&client_id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: f1f5a2fd69253
dc: ccg11-origin-www-1.paypal.com
content-length: 16464
last-modified: Tue, 03 May 2022 17:28:29 GMT
server: ECAcc (frc/4CA9)
traceparent: 00-0000000000000000000f1f5a2fd69253-0e8941c24682fec4-01
etag: "6271663d-da91"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 29 Jun 2023 17:50:21 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
795 B 293ms
206ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AZXYADENKNJPZE-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AZXYADENKNJPZE-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3f710125-e254-44cc-ba7e-5d8abc3fb13d&fltp=analytics&mrid=ZXYADENKNJPZE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1688057421377&g=0&completeurl=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 29 Jun 2023 16:50:21 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: bb4f8e0cd0a0a
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230041-FRA
pragma: no-cache
correlation-id: bb4f8e0cd0a0a
traceparent: 00-0000000000000000000bb4f8e0cd0a0a-151f505ad227852f-01
x-timer: S1688057422.504483,VS0,VE158
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 16:50:21 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
24 KB 16ms
16ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5612726
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:21 GMT
content-encoding: br
last-modified: Mon, 26 Jun 2023 21:38:04 GMT
etag: W/"0x8DB768D9FE1FAC0"
vary: Accept-Encoding
x-azure-ref: 20230629T165021Z-4zex3xb67940mf4thvz2nadgws0000000k50000000009a27
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 594b0475-201e-0033-7199-a87170000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 13EA 54 KB
17 KB 8ms
7ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBF) /

Resource Hash

8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16791
content-type: text/html
date: Thu, 29 Jun 2023 16:50:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "6271663d-d994"
expires: Thu, 29 Jun 2023 17:50:21 GMT
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 5fd0f6764eb7b
server: ECAcc (frc/4CBF)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000005fd0f6764eb7b-40d291d83d53412f-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 132F 18 KB
8 KB 213ms
212ms Document
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgive.unrefugees.org&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df7e9ed63ee3833a47d20957c461afe655d6aaa158054e8789471b5984d1a06d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-J0JfJHKTYp27uIfU1mQ3Sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-J0JfJHKTYp27uIfU1mQ3Sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Thu, 29 Jun 2023 16:50:21 GMT
expires: Thu, 29 Jun 2023 16:50:21 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A145 51 KB
28 KB 33ms
31ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=normal&cb=dp4nx41ctfe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

150d8a5f195c345f5ec35f9b9028724f0fdd876b9370ae7a647e22ba17bb2083

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uXdHJYriGfI0vE42_G5IfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28700
content-security-policy: script-src 'report-sample' 'nonce-uXdHJYriGfI0vE42_G5IfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 16:50:21 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 0
bat.bing.com/action/ 0
287 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5612726&tm=gtm002&Ver=2&mid=1f0c26be-fd20-48ec-b409-c773de7e4926&sid=0944e0e0169d11ee82ce573563c3413a&vid=09450670169d11ee821599de387915b0&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&p=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&r=&lt=2784&evt=pageLoad&sv=1&rn=189245

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 29 Jun 2023 16:50:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 32193ACEBB7E4B29B09F9F5FF3E59AF2 Ref B: FRA31EDGE0221 Ref C: 2023-06-29T16:50:21Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 77ms
13ms Script
application/x-javascript 2600:9000:211a:9200:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9200:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:26:54 GMT
content-encoding: gzip
via: 1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 16:26:44 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: VIE50-C2
age: 1407
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: GtbGn5nHc6YOu0_QhJDuKPy2hMO9mVEFNm1gQdsebvHd6bpjRGfRyA==
expires: Thu, 29 Jun 2023 17:26:54 GMT

GET
H/1.1 200
OK event Show response
ad.ipredictive.com/d/track/ Frame D0DD 0
327 B 92ms
92ms Document
text/plain 174.129.208.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ipredictive.com/d/track/event?upid=101374&cache_buster=1688057421&url=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&val=undefined&tn=undefined&itms=undefined
Requested by: Host: js.ipredictive.com
URL: https://js.ipredictive.com/adelphic_universal_pixel.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.129.208.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-208-36.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 0
Date: Thu, 29 Jun 2023 16:50:21 GMT
X-CI-RTID: c2560992-64e5-47f9-b003-2cf87f2aeb22

GET
H2

200

activityi;dc_pre=CJnb8ff36P8CFShDkQUdMhYDnw;src=4647326;type=unrefcms;cat=donfvis;ord=6619650278858;gtm=45He36s0;auiddc=360581829.1688057421;u3=undefined;u2=undefined;uaa=;uab=;uafvl=;uam=;uamb=0;u... Show response
4647326.fls.doubleclick.net/ Frame 4DD4
Redirect Chain

https://4647326.fls.doubleclick.net/activityi;src=4647326;type=unrefcms;cat=donfvis;ord=6619650278858;gtm=45He36s0;auiddc=360581829.1688057421;u3=undefined;u2=undefined;uaa=;uab=;uafvl=;uam=;uamb=0...
https://4647326.fls.doubleclick.net/activityi;dc_pre=CJnb8ff36P8CFShDkQUdMhYDnw;src=4647326;type=unrefcms;cat=donfvis;ord=6619650278858;gtm=45He36s0;auiddc=360581829.1688057421;u3=undefined;u2=unde...

712 B
535 B

865ms
863ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4647326.fls.doubleclick.net/activityi;dc_pre=CJnb8ff36P8CFShDkQUdMhYDnw;src=4647326;type=unrefcms;cat=donfvis;ord=6619650278858;gtm=45He36s0;auiddc=360581829.1688057421;u3=undefined;u2=undefined;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

1c1f5219811c963c7219951501466cf019fe28dafdf7b3d86bdca136842a54f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 425
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 16:50:21 GMT
expires: Thu, 29 Jun 2023 16:50:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 16:50:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://4647326.fls.doubleclick.net/activityi;dc_pre=CJnb8ff36P8CFShDkQUdMhYDnw;src=4647326;type=unrefcms;cat=donfvis;ord=6619650278858;gtm=45He36s0;auiddc=360581829.1688057421;u3=undefined;u2=undefined;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 kds-events-gtm.min.js Show response
storage.cloud.kargo.com/kds/ 16 KB
5 KB 81ms
9ms Script
application/javascript 2.19.126.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.cloud.kargo.com/kds/kds-events-gtm.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-72.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 68dd88fbb51bfc9738707f140dcd78c93593c91db6514144a236cab51eb14873

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: f.hWUtZrp2Cs_qOQM4S3c8iBZlPrqi8u
content-encoding: gzip
date: Thu, 29 Jun 2023 16:50:21 GMT
x-amz-request-id: C9TVZ2XZQPAFP3NP
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
content-length: 4595
x-amz-id-2: HY7iGMqnOhTQm5hS2MIzjPkawdBUntWwPJXxT6FUe6WVoLeAT/D0ZJ8VZF/mZZssSFFUChEXX/g=
last-modified: Tue, 18 Apr 2023 19:47:35 GMT
server: AmazonS3
etag: "aece432b47c99bcbae696711e8d56b44"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1800
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 78ms
8ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:21 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 06 Jul 2023 16:50:21 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
78 B 35ms
34ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&.yp=10095779&f=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&enc=UTF-8&yv=1.15.1&et=custom&ec=pageview&ea=donation_form_visit&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Jun 2023 16:50:21 GMT

GET
H2

200

beacon
r.turn.com/r/
Redirect Chain

https://20669309p.rfihub.com/ca.gif?rb=9587&ca=20669309&ra=78997106
https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=

43 B
398 B

649ms
23ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

Location: https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=
Date: Thu, 29 Jun 2023 16:50:21 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame A145 55 KB
24 KB 26ms
9ms Stylesheet
text/css 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=normal&cb=dp4nx41ctfe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 16:06:30 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame A145 431 KB
173 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177423
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 16:27:27 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
169 B 168ms
168ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AZXYADENKNJPZE-1&page=muse%3Aoffer%3A%3A%3AZXYADENKNJPZE-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3f710125-e254-44cc-ba7e-5d8abc3fb13d&es=visitorInfoFlowStarted&mrid=ZXYADENKNJPZE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1688057421776&g=0&completeurl=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 29 Jun 2023 16:50:21 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: d7050d6ede8f6
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230041-FRA
pragma: no-cache
correlation-id: d7050d6ede8f6
traceparent: 00-0000000000000000000d7050d6ede8f6-bab2484b2c1973cb-01
x-timer: S1688057422.777923,VS0,VE160
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 16:50:21 GMT

POST
H2 200 events Show response
lyibja.unrefugees.org/ 0
166 B 767ms
178ms XHR
text/plain 52.25.243.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lyibja.unrefugees.org/events

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/363860773806760?v=2.9.110&r=stable

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.25.243.35 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-243-35.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://give.unrefugees.org
date: Thu, 29 Jun 2023 16:50:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 36ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=363860773806760&ev=PageView&dl=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&rl=&if=false&ts=1688057421836&sw=1600&sh=1200&v=2.9.110&r=stable&ec=0&o=30&fbp=fb.1.1688057421831.1565940702&eid=ob3_plugin-set_5a1231872be08e4f0c5fb43484ea8a7c03176c73e141ba4139cd1eb64b652984&it=1688057420970&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Jun 2023 16:50:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 13EA 435 B
2 KB 261ms
261ms Fetch
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

edc893306201a7735354a817fe8684bf39db7c391144cf425d19a8fa17ddc916

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-wPDs/YHX+J56ZLo0XvEE0l1BhbpgIoGKZ2SS/TXqhcbfgrBJ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-wPDs/YHX+J56ZLo0XvEE0l1BhbpgIoGKZ2SS/TXqhcbfgrBJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
date: Thu, 29 Jun 2023 16:50:22 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f834651e0f5fc
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230023-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f834651e0f5fc-f6f25a79eea6faac-01
x-timer: S1688057422.035918,VS0,VE252
etag: W/"1b3-gXT09GKEn60icZyLbmoJ5JkZJRk"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 193ms
176ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 29 Jun 2023 16:50:22 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f834651ac1b93
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f834651ac1b93-5b2fd146c1c003ed-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230112-FRA
x-timer: S1688057422.859335,VS0,VE168

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 132F 2 KB
2 KB 119ms
119ms Other
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgive.unrefugees.org&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 29 Jun 2023 16:50:21 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/am=YGw/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=A... Frame 132F 159 KB
56 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/am=YGw/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri2is7fqwMg2sUQa2o44RyIMcCitg/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgive.unrefugees.org&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb027c80ef19c6deeb3f0e8135c07bedf988eec3e3912658d0211668daf05c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57637
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 02:25:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 16:20:51 GMT

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
299 B 456ms
233ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://give.unrefugees.org
Date: Thu, 29 Jun 2023 16:50:22 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H/1.1 200
OK ca.html Show response
20826429p.rfihub.com/ Frame B97B 3 KB
4 KB 98ms
17ms Document
text/html 193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=40035459830303965
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: b0b01db4bd5bd0d5ed5d245056b7f4ab683a8adef863866a83a601bf6d150a79

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2912
Content-Type: text/html;charset=utf-8
Date: Thu, 29 Jun 2023 16:50:21 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1 200
OK ca.html Show response
20826429p.rfihub.com/ Frame 7FEF 3 KB
4 KB 97ms
18ms Document
text/html 193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=6408097557162367
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: e28a8a8b506f5333ea71aeb789ae74b2c05922538c6e44564427018d5aa7aac5

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2912
Content-Type: text/html;charset=utf-8
Date: Thu, 29 Jun 2023 16:50:21 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1 200
OK ca.html Show response
20826430p.rfihub.com/ Frame 1082 3 KB
4 KB 95ms
17ms Document
text/html 193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20826430p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826430&_o=9587&_t=20826430&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=28839988058696675
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: e0932518b65faf032728b3be705f6ce0b56754aa17954d1a385154e5e63e93fe

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2912
Content-Type: text/html;charset=utf-8
Date: Thu, 29 Jun 2023 16:50:21 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 403 Kargo.json Show response
storage.cloud.kargo.com/kds/configs/ 243 B
569 B 452ms
424ms Fetch
application/xml 2.19.126.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.cloud.kargo.com/kds/configs/Kargo.json
Requested by: Host: storage.cloud.kargo.com
URL: https://storage.cloud.kargo.com/kds/kds-events-gtm.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-72.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3dd5a94ec25486cc1d3d9d6e182bf914b561218b987e74075930e237dd829621

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
server: AmazonS3
x-amz-request-id: JN1V7GW2RN0J3052
access-control-max-age: 3000
access-control-allow-methods: GET,POST
content-type: application/xml
access-control-allow-origin: https://give.unrefugees.org
cache-control: max-age=1800
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 243
x-amz-id-2: rz7AkeSFktj2jAIlIDD7TXNzV3wDSyyyZpP2uyQ5NRpkXLOZaU9NV4nifafUcX481fWYQcOstGA=

GET
H2 200 rules-p-SLcBYqRUU3yLq.js Show response
rules.quantcount.com/ 2 KB
1 KB 65ms
17ms Script
application/javascript 2600:9000:219c:d000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-SLcBYqRUU3yLq.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:219c:d000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f2e256cb560023d729b4581ba94e88cedce352fc2cbcbb60e3232a5859d4793

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:14:02 GMT
content-encoding: gzip
via: 1.1 aaefb45970dabebd3a727d7be2a72d10.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 2180
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:22:26 GMT
server: AmazonS3
etag: W/"291bda9609975bc4fbca3a725bc18ab7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: fYDHV3-PV90DHA6-yE3G3Vg9x_DHpHhE1LAbqR-pYw84QUnXUpR4nQ==

GET
DATA 200
OK truncated
/ Frame A145 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A145 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A145 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 15:17:24 GMT
x-content-type-options: nosniff
age: 523977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 30 Jun 2023 15:17:24 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A145 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 00:54:58 GMT
x-content-type-options: nosniff
age: 489323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 00:54:58 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame A145 102 B
134 B 16ms
16ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c192b274ecde65bc4ebd78ba7c380f898cee74d10e872596d576231560d0f921

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&size=normal&cb=dp4nx41ctfe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 29 Jun 2023 16:50:21 GMT

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.36K... Frame 132F 70 KB
26 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.36KGWZnfm08.L.B1.O/am=YGw/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgT-kB0rflLqbo8I1cdlVJDP_MEKA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/am=YGw/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri2is7fqwMg2sUQa2o44RyIMcCitg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7b3c3003461547708230b235df4cba748728564e429d4caf69993fc29a47fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:24:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26474
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 01:22:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 16:24:11 GMT

GET
H2 200 pixel;r=33759024;labels=_fp.event.Donation%20Landing%20Page%2C_fp.customer.undefined;rf=0;a=p-SLcBYqRUU3yLq;url=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26ut...
pixel.quantserve.com/ 35 B
372 B 39ms
10ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=33759024;labels=_fp.event.Donation%20Landing%20Page%2C_fp.customer.undefined;rf=0;a=p-SLcBYqRUU3yLq;url=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC;uht=2;fpan=1;fpa=P0-1582870835-1688057421879;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=unrefugees.org;dst=0;et=1688057422026;tzo=0;ogl=title.Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR%2Ctype.website%2Curl.https%3A%2F%2Fgive%252Eunrefugees%252Eorg%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D003%2Cimage.https%3A%2F%2Fcdn%252Eunrefugees%252Eorg%2Fu4uforms2020%2Fmedia%2Fg3ccqljw%2Fwrd-og-monthly-rf1217855x%2Cdescription.This%20World%20Refugee%20Day%252C%20please%20stand%20in%20solidarity%20with%20refugees%252E%20Globally%252C%20more;ses=5cc116ca-52bf-4dc6-92c9-87f9e94814a2;mdl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame B97B
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K0...
https://p.rfihub.com/cm?pub=39342&in=0&userid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D0c7ccb3e-a74d-4bc7-befa-d953f85...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D0c7ccb3e-a74d-4bc7-be...
https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.2947848

0
9 B

27ms
18ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.2947848
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Thu, 29 Jun 2023 16:50:22 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
server: lighttpd/1.4.59
x-amz-cf-pop: FRA56-C1
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.2947848
content-length: 447
x-amz-cf-id: X4jcuDvrBnvcC7uomyYPs3sgC2bpsfyEpyVwfA95Lbnjm8nsRzVAjA==

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame B97B
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyNjQwNTEyOTQyMA==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEI_101iyd9d0kUT1OxLnV5M&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D0c7ccb3e-a74d-4bc7-befa-d953f85...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D0c7ccb3e-a74d-4bc7-be...
https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.7438915

0
9 B

24ms
22ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.7438915
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Thu, 29 Jun 2023 16:50:23 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
server: lighttpd/1.4.59
x-amz-cf-pop: FRA56-C1
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.7438915
content-length: 447
x-amz-cf-id: YK7_JUJ-KJh5W-tsQWBxP37mEMmeEt44nNqTsbKWOqUB1w_lJQr1AA==

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame B97B
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5133329526405129420
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329526405129420

43 B
1 KB

11ms
9ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329526405129420

Requested by

Protocol

HTTP/1.1

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:22 GMT
AN-X-Request-Uuid: 75027cf1-1a6a-40dc-8c95-9bbfde32403a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.10.200; 80.255.10.200; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:22 GMT
AN-X-Request-Uuid: bd0225fa-17a2-4489-97b2-9bef63983f17
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329526405129420
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.10.200; 80.255.10.200; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame B97B
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329526405129420&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329526405129420&redir=

42 B
948 B

33ms
32ms

Image
image/gif

54.155.194.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329526405129420&redir=

Requested by

Protocol

HTTP/1.1

Server

54.155.194.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-155-194-178.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcscanary-prod-irl1-1-v062-056af473e.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 3Hh4pmsTR1U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v050-093c44046.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: FD+ZWQCLRzo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329526405129420&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame B97B 42 B
423 B 346ms
12ms Image
image/gif 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5133329526405129420&r=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 29 Jun 2023 16:50:21 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame B97B 43 B
106 B 172ms
17ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5133329526405129420&r=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame B97B
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5133329526405129420&bid=omt9pi0

0
344 B

91ms
38ms

Image
text/plain

3.120.214.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5133329526405129420&bid=omt9pi0
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: HTTP/1.1
Server: 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:50:22 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5133329526405129420&bid=omt9pi0
Date: Thu, 29 Jun 2023 16:50:22 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame B97B 61 B
623 B 233ms
79ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5133329526405129420

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 29 Jun 2023 16:50:22 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 29 Jun 2023 16:50:22 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame B97B 43 B
109 B 540ms
127ms Image
image/gif 3.88.89.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5133329526405129420
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.89.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-88-89-196.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B97B
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329526405129420&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329526405129420&forward=&C=1

43 B
766 B

16ms
14ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329526405129420&forward=&C=1
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=57&external_user_id=5133329526405129420&forward=&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame B97B 0
98 B 252ms
14ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5133329526405129420
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame B97B 43 B
182 B 578ms
170ms Image
image/gif 2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5133329526405129420

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-23-197-190.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 29 Jun 2023 16:50:22 GMT
pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame B97B
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329526405129420&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329526405129420&img=1&__user_check__=1&sync_id=09c7f9bf-169d-11ee-a38d-1dbc55590406

43 B
548 B

16ms
16ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329526405129420&img=1&__user_check__=1&sync_id=09c7f9bf-169d-11ee-a38d-1dbc55590406
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:50:22 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 90
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 29 Jun 2023 16:50:22 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7180&uid=5133329526405129420&img=1&__user_check__=1&sync_id=09c7f9bf-169d-11ee-a38d-1dbc55590406
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 97
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame B97B 43 B
175 B 306ms
92ms Image
image/gif 2600:1f18:612b:4216:fca7:6f27:4f1c:9be8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5133329526405129420&r=Rx9YH4KJM3YA
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:fca7:6f27:4f1c:9be8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 29 Jun 2023 16:50:22 GMT
server: nginx
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame B97B 43 B
377 B 91ms
29ms Image
image/gif 52.209.185.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5133329526405129420
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.185.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-185-252.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame B97B 0
337 B 57ms
30ms Image
text/plain 52.50.52.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5133329526405129420
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.52.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-52-186.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: beacon-n008-dub-prod.krxd.net
date: Thu, 29 Jun 2023 16:50:22 GMT
cache-control: private, no-cache, no-store
x-request-time: D=63 t=1688057422
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame B97B
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329526405129420&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329526405129420&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}

43 B
344 B

10ms
9ms

Image
image/gif

3.73.11.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329526405129420&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Server: 3.73.11.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-11-83.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329526405129420&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
date: Thu, 29 Jun 2023 16:50:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

/
sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/ Frame B97B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZJ22TgAIRYsF_gBR

85 B
170 B

20ms
20ms

Image
image/png

151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZJ22TgAIRYsF_gBR
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230022-FRA
pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 715
x-timer: S1688057423.700274,VS0,VE0
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 85
x-cache-hits: 3595

Redirect headers

x-served-by: cache-fra-eddf8230022-FRA
pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1688057423.577872,VS0,VE95
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZJ22TgAIRYsF_gBR
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

451

501709.gif
idsync.rlcdn.com/ Frame 7FEF
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K0...
https://p.rfihub.com/cm?pub=39342&in=0&userid=cd42ba9b-d26c-46f1-8e33-08d94f73cfa8%3A1688057422.2922428&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dcd42ba9b-d26c-46f1-8e33-08d94f7...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dcd42ba9b-d26c-46f1-8e...
https://idsync.rlcdn.com/501709.gif?partner_uid=cd42ba9b-d26c-46f1-8e33-08d94f73cfa8%3A1688057422.2922428&_=1688057422.2933414

0
42 B

17ms
16ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=cd42ba9b-d26c-46f1-8e33-08d94f73cfa8%3A1688057422.2922428&_=1688057422.2933414
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Thu, 29 Jun 2023 16:50:22 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
server: lighttpd/1.4.59
x-amz-cf-pop: FRA56-C1
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=cd42ba9b-d26c-46f1-8e33-08d94f73cfa8%3A1688057422.2922428&_=1688057422.2933414
content-length: 447
x-amz-cf-id: Qr9HamSxLcs7J03w2Tzel1TX4yWtkU-khK1SCPPCbAto1mttXhbQEg==

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame 7FEF
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyNjQwNTEyOTQyMA==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEI_101iyd9d0kUT1OxLnV5M&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D0c7ccb3e-a74d-4bc7-befa-d953f85...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D0c7ccb3e-a74d-4bc7-be...
https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.7474952

0
9 B

17ms
16ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.7474952
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Thu, 29 Jun 2023 16:50:23 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
server: lighttpd/1.4.59
x-amz-cf-pop: FRA56-C1
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.7474952
content-length: 447
x-amz-cf-id: 1jSUF-XSrmbGLMXhv_lro36E3ikmElJvlXpaLA9dXZQXQxf7-K8fcQ==

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 7FEF
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5133329526405129420
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329526405129420

43 B
1 KB

13ms
11ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329526405129420

Requested by

Protocol

HTTP/1.1

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:22 GMT
AN-X-Request-Uuid: 2283b57d-3e7c-4067-9933-4f784837d7c5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.10.200; 80.255.10.200; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:22 GMT
AN-X-Request-Uuid: f0164c72-5a46-41f3-a4e8-9c144cea6c87
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329526405129420
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.10.200; 80.255.10.200; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 7FEF
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329526405129420&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329526405129420&redir=

42 B
942 B

34ms
34ms

Image
image/gif

54.155.194.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329526405129420&redir=

Requested by

Protocol

HTTP/1.1

Server

54.155.194.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-155-194-178.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-08bfea1d2.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: MSRu3pLDT4A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v050-0a92a4994.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: UeyXFCKjQ+k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329526405129420&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 7FEF 42 B
97 B 345ms
14ms Image
image/gif 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5133329526405129420&r=
Requested by: Host: 20826429p.rfihub.com
URL: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=6408097557162367
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 29 Jun 2023 16:50:21 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame 7FEF 43 B
273 B 168ms
17ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5133329526405129420&r=
Requested by: Host: 20826429p.rfihub.com
URL: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=6408097557162367
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 7FEF
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5133329526405129420&bid=omt9pi0

0
344 B

62ms
9ms

Image
text/plain

3.120.214.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5133329526405129420&bid=omt9pi0
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: HTTP/1.1
Server: 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:50:22 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5133329526405129420&bid=omt9pi0
Date: Thu, 29 Jun 2023 16:50:22 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame 7FEF 61 B
623 B 236ms
85ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5133329526405129420

Requested by

Host: 20826429p.rfihub.com
URL: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=6408097557162367

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 29 Jun 2023 16:50:22 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 29 Jun 2023 16:50:22 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 7FEF 43 B
108 B 546ms
136ms Image
image/gif 3.88.89.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5133329526405129420
Requested by: Host: 20826429p.rfihub.com
URL: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=6408097557162367
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.89.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-88-89-196.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7FEF
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329526405129420&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329526405129420&forward=&C=1

43 B
632 B

13ms
11ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329526405129420&forward=&C=1
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=57&external_user_id=5133329526405129420&forward=&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame 7FEF 0
42 B 260ms
21ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5133329526405129420
Requested by: Host: 20826429p.rfihub.com
URL: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=6408097557162367
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 7FEF 43 B
182 B 580ms
172ms Image
image/gif 2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5133329526405129420

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-23-197-190.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 29 Jun 2023 16:50:22 GMT
pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 7FEF
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329526405129420&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329526405129420&img=1&__user_check__=1&sync_id=09c7db90-169d-11ee-99b2-1d34abdd0206

43 B
548 B

18ms
18ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329526405129420&img=1&__user_check__=1&sync_id=09c7db90-169d-11ee-99b2-1d34abdd0206
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:50:22 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 55
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 29 Jun 2023 16:50:22 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7180&uid=5133329526405129420&img=1&__user_check__=1&sync_id=09c7db90-169d-11ee-99b2-1d34abdd0206
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 21
Connection: keep-alive
Content-Length: 0

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 7FEF 43 B
376 B 203ms
30ms Image
image/gif 52.209.185.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5133329526405129420
Requested by: Host: 20826429p.rfihub.com
URL: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=6408097557162367
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.185.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-185-252.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 7FEF 0
336 B 148ms
29ms Image
text/plain 52.50.52.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5133329526405129420
Requested by: Host: 20826429p.rfihub.com
URL: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=6408097557162367
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.52.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-52-186.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: beacon-n004-dub-prod.krxd.net
date: Thu, 29 Jun 2023 16:50:22 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1688057422
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 7FEF
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329526405129420&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329526405129420&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}

43 B
344 B

12ms
11ms

Image
image/gif

3.73.11.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329526405129420&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Server: 3.73.11.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-11-83.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329526405129420&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
date: Thu, 29 Jun 2023 16:50:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

/
sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/ Frame 7FEF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZJ22TgAVYi0FgQBS

85 B
148 B

21ms
19ms

Image
image/png

151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZJ22TgAVYi0FgQBS
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230022-FRA
pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 715
x-timer: S1688057423.700296,VS0,VE0
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 85
x-cache-hits: 3596

Redirect headers

x-served-by: cache-fra-eddf8230022-FRA
pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1688057423.577530,VS0,VE95
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZJ22TgAVYi0FgQBS
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 7FEF 43 B
174 B 97ms
94ms Image
image/gif 2600:1f18:612b:4216:fca7:6f27:4f1c:9be8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5133329526405129420&r=YJg9sKgCNJQM
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:fca7:6f27:4f1c:9be8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 29 Jun 2023 16:50:22 GMT
server: nginx
content-type: image/gif

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame 1082
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K0...
https://p.rfihub.com/cm?pub=39342&in=0&userid=187d4b7e-b793-44e4-9bbc-f4a38033366a%3A1688057422.2920985&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D187d4b7e-b793-44e4-9bbc-f4a3803...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D187d4b7e-b793-44e4-9b...
https://idsync.rlcdn.com/501709.gif?partner_uid=187d4b7e-b793-44e4-9bbc-f4a38033366a%3A1688057422.2920985&_=1688057422.293175

0
9 B

19ms
18ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=187d4b7e-b793-44e4-9bbc-f4a38033366a%3A1688057422.2920985&_=1688057422.293175
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Thu, 29 Jun 2023 16:50:22 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
server: lighttpd/1.4.59
x-amz-cf-pop: FRA56-C1
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=187d4b7e-b793-44e4-9bbc-f4a38033366a%3A1688057422.2920985&_=1688057422.293175
content-length: 445
x-amz-cf-id: IAqD1zbeHXCz1-C_33llpgyGtXSXWU-FFZAUGkvPH7E_bH0fBNKu6g==

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame 1082
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyNjQwNTEyOTQyMA==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEI_101iyd9d0kUT1OxLnV5M&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D0c7ccb3e-a74d-4bc7-befa-d953f85...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329526405129420&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D0c7ccb3e-a74d-4bc7-be...
https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.749815

0
9 B

19ms
17ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.749815
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Thu, 29 Jun 2023 16:50:23 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
server: lighttpd/1.4.59
x-amz-cf-pop: FRA56-C1
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.749815
content-length: 445
x-amz-cf-id: r-h-I9E8Kpn-Mr_XMxuIe4qnCFnbzXcBTc__UhBcNMA1KrMkMbP2UQ==

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 1082
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5133329526405129420
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329526405129420

43 B
1 KB

11ms
9ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329526405129420

Requested by

Protocol

HTTP/1.1

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:22 GMT
AN-X-Request-Uuid: cb67dcbc-00a6-44b2-8180-e3e4bc48a60c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.10.200; 80.255.10.200; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:22 GMT
AN-X-Request-Uuid: 028ea737-6b44-43a6-a44d-63cb2f1db298
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329526405129420
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.10.200; 80.255.10.200; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 1082
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329526405129420&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329526405129420&redir=

42 B
942 B

33ms
32ms

Image
image/gif

54.155.194.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329526405129420&redir=

Requested by

Protocol

HTTP/1.1

Server

54.155.194.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-155-194-178.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-0b601b3e9.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: yT7yWiL/R7I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v050-046032c28.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: s5LGwLLXTYM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329526405129420&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 1082 42 B
97 B 340ms
13ms Image
image/gif 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5133329526405129420&r=
Requested by: Host: 20826430p.rfihub.com
URL: https://20826430p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826430&_o=9587&_t=20826430&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=28839988058696675
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 29 Jun 2023 16:50:21 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame 1082 43 B
106 B 167ms
19ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5133329526405129420&r=
Requested by: Host: 20826430p.rfihub.com
URL: https://20826430p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826430&_o=9587&_t=20826430&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=28839988058696675
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 1082
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5133329526405129420&bid=omt9pi0

0
344 B

63ms
9ms

Image
text/plain

3.120.214.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5133329526405129420&bid=omt9pi0
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: HTTP/1.1
Server: 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:50:22 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5133329526405129420&bid=omt9pi0
Date: Thu, 29 Jun 2023 16:50:22 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame 1082 61 B
623 B 210ms
63ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5133329526405129420

Requested by

Host: 20826430p.rfihub.com
URL: https://20826430p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826430&_o=9587&_t=20826430&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=28839988058696675

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 29 Jun 2023 16:50:22 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 29 Jun 2023 16:50:22 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 1082 43 B
108 B 541ms
135ms Image
image/gif 3.88.89.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5133329526405129420
Requested by: Host: 20826430p.rfihub.com
URL: https://20826430p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826430&_o=9587&_t=20826430&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=28839988058696675
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.89.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-88-89-196.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1082
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329526405129420&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329526405129420&forward=&C=1

43 B
632 B

14ms
13ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329526405129420&forward=&C=1
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=57&external_user_id=5133329526405129420&forward=&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame 1082 0
42 B 259ms
22ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5133329526405129420
Requested by: Host: 20826430p.rfihub.com
URL: https://20826430p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826430&_o=9587&_t=20826430&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=28839988058696675
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 1082 43 B
182 B 577ms
168ms Image
image/gif 2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5133329526405129420

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-23-197-190.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 29 Jun 2023 16:50:22 GMT
pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 1082
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329526405129420&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329526405129420&img=1&__user_check__=1&sync_id=09c7dffa-169d-11ee-bfc0-1860f0710206

43 B
548 B

17ms
17ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329526405129420&img=1&__user_check__=1&sync_id=09c7dffa-169d-11ee-bfc0-1860f0710206
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:50:22 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 74
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 29 Jun 2023 16:50:22 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7180&uid=5133329526405129420&img=1&__user_check__=1&sync_id=09c7dffa-169d-11ee-bfc0-1860f0710206
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 110
Connection: keep-alive
Content-Length: 0

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 1082 43 B
376 B 226ms
30ms Image
image/gif 52.209.185.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5133329526405129420
Requested by: Host: 20826430p.rfihub.com
URL: https://20826430p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826430&_o=9587&_t=20826430&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=28839988058696675
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.185.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-185-252.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 1082 0
337 B 148ms
28ms Image
text/plain 52.50.52.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5133329526405129420
Requested by: Host: 20826430p.rfihub.com
URL: https://20826430p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826430&_o=9587&_t=20826430&pe=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&pf=&ra=28839988058696675
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.52.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-52-186.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: beacon-n015-dub-prod.krxd.net
date: Thu, 29 Jun 2023 16:50:22 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1688057422
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 1082
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329526405129420&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329526405129420&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}

43 B
344 B

10ms
9ms

Image
image/gif

3.73.11.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329526405129420&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Server: 3.73.11.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-11-83.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329526405129420&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
date: Thu, 29 Jun 2023 16:50:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 1082
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZJ22TgALSZEnSQBI
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZJ22TgALSZEnSQBI&_test=ZJ22TgALSZEnSQBI

42 B
1 KB

14ms
13ms

Image
image/gif

193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZJ22TgALSZEnSQBI&_test=ZJ22TgALSZEnSQBI
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: HTTP/1.1
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 29 Jun 2023 16:50:22 GMT
Cache-Control: no-cache
Server: Jetty(9.4.51.v20230217)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-fra-eddf8230022-FRA
pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1688057423.705027,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZJ22TgALSZEnSQBI&_test=ZJ22TgALSZEnSQBI
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 1082 43 B
174 B 96ms
93ms Image
image/gif 2600:1f18:612b:4216:fca7:6f27:4f1c:9be8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5133329526405129420&r=gDaV8WNNtXuB
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:fca7:6f27:4f1c:9be8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 29 Jun 2023 16:50:22 GMT
server: nginx
content-type: image/gif

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 132F 1 MB
383 KB 149ms
149ms XHR
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd5b58fa35c45e352b330c6c218b9fbf2aaa94e216e25d7d700fb9280287c9ca

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8OQjsxPULiFtI1OshqpmqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8OQjsxPULiFtI1OshqpmqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 29 Jun 2023 16:50:22 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.36K... Frame 132F 23 KB
9 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.36KGWZnfm08.L.B1.O/am=YGw/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgT-kB0rflLqbo8I1cdlVJDP_MEKA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e95b9f9a82c00bb102effcc892d180b082c317cbfae4b94737cd432de02701f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:24:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9412
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 01:22:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 16:24:11 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.36K... Frame 132F 36 KB
13 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.jUJLN6AX0yo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.36KGWZnfm08.L.B1.O/am=YGw/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgT-kB0rflLqbo8I1cdlVJDP_MEKA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a92e141d13e7bb169d751ca416960688c0c656388433f04b64df3a95d31154a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:24:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13614
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 01:22:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 16:24:11 GMT

POST
H3 200 log Show response
play.google.com/ Frame 132F 131 B
155 B 91ms
42ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Jun 2023 16:50:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 297ms
16ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 29 Jun 2023 16:50:22 GMT
expires: Thu, 29 Jun 2023 16:50:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 132F 131 B
155 B 64ms
17ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Jun 2023 16:50:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 295ms
16ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 29 Jun 2023 16:50:22 GMT
expires: Thu, 29 Jun 2023 16:50:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 132F 131 B
155 B 82ms
35ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Jun 2023 16:50:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 295ms
17ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 29 Jun 2023 16:50:22 GMT
expires: Thu, 29 Jun 2023 16:50:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 293ms
17ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 29 Jun 2023 16:50:22 GMT
expires: Thu, 29 Jun 2023 16:50:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 132F 131 B
155 B 65ms
18ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Jun 2023 16:50:22 GMT

POST
H3 200 log Show response
play.google.com/ Frame 132F 131 B
155 B 89ms
43ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Jun 2023 16:50:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 293ms
17ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 29 Jun 2023 16:50:22 GMT
expires: Thu, 29 Jun 2023 16:50:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 292ms
18ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 29 Jun 2023 16:50:22 GMT
expires: Thu, 29 Jun 2023 16:50:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 132F 131 B
155 B 49ms
34ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Jun 2023 16:50:22 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 7128 7 KB
1 KB 48ms
48ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6bf9e66af9bb111049da7e866a1eaa5a241409162552bdb23491e629cf464a53

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ak3cNTFHN4_AWYRaxkmwLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1156
content-security-policy: script-src 'report-sample' 'nonce-Ak3cNTFHN4_AWYRaxkmwLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 16:50:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 7128 55 KB
24 KB 13ms
7ms Stylesheet
text/css 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 16:06:30 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 7128 431 KB
173 KB 16ms
11ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177423
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 16:27:27 GMT

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
299 B 203ms
191ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://give.unrefugees.org
Date: Thu, 29 Jun 2023 16:50:22 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H/1.1 451
Unavailable For Legal Reasons 17472fad-8544-4c6d-bc35-87fe364865c6 Show response
crb.kargo.com/api/v1/initsync/ Frame D4E5 0
462 B 82ms
9ms Document
text/plain 3.66.114.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://crb.kargo.com/api/v1/initsync/17472fad-8544-4c6d-bc35-87fe364865c6?partners=Tapad&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by: Host: storage.cloud.kargo.com
URL: https://storage.cloud.kargo.com/kds/kds-events-gtm.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.114.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-114-155.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 29 Jun 2023 16:50:22 GMT
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Pragma: no-cache
Vary: Origin
X-Accel-Expires: 0

POST v1
kds-pixel.kargo.com/api/ 0
0

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 463E 0
75 B 12ms
9ms Document
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://give.unrefugees.org
Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://give.unrefugees.org
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 16:50:22 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 dc_pre=CJnb8ff36P8CFShDkQUdMhYDnw;src=4647326;type=unrefcms;cat=donfvis;ord=6619650278858;gtm=45He36s0;auiddc=*;u3=undefined;u2=undefined;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3...
adservice.google.com/ddm/fls/z/ Frame 4DD4 42 B
107 B 56ms
55ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJnb8ff36P8CFShDkQUdMhYDnw;src=4647326;type=unrefcms;cat=donfvis;ord=6619650278858;gtm=45He36s0;auiddc=*;u3=undefined;u2=undefined;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC

Requested by

Host: 4647326.fls.doubleclick.net
URL: https://4647326.fls.doubleclick.net/activityi;dc_pre=CJnb8ff36P8CFShDkQUdMhYDnw;src=4647326;type=unrefcms;cat=donfvis;ord=6619650278858;gtm=45He36s0;auiddc=360581829.1688057421;u3=undefined;u2=undefined;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4647326.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
15 KB 37ms
8ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-1216.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
via: 1.1 varnish
date: Thu, 29 Jun 2023 16:50:22 GMT
strict-transport-security: max-age=300
x-amz-request-id: REH5C403T0M821XQ
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: QTz1+Ev75xV2F+T9YUgz2xfYCy1p3tM2+esPhs9wvMb/Ca9is3pObNYSiN3ylWQpzsHTbuHWy7Y=
x-served-by: cache-fra-eddf8230049-FRA
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1688057423.784714,VS0,VE0
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 92

GET
H/1.1 200
OK check.js;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72 Show response
h.online-metrix.net/fp/ Frame 1FBF 289 KB
50 KB 51ms
24ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/check.js;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396&jb=35392e24687b6f753f55616e666f7f71246a7b673d576b6e6c6d7571273a38313226687360773d416a706f6d6d24687b623d416a7a6f6f652d303231393c

Requested by

Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/tags.js?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

c32f034ab32e47f18ed4202a0d87886c30ec7270b98156bfb60cd299c8976cf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:50:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: d6b489bc874a3396
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
h.online-metrix.net/fp/ Frame 1FBF 81 B
475 B 40ms
12ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
h.online-metrix.net/fp/ Frame 1FBF 81 B
475 B 41ms
13ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=76040DB90DBE45E2AB2696A46D94EDB4&RedC=c.clarity.ms&MXFR=3357E88A25E96BAA162FFBB521E9658A
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=76040DB90DBE45E2AB2696A46D94EDB4&MUID=0BCE87CDA35269143E6194F2A2D96876

42 B
443 B

31ms
30ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=76040DB90DBE45E2AB2696A46D94EDB4&MUID=0BCE87CDA35269143E6194F2A2D96876
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
last-modified: Tue, 06 Jun 2023 17:31:23 GMT
server: Microsoft-IIS/10.0
etag: "dca6ffb69c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E4AEEDA3567A49C8B52D17D00E3125C5 Ref B: FRA31EDGE0221 Ref C: 2023-06-29T16:50:22Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=76040DB90DBE45E2AB2696A46D94EDB4&MUID=0BCE87CDA35269143E6194F2A2D96876
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 cda0845c-e241-4b98-8d4b-abdc76d31d9d.js Show response
tr.snapchat.com/config/org/ 167 B
457 B 105ms
17ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/org/cda0845c-e241-4b98-8d4b-abdc76d31d9d.js

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

352b05c70b4d38f30eb3372b222fce4b76976f7efeb8715b267720b22e500a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://give.unrefugees.org/
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://give.unrefugees.org
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 8C67 0
201 B 100ms
19ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=cda0845c-e241-4b98-8d4b-abdc76d31d9d&u_scsid=ca0547a7-d462-48d6-8fca-46ba6d801709&u_sclid=6c89019d-8af5-4dc7-adcc-9468b0d66e9f

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 29 Jun 2023 16:50:22 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
15ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=680101757&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&ul=en-us&de=UTF-8&dt=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F220613wrd_mainpg_p_3000&el=25%25&_u=aGHACEABRAAAAGAAI~&jid=1305814510&gjid=1142138014&cid=858421627.1688057421&tid=UA-3754388-9&_gid=634322230.1688057421&_r=1&gtm=45He36s0n81N9KWLLF&z=429339260

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=680101757&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&ul=en-us&de=UTF-8&dt=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F220613wrd_mainpg_p_3000&el=50%25&_u=aGHACEABRAAAAGAAI~&jid=&gjid=&cid=858421627.1688057421&tid=UA-3754388-9&_gid=634322230.1688057421&gtm=45He36s0n81N9KWLLF&z=1783613314

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 19:20:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77409
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
9ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=680101757&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&ul=en-us&de=UTF-8&dt=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F220613wrd_mainpg_p_3000&el=75%25&_u=aGHACEABRAAAAGAAI~&jid=&gjid=&cid=858421627.1688057421&tid=UA-3754388-9&_gid=634322230.1688057421&gtm=45He36s0n81N9KWLLF&z=399376682

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 19:20:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77409
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
10ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=680101757&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&ul=en-us&de=UTF-8&dt=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F220613wrd_mainpg_p_3000&el=100%25&_u=aGHACEABRAAAAGAAI~&jid=&gjid=&cid=858421627.1688057421&tid=UA-3754388-9&_gid=634322230.1688057421&gtm=45He36s0n81N9KWLLF&z=1909238273

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 19:20:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77409
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fa5b33ed7c80.js Show response
w.usabilla.com/ Frame B401 37 KB
11 KB 131ms
38ms Script
text/javascript 34.252.63.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/fa5b33ed7c80.js?lv=1
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.63.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-63-13.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dacf4a58296eb373e9dc0a19dbc1b3934e1ecbcee02655d5f4987f898988e617

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "3405d853c9cdb4cdabab46e828ab58e1"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 11278

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1018 B
2 KB 240ms
238ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7e77dfdabc1fa61c939bf6ab876e49c3cba5debc3f5d5ee554ee66e2ea026575

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/json

Response headers

date: Thu, 29 Jun 2023 16:50:23 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f551329c78180
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230112-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f551329c78180-24d0ec3611ace090-01
x-timer: S1688057424.515295,VS0,VE225
etag: W/"3fa-JsF6F6H9wKqMAA+AI6OfUJ+mP/A"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://give.unrefugees.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 655ms
648ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.unrefugees.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://give.unrefugees.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 29 Jun 2023 16:50:23 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f907711432141
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f907711432141-6a4a993ba7a99609-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230112-FRA
x-timer: S1688057423.863880,VS0,VE641

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3754388-9&cid=858421627.1688057421&jid=1305814510&gjid=1142138014&_gid=634322230.1688057421&_u=aGHACEABRAAAAGAAI~&z=546731090

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Jun 2023 16:50:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cf888b8b66 Show response
bam.nr-data.net/1/ 56 B
627 B 346ms
270ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/cf888b8b66?a=357730915&v=1216.487a282&to=ZFNSZUsADUJYWxFRC10ZfWd6TjFUV1wASilFVXNeVxURXlVUAEpLfllURFUEM1BeXQ%3D%3D&rst=4031&ck=1&ref=https://give.unrefugees.org/220613wrd_mainpg_p_3000&ap=599&be=1816&fe=3916&dc=2765&perf=%7B%22timing%22:%7B%22of%22:1688057418838,%22n%22:0,%22f%22:585,%22dn%22:585,%22dne%22:654,%22c%22:654,%22s%22:828,%22ce%22:1005,%22rq%22:1005,%22rp%22:1783,%22rpe%22:1784,%22dl%22:1786,%22di%22:2765,%22ds%22:2765,%22de%22:2784,%22dc%22:3915,%22l%22:3916,%22le%22:3930%7D,%22navigation%22:%7B%7D%7D&fp=2393&fcp=2393&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:50:23 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 7defab0d6c008fd4-FRA

GET
H/1.1 200
OK clear.png Show response
h.online-metrix.net/fp/ Frame 1FBF 81 B
535 B 40ms
13ms XHR
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png

Requested by

Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/check.js;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396&jb=35392e24687b6f753f55616e666f7f71246a7b673d576b6e6c6d7571273a38313226687360773d416a706f6d6d24687b623d416a7a6f6f652d303231393c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, zrtzph91/d6b489bc874a3396e1873-5e679e31-3f58-417a-b67f-80c524f60373
Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:50:22 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 29 Jun 2023 16:50:22 GMT
Server: Apache
Etag: 62784a84a4cb46c2bcf7bce8cceffca0
Content-Type: image/png
Access-Control-Allow-Origin: https://give.unrefugees.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Tue, 27 Jun 2028 16:50:22 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72 Show response
h.online-metrix.net/fp/ Frame 0C99 91 KB
14 KB 17ms
17ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

a18330d7ea3bc59d954c917055b58b5c8369a16ad54874bb168d5070b4b09b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Thu, 29 Jun 2023 16:50:22 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
h.online-metrix.net/fp/ Frame 1FBF 0
387 B 14ms
13ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396&jb=33362e6e71693d3432643a373631386360313c3c31303139393b3b37343d313960376764636061

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK es.js Show response
h.online-metrix.net/fp/ Frame 1FBF 134 B
651 B 16ms
15ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/es.js?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

659c310e4e409081aca2a6a1b4c384f5ff1e3d1bea35da105799278dcec3a5eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72 Show response
h.online-metrix.net/fp/ Frame 5BB7 103 KB
15 KB 27ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

779018b7087ac7ab577d1377ce27438d2dd601bdd28740901a2577668e5b4c5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Thu, 29 Jun 2023 16:50:22 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72 Show response
h.online-metrix.net/fp/ Frame 0744 89 KB
13 KB 28ms
15ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/top_fp.html;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

a750cf16b7e0c250872f5c10e7cde9dddb64a107d60852f611058389323e13eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Thu, 29 Jun 2023 16:50:22 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
h.online-metrix.net/fp/ Frame 1FBF 0
218 B 20ms
15ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396&ja=32323030242e633d3224723d32266e3f3336383878313030382463643f393e3032783332323226717a7b3d307032246c70723f3324313430382e333238382c313430382e3330323824313430322c333030322e333630382e333a30302e322430246d7c3f6338303a616261646b353566666e6c663b656338363331363532366231633569266d6c3f3c2671636c3f30342e64683d6a747c72712731492d3244253046656b76672c776e726d64776f6565712c677265253a443032383e313375726c5d6f636b6678675d705d333232302731447574655d6f6d6469776f2d33466565636b6c2d3a3675766d57616b66273b4c303233334b323230323144784967375349462530347d746f5f7b6d77726b6d253346753c772f77726c69746725303677766d5d61636d70696b6566253346575b5f525357474c5f4f5c32335d55584643564757575f30333236303b25303477746d57616d6674656c762d33466f66677669656d253234534e5d6d6c677c616d6725314435323133493230303832304768787553494327323e51445f65676e746a6c7127314635383931493032303232324d6a7b3151494124786c3d312478683f37306430386969366261666a673333316a3f333a37636532663360666032643c246a603d353131386664613d3763376c31343260626b3a373632393f37673360363464342468716f3d5f6b6c6c6f7771273a3033302e687162354b68726d6d6d27303233393c2668736d753f55696c666d77732e68716a753d416a7a6f6f652e6c6a63353c266e666d353a246c6f7c783d3226767a663f4576612732465d6c69666f776c24656176687a3f3630383b643161326a676132306d3e6361353430323a3263663335353c32336e6434373a303136316c346761693a346461393c636460663f3a333333333934632666703f68747c72712d334127304e2530466f6b7465267d6e7267667d656767712667726525304630303034333177726c5d6f69696e726557705d33383232253b4e75746f5f6567666b77652d3346656f616b6e25303477746d57616b6c253346323833334b383232303b4e78496d3559434427303e7d746f5f716f77706367273144753c772f7d706463766d2530367d766f5f6b696d7063696f6c2731465d5b5f52535d454c5d475630315f555846435c455f5d5d3a3332363a3b27323e7d746d5d63676c76676c7c2d33466f6c65766b6d67273036534e5d6d6665746b6f6d2531443f3233314338303032303a4d6a7a7559494327323453445d6d6d6c76686c7127314c37303333433032303832304f6071315143432e723f726e7d6f696c5f646c637168273747666164716729706c7765616e5d77616c666f7f7b5f6d676461635d726e6971657025374564636c716723706c7d656b665f61666d6a655d616b706d62697c25354766696e71672378647565696c5f737769616976696d6d27374d66616e716d21726c7d656b6e577b686f616b7f637467273d4d66636c716523726c77656b6e5f7a676364706c637b6d7227354d64636c7b6d21706e756f6b6c5d74646b5f726c6379677025374764616c7b6723786c75656b665f66657e636e767a2d354564616471672372647d676b6e5d7374655f746b6777657a27374d66616e716d21726c7d656b6e5762617663253d4764636e7b6d26656c5d633f756560656e57656a454e2d3230332c38253030204d7265664f4c2530304d512730323a2630273232436a706f6f6b776d295f67604f4c2530324f4c514c2d3032455b2d3230332e382730322a4778656c474e25303245512730304744514e2d323047512d32323126322732384b68726d6d61776f2b556d6a4b6b74556560496976273030576d604544414e454e4d5f6b6e7b76636e6b6d645f63727a637b71273b4a2530304758565d626e676c645f656b6c65617827314a2530304d5a565f6b676c6f705f6a776464677a5768636c645f646e6f63762733422d30324d58545d64646f637457606e65666c253340253a32475a56576e7263675d646772746a273142253a324750545f716a69646772577667787c7d72655d6c67662731402d3a304758565f766778767770655f6b6d6f7872657171616f6c5f6a7276632d3b422530304d5a565d766d70747772675f616d6d7270677373616d6c57726776612d3340253a3247585c5774657a747d70675d6461647467725d616c6b736d76706f706161273b422530324d58565f7b5045422d3b422530304747515d67646d6d676e765f6b6c64677a5d75696676273b422530324745515f6e606d5f7a6d6e646772576f6b726f69782531422732324d45515d7174616666637a645f66677a6974617c6b74657b2d33422732384d47515d7c6d78767570655d646c6d637625334a2730384f45515d7c657a747d70675f6e646f61765f646b6c67637a2d33402530304d47535d766778747d70675768616e6457666e6f697627334a2d32304d455b5d76677a7c7d72675f6a616e645f646e6d6174576e6b66656170273b422732384d4753577e65727665705d63707069715f6d62686561762531402732305f47404f4c5f616d646f705f6a7764666d7a5f666e6f69762731402d3a30554540474e5d636d6f7272657b71676c5f74677a7c757065576371746b2d3342273238554740454457636d6d727267717367665d74657076777a655f67766b2531422d3032574d4a474c5d63676f7270677b7b65665f76657a767570675d65746b33273b422530325f454047445d616f6578726571736d665d7667707c7570655d7331766327314025323855474a474c5d61676d72726d7171656c5774657a747d70675d713b7c635d73706760273340273030574d4045445f6467607d675d726d6c66657a6d725f6b6e6e6d2731402d3a30554540474e5d64677276685f7c677a7c757267273b422732385547424f445f6470617f5d6077646e6d7271253142273030554740474c576e6d7b655f616d667467787c2731422d3a305747424f4e5d6f77647c695d64706175333624656e5f683531646e356464643c3736306c666134383f653630626d326735366c3a353734343132366436303739267f656e7e3d496c766d6c2732384b6c63262e77676e72354b6c7667642d3232497069712732324d72656e4f4e273a30456c65616e67266b61663d3a&jb=31353d246e793d4d6d78616c6e612d3044352638253232285f6b6c666d7f7b2530304c5427303033322c30253b40273a30576b6c3e3427334a273030703e34292732384372726e6d5f65604b6b742730463731352e333e273038284b4a56454c27324b27303064616b652732384567616967212530304168706d6d672730463139362c382e3535313d2e3339302730305b69666170692d304437313f263334

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 16:50:22 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
zrtzph91fuyexre632vj7u2axfj363emfbsmm56ld6b489bc874a3396am1.e.aa.online-metrix.net/fp/ Frame 1FBF 81 B
438 B 66ms
13ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zrtzph91fuyexre632vj7u2axfj363emfbsmm56ld6b489bc874a3396am1.e.aa.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 38ms
37ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3754388-9&cid=858421627.1688057421&jid=1305814510&_u=aGHACEABRAAAAGAAI~&z=1047157685

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 31ms
31ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3754388-9&cid=858421627.1688057421&jid=1305814510&_u=aGHACEABRAAAAGAAI~&z=1047157685

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
h.online-metrix.net/fp/ Frame 0C99 0
387 B 15ms
14ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396&jf=33362e6e716a3d3637673d61613669333b34303c326564383a336364666e3b3567373365603462

Requested by

Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK es.js Show response
h.online-metrix.net/fp/ Frame 0C99 134 B
655 B 15ms
14ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/es.js?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396&fr

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

89e721702a7118e414d65fdbafb7f858d71d6b8baa8605b5308a85d742a47446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p
tr.snapchat.com/ 68 B
308 B 23ms
23ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=cda0845c-e241-4b98-8d4b-abdc76d31d9d&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&bt=1d53c387&if=false&d_bvs=%5B%5D&m_dcl=2783&m_df=true&m_dv=true&m_fcps=2393&m_pi=2764&m_pl=3929&m_pv=2&m_rd=4572&m_sl=2332&m_sh=1200&m_sw=1600&rf=&trackId=46f30427-99e0-47b0-909f-a6dbcb540545&ts=1688057423411&u_c1=82b4d054-c326-4c5b-96c0-fa778b61f011&u_sclid=6c89019d-8af5-4dc7-adcc-9468b0d66e9f&u_scsid=ca0547a7-d462-48d6-8fca-46ba6d801709&v=3.1.4-2306232019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 16:50:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H/1.1 204
No Content clear.png Show response
h.online-metrix.net/fp/ Frame 1FBF 0
387 B 14ms
13ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396&jac=1&je=323438242462666e3f312e6a6468353b3b36393f3166606631353135673b3e3760613535366062313b6063343a613a2e6a66766c35303832313238332e786d3d6c6f2e606376717c352535422732306e6574676e25323a273149312e32322d3241253a307174697c757327323a273143273a3a636a6170676b6c6727303025374c24637d64683f61693760396d3467363039636363633e643063356b39393039313631363660376133313f3b346a34643a666c343a36383231386e6d346632336e61663a363d31266778313d64336567373b63616e353739343735343d643034313134373d3a34653b326e6461603a3939336361

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK unhcr-button-ca8fba580979f02c2694fa49ed8ef52a.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame E81F 2 KB
2 KB 66ms
18ms Image
image/png 13.32.158.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d6tizftlrpuof.cloudfront.net/themes/production/unhcr-button-ca8fba580979f02c2694fa49ed8ef52a.png
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.158.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-158-98.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90b232dae4b3477832ee21493d7558ace8cf6e9b8bc97f9c552f301da013f1da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 01:18:44 GMT
x-amz-version-id: .SrcatzoiMfoqGSBwRAbfAVYaagZkb9i
Via: 1.1 c64455167e397f58d6d4c8de3a78489c.cloudfront.net (CloudFront)
Last-Modified: Tue, 05 Feb 2019 19:50:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: CDG50-C2
Age: 9387100
ETag: "ca8fba580979f02c2694fa49ed8ef52a"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=315360000, no-transform, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1768
X-Amz-Cf-Id: eZx2HEAp-Non0SRp6cCj1J6uWCpMk-dcBBmze3XaOFiWMXJRKg1SdQ==

OPTIONS
H2 200 hm
tr.snapchat.com/ Frame 0
0 17ms
16ms Preflight 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.snapchat.com/hm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.43.190.35.bc.googleusercontent.com
Software: API Gateway /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.unrefugees.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: https://give.unrefugees.org
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 29 Jun 2023 16:50:22 GMT
server: API Gateway
via: 1.1 google

POST
H3 200 hm
tr.snapchat.com/ 68 B
88 B 22ms
19ms Ping
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/hm

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Jun 2023 16:50:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/json
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-transform
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H/1.1 204
204 clear1.png;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72
h.online-metrix.net/fp/ Frame 1FBF 0
400 B 17ms
16ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396&jf=34313e247161645f706c6c3d76647a5d694d65414a326c693a487177566f796f24736b645d666176673f3136303a323d373430312e736b6457767b706d357765603a6d616671632e7b69665f69657b3f3332373b33303931323e30373063303636386b673164383a30313236383a30633a3e3c386165316432313033323530333c303238303463613d6136623f633a393931656535616b3b6767323a693035306331323a643b6466636230373039653337366e3036363a6137653c3038343b383e343230603f3f32333530306066373b643162373a633a6c65326134383136636a3b6035303a633534663b633460666c6e61343432666036333a633a66386e30663b6139663b2e736b6457716b67353b303437303a303231613e3c323537336167373533326734346b60366a33353a3130373530386364616c6c353361656c63616134386e613361336366323636603165633a31663865303030393032666d6134386e6e3736323738603666606b6b393364323533613667343b61646e67633f313360373c39606438633530383e643234303d363231346d693364333426716b66703f32

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72
h.online-metrix.net/fp/ Frame 5BB7 0
400 B 18ms
16ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396&jf=343130247161645f706c6c3d76647a5d5632695039316a7a417275765679647224736b645d666176673f3136303a323d373430312e736b6457767b706d357765603a6d616671632e7b69665f69657b3f3332373b33303931323e30373063303636386b673164383a30313236383a30633a3e3c386165316432313033323530333c303238303437616e6164393b3060313a3939616036693b32353a6c3933666637313430643a303b34303a32323b6430333630366663696666373a313764366139603337646c69383362336534643360316737613036333b333434323b3033303a6730323131653961303c313a373b3b38636030373832646160616037643a35663e336235612e736b6457716b67353b303434303a303332326d38326633673663333335613235386a30353d65303635316533306a3735653931353936383164673b343e6a33636235313a613461646637663e343a6d623364323a32333038606131383a64353533693663376638303431623a6530343835663466373c31306d326461346a3036383f3b3734386e666231626a603231663c6c31326335303224736b64703d31

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=E593F2951494DB9C0970F71CA3D9BD72?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
h.online-metrix.net/fp/ Frame 1FBF 0
387 B 13ms
13ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-5e679e31-3f58-417a-b67f-80c524f60373&nonce=d6b489bc874a3396&jac=1&je=31382e24756d693d3a32263237352633322e3a3830

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:50:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
299 B 100ms
99ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://give.unrefugees.org
Date: Thu, 29 Jun 2023 16:50:24 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 16ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P9YZZV758Y&gtm=45je36s0&_p=680101757&cid=858421627.1688057421&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1688057421&sct=1&seg=0&dl=https%3A%2F%2Fgive.unrefugees.org%2F220613wrd_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003FxIo5QAF%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_GT23_UPDATE___230629%26utm_content%3Donetime%26SF_onetime%3D7011K000002OhxwQAC%26SF_monthly%3D7011K000002Ohy1QAC&dt=Make%20a%20Monthly%20Gift%20for%20World%20Refugee%20Day%20%7C%20USA%20for%20UNHCR&en=scroll&epn.percent_scrolled=90&_et=68
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P9YZZV758Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 16:50:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kds-pixel.kargo.com
URL: https://kds-pixel.kargo.com/api/v1?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=

Domain: kds-pixel.kargo.com
URL: https://kds-pixel.kargo.com/api/v1?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

80 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 12:55:43	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
h.online-metrix.net/	1970-01-20 22:30:17	Name: thx_guid Value: 6b2b0f46dff50adeec7bbe5f1854d678
h.online-metrix.net/	1970-01-20 22:30:17	Name: tmx_guid Value: AAzJxBg2vipLnf88_TQFt_MgAgOZECqayr1DnspZRQGDkM9Ff1rM2kLpAy-UtiLW3QMJfaUFitxGzRdPQogswDbhAzNLRw
.google.com/	1970-01-20 17:17:48	Name: NID Value: 511=LMhNCvqXlO0SGtm-jw1w4Bp_lISBIKsOrrF1vgabmMI7jlYelw9MnlQhpV_XK_xdLI4B_mEElIF3-iT_CSZ5q6L2f9SxpSOiLjHoOrm6zLytc-ZqyNBw4eVSf3ps5WQZbrwp_n1t0jPwZ1hq8-8iHpAugkUrnx3B9NkyYX5v0p4
.unrefugees.org/	1970-01-20 15:03:53	Name: _gcl_au Value: 1.1.360581829.1688057421
.give.unrefugees.org/	1970-01-20 22:30:17	Name: _ga Value: GA1.3.858421627.1688057421
.give.unrefugees.org/	1970-01-20 12:55:43	Name: _gid Value: GA1.3.634322230.1688057421
.give.unrefugees.org/	1970-01-20 12:54:17	Name: _dc_gtm_UA-3754388-9 Value: 1
.unrefugees.org/	1970-01-20 12:55:43	Name: _gid Value: GA1.2.634322230.1688057421
.unrefugees.org/	1970-01-20 12:54:17	Name: _dc_gtm_UA-1473340-18 Value: 1
.unrefugees.org/	1970-01-20 22:30:17	Name: _ga_P9YZZV758Y Value: GS1.1.1688057421.1.0.1688057421.60.0.0
.doubleclick.net/	1970-01-20 22:15:53	Name: IDE Value: AHWqTUmj2MWmXySACLj_dmJ5ZzzKEwImqYQPPQeMNAzt2YaDPHzwimvT6sgFWm8W
.mrtnsvr.com/	1970-01-20 21:41:19	Name: userId Value: l9srJt1ap
.unrefugees.org/	1970-01-20 22:24:04	Name: _scid Value: 82b4d054-c326-4c5b-96c0-fa778b61f011
.unrefugees.org/	1970-01-20 22:24:04	Name: _scid_r Value: 82b4d054-c326-4c5b-96c0-fa778b61f011
give.unrefugees.org/	1969-12-31 23:59:59	Name: trcksesh Value: fcf66451-dbb7-46e2-849a-7160036e10af
.tapad.com/	1970-01-20 14:20:41	Name: TapAd_TS Value: 1688057421198
.tapad.com/	1970-01-20 14:20:41	Name: TapAd_DID Value: d41c60ba-022b-43c3-8f26-c454d02f9b1d
.tapad.com/	1970-01-20 14:20:41	Name: TapAd_3WAY_SYNCS Value:
.yahoo.com/	1970-01-20 21:40:15	Name: A3 Value: d=AQABBE22nWQCELaoZekWhrow1GU9oTgkGMcFEgEBAQEHn2SnZOAYyiMA_eMAAA&S=AQAAAtI9XCQod8CqMXGMO8sAfqM
.trkn.us/	1970-01-20 21:39:53	Name: barometric[cuid] Value: cuid_b9a5e9fa-3983-453e-b2d3-b9224aa4da99
.ipredictive.com/	1970-01-20 14:20:41	Name: ci_rtc Value: _uts=1688057421
.ipredictive.com/	1970-01-20 21:39:53	Name: cu Value: ebcf064c-900d-45ba-8bab-ab57233ed200\|1688057421298
www.clarity.ms/	1970-01-20 21:39:53	Name: CLID Value: 9314681a31ea4bd38dd2be94bdc4940a.20230629.20240628
give.unrefugees.org/	1970-01-20 13:04:22	Name: AWSALB Value: 8A+97dZJGrY8B0dDwLKmUCmocPNg/93BxNlJSyHLq4AQlHs0x57KMMC29ubPMiyHT+gv270UiDerYqSkj9BoR/15l1HnQldr7MebulD6VQL1PuoxWXjiK4GxsklC
give.unrefugees.org/	1970-01-20 13:04:22	Name: AWSALBCORS Value: 8A+97dZJGrY8B0dDwLKmUCmocPNg/93BxNlJSyHLq4AQlHs0x57KMMC29ubPMiyHT+gv270UiDerYqSkj9BoR/15l1HnQldr7MebulD6VQL1PuoxWXjiK4GxsklC
.unrefugees.org/	1970-01-20 12:55:43	Name: _uetsid Value: 0944e0e0169d11ee82ce573563c3413a
.unrefugees.org/	1970-01-20 22:15:53	Name: _uetvid Value: 09450670169d11ee821599de387915b0
.bing.com/	1970-01-20 22:15:53	Name: MUID Value: 0BCE87CDA35269143E6194F2A2D96876
.paypal.com/	1970-01-20 22:30:17	Name: ts_c Value: vr%3D08101f131890a620aa52bf32fc2ed128%26vt%3D08101f131890a620aa52bf32fc2ed127
give.unrefugees.org/	1970-01-20 21:39:53	Name: U4UUser Value: {%22firstName%22:%22Katherine%22%2C%22lastName%22:%22Hendrickson%22%2C%22email%22:%22katherine.hendrickson@alterahealth.com%22}
.unrefugees.org/	1970-01-20 21:39:53	Name: _clck Value: p831tk\|2\|fcv\|0\|1275
.rfihub.com/	1970-01-20 22:15:53	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjMxMDU0sjQxMhDiM9R1zTYvSapMd_bPyTUAABCFHE0lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjMxMDU0sjQxMhDiM9R1zTYvSapMd_bPyTUAABCFHE0lAAAA
.unrefugees.org/	1970-01-20 15:03:53	Name: _fbp Value: fb.1.1688057421831.1565940702
.quantserve.com/	1970-01-20 22:24:31	Name: mc Value: 649db64e-0e680-f4f44-c8e35
.unrefugees.org/	1970-01-20 22:18:46	Name: __qca Value: P0-1582870835-1688057421879
.adnxs.com/	1970-01-20 15:03:53	Name: uuid2 Value: 7803560488428409402
.casalemedia.com/	1970-01-20 21:39:53	Name: CMID Value: ZJ22TkLuYvqVj6HA.m.bIAAA
.casalemedia.com/	1970-01-20 15:03:53	Name: CMPS Value: 3267
.casalemedia.com/	1970-01-20 15:03:53	Name: CMPRO Value: 3267
.adnxs.com/	1970-01-20 15:03:53	Name: anj Value: dTM7k!M4/YErk#WF']wIg2C%yp4h*c!]tbPl1MNu::wpAk`W>$ka#=sjF$pTcxueTidx6qn:xkC=DyP/!_6-zQEVk`!+2irHzbp@
.media.net/	1970-01-20 21:38:27	Name: data-rk Value: 5133329526405129420~~3
.paypal.com/	1970-01-20 21:39:53	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 12:54:48	Name: LANG Value: de_DE%3BDE
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY4ODA1NzQyMjIwNiIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 12:58:36	Name: tsrce Value: targetingnodeweb
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AY395AVqR3n6KAuDn-4nXIlu1dLXbAvW9.X%2BVVJZrySaGcJbc%2FgXYHbeA2XJyxRxrkhv9mRHD2O8Q
.paypal.com/	1970-01-20 12:54:19	Name: l7_az Value: dcg02.phx
.paypal.com/	1970-01-20 22:30:17	Name: ts Value: vreXpYrS%3D1782751822%26vteXpYrS%3D1688059222%26vr%3D08101f131890a620aa52bf32fc2ed128%26vt%3D08101f131890a620aa52bf32fc2ed127%26vtyp%3D
.paypalobjects.com/	1970-01-20 12:55:43	Name: paypal-offers--cust Value: null:null:null
.media.net/	1970-01-20 21:39:53	Name: visitor-id Value: 3310590229172055000V10
.unrefugees.org/	1970-01-20 12:55:43	Name: _clsk Value: 1o929nh\|1688057422313\|1\|1\|t.clarity.ms/collect
.rezync.com/	1970-01-20 17:13:29	Name: zync-uuid Value: 0c7ccb3e-a74d-4bc7-befa-d953f85a18fe:1688057422.2925417
.pubmatic.com/	1970-01-20 15:03:53	Name: KRTBCOOKIE_18 Value: 22947-5133329526405129420
.pubmatic.com/	1970-01-20 13:37:29	Name: PugT Value: 1688057421
.kargo.com/	1970-01-20 21:39:53	Name: ktcid Value: ba726306-25e7-026f-54fe-1504f940b432
.spotxchange.com/	1970-01-20 13:34:36	Name: audience Value: 09c7f975-169d-11ee-a38d-1dbc55590406
.turn.com/	1970-01-20 17:13:29	Name: uid Value: 9187606025463844707
.eyeota.net/	1970-01-20 12:54:18	Name: SERVERID Value: 17437~DM
.demdex.net/	1970-01-20 17:13:29	Name: demdex Value: 30680185773530988811679475546374611325
.krxd.net/	1970-01-20 17:13:29	Name: _kuid_ Value: PpQV01w7
.dpm.demdex.net/	1970-01-20 17:13:29	Name: dpm Value: 30680185773530988811679475546374611325
.everesttech.net/	1970-01-20 21:39:53	Name: everest_g_v2 Value: g_surferid~ZJ22TgALSZEnSQBI
.bidswitch.net/	1970-01-20 21:39:53	Name: c Value: 1688057422
.bidswitch.net/	1970-01-20 21:39:53	Name: tuuid_lu Value: 1688057422
.bidswitch.net/	1970-01-20 21:39:53	Name: tuuid Value: 31ee4c32-eaef-4ede-992f-ec8bdffc32d5
.unrefugees.org/	1970-01-20 22:30:17	Name: _ga Value: GA1.2.858421627.1688057421
.unrefugees.org/	1970-01-20 12:54:17	Name: _gat_UA-3754388-9 Value: 1
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129Yw3NDDMrEyxTDHIDg0x9K_wyQsz9V3FKBDlZWQUku7oExzlmhcc6OTZxGJukGyenJxknKqbaG6SomuSlGyum5SalqibYmlqnGZhmmhokZZqZWhmYWFgam5iZKRnZGlkamJoDgDBTkyJawAAAA
.rfihub.com/	1970-01-20 22:15:53	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129Yw3NDDMrEyxTDHIDg0x9K_wyQsz9Q3iNTSzsDAwNTcxMjKxMJzFiOAbWpoab0Lj70Ljn0Ljv0Lj_0LjT2JC5c9C4y9C469C429C4-9CV8-Cyr-Fxl_EKhDlZWQUku7oExzlmhcc6OS5ihUpCMwNLTexolnBjeYFYXODZPPk5CTjVN1Ec5MUXZOkZHPdpNS0RN0UoHSahWmioUVaqhXCUD0jSyNTE0PzWcJINlmYWSxC4z8SRrUJAKsMbby6AQAA
.c.bing.com/	1970-01-20 13:04:22	Name: MR Value: 0
.c.bing.com/	1970-01-20 22:15:53	Name: SRM_B Value: 0BCE87CDA35269143E6194F2A2D96876
live.rezync.com/	1970-01-20 22:15:53	Name: sd-session-id Value: .eJwNyksOgyAQANC7zFoaGGbkcxmDMCSklTZiNzXevS5f8k5YPrJvqUs_IB77VybIr3ZrQDxhtN8mT4jAxlqLgXEmzQYDoYZrgiFjtHdfWrmPzi7n1YpKjoqiNTu1Sk2qBLbVczK-SjSz95odIT4wIJNxcP0B22cmsw.ZJ22Tw.wpr7IeuVTfiq1A3fJGL0cDjyO40
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: f31382397c255310
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 22:15:53	Name: MUID Value: 0BCE87CDA35269143E6194F2A2D96876
.c.clarity.ms/	1970-01-20 13:04:22	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 12:54:18	Name: ANONCHK Value: 0
.snapchat.com/	1970-01-20 22:15:53	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgRUAIAQFwIm8J6TfOJKmMHx375UicKnYg+wYaIsIwdhTFcuR3cMBnstEmz8w4hHgMgAAAA==

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	URL: https://give.unrefugees.org/220613wrd_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003FxIo5QAF&utm_source=u4u-update&utm_campaign=US_PS_EN_GT23_UPDATE___230629&utm_content=onetime&SF_onetime=7011K000002OhxwQAC&SF_monthly=7011K000002Ohy1QAC Message: Pattern attribute value ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}$ is not a valid regular expression: Uncaught SyntaxError: Invalid regular expression: /^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}$/v: Invalid character in character class
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://storage.cloud.kargo.com/kds/configs/Kargo.json Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://crb.kargo.com/api/v1/initsync/17472fad-8544-4c6d-bc35-87fe364865c6?partners=Tapad&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= Message: Failed to load resource: the server responded with a status of 451 (Unavailable For Legal Reasons)
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5133329526405129420 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5133329526405129420 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5133329526405129420 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=cd42ba9b-d26c-46f1-8e33-08d94f73cfa8%3A1688057422.2922428&_=1688057422.2933414 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=187d4b7e-b793-44e4-9bbc-f4a38033366a%3A1688057422.2920985&_=1688057422.293175 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.2947848 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.7474952 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.749815 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=0c7ccb3e-a74d-4bc7-befa-d953f85a18fe%3A1688057422.2925417&_=1688057422.7438915 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20669309p.rfihub.com
20826429p.rfihub.com
20826430p.rfihub.com
4647326.fls.doubleclick.net
a.rfihub.com
aa.agkn.com
ad.doubleclick.net
ad.ipredictive.com
adservice.google.com
app.dafwidget.com
atr.veritonicmetrics.com
bam.nr-data.net
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
c.bing.com
c.clarity.ms
c1.rfihub.net
cdn.plyr.io
cdn.unrefugees.org
cdn.veritonic.com
click.e.unrefugees.org
cm.g.doubleclick.net
code.jquery.com
collector-3219.tvsquared.com
connect.facebook.net
contextual.media.net
crb.kargo.com
d6tizftlrpuof.cloudfront.net
data.adxcel-ec2.com
dpm.demdex.net
dsum-sec.casalemedia.com
event.mrtnsvr.com
fonts.googleapis.com
fonts.gstatic.com
g1782759016.co
give.unrefugees.org
googleads.g.doubleclick.net
h.online-metrix.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
js-agent.newrelic.com
js.ipredictive.com
kds-pixel.kargo.com
live.rezync.com
lyibja.unrefugees.org
p.rfihub.com
p.typekit.net
partners.tremorhub.com
pay.google.com
pixel.quantserve.com
pixel.tapad.com
play.google.com
ps.eyeota.net
px.adentifi.com
r.turn.com
region1.analytics.google.com
rules.quantcount.com
s.yimg.com
sc-static.net
secure.quantserve.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
storage.cloud.kargo.com
sync-tm.everesttech.net
sync.search.spotxchange.com
t.clarity.ms
t.paypal.com
tr.snapchat.com
trkn.us
us-u.openx.net
use.typekit.net
w.usabilla.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.tp88trk.com
x.bidswitch.net
x.dlx.addthis.com
zrtzph91fuyexre632vj7u2axfj363emfbsmm56ld6b489bc874a3396am1.e.aa.online-metrix.net
kds-pixel.kargo.com
108.157.194.102
13.111.228.216
13.249.9.253
13.32.158.98
142.250.181.226
142.250.181.230
142.250.185.162
142.250.186.134
151.101.129.35
151.101.130.137
151.101.65.21
151.101.66.49
162.247.241.14
174.129.208.36
18.210.95.94
18.235.225.8
18.66.112.57
185.80.39.216
185.94.180.125
192.229.221.25
193.0.160.131
198.47.127.205
2.19.126.72
2.23.197.190
20.114.189.70
2001:4860:4802:34::36
2001:4de0:ac18::1:a:3a
212.82.100.181
2600:1901:0:7d2::
2600:1f18:612b:4216:fca7:6f27:4f1c:9be8
2600:9000:211a:9200:1:76cf:fe80:93a1
2600:9000:219c:d000:6:44e3:f8c0:93a1
2600:9000:21f3:3c00:1e:549f:95c0:93a1
2606:4700:21::681b:c358
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:46::45
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:806::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9d
2a00:1450:400c:c0a::5c
2a02:26f0:480:f::213:7ec6
2a02:26f0:480:f::213:7ed3
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.120.214.218
3.66.114.155
3.73.11.83
3.88.89.196
34.111.113.62
34.252.63.13
35.190.43.134
35.190.72.228
35.227.237.181
35.244.159.8
35.244.174.68
37.252.171.52
44.207.218.163
46.137.33.47
46.228.164.11
52.203.49.201
52.209.185.252
52.25.243.35
52.50.52.186
52.54.79.53
54.155.194.178
54.200.172.250
65.9.66.102
68.219.88.97
91.235.132.130
91.235.134.131
95.101.148.20
07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
111f96ceeeb374dce4a178a719d2c1a18ee2d01921025345ed93a29a1f7af221
11fa603ce72adba4dfc745fc81f365afe3d714fd117d4b515c64e1d57cf5af5b
150d8a5f195c345f5ec35f9b9028724f0fdd876b9370ae7a647e22ba17bb2083
19a0f014c0d3edf26067c94da12902d1d211cbdfbf242cba8112f60163e15e99
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c1f5219811c963c7219951501466cf019fe28dafdf7b3d86bdca136842a54f2
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2f61f967f0f19fe63c743f330f862db14d88fcc7e09eae7d22998e87a4e97749
352b05c70b4d38f30eb3372b222fce4b76976f7efeb8715b267720b22e500a30
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
38c9c1413e17c7a5ee87095bdb4cad0da069451ee937cb801c8f37f2c734644f
394e68bb96ac874b1a9f9b39286a16349ab781c8513ce632ce5c7ba8bb2ba0ab
3cda3d0a2e4ce797bd0606475272c0e41a339e4b5c34d1ae9799e2ab21ddedcd
3dd5a94ec25486cc1d3d9d6e182bf914b561218b987e74075930e237dd829621
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e95b9f9a82c00bb102effcc892d180b082c317cbfae4b94737cd432de02701f
3eaa632b311dd5fba237242f453e8fa5679c70da27ee08abf816fce866a147a1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41dd005b9072a6b100d4ce08a2cf1b9a17086766fdcc8125728324f7d2f696cf
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
458ee255c6d13348f36f7ea70ae12bc6810e7ab5ae56f92fa4aabb4752ab32e1
465ecd3c27cf42a3309af6bda6e2b8c4b9cb7a78788908904e0d6761a2c3102a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50bfd91bb65762023b74efba030d3212fef8f6261707ba8edb9e4b28d13bb5ed
53843b6e2eb716d2061efc33c0c42304b86a8af6a5a1dcb7eabf6d272887223d
53b492f729960ead9c5779dc772534e0f00e2dcdbd1687a0d236af95417549b5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
561c37dd8e1b8a9bc6d9b5d9e620fa080452bf68ae4cf31ad2588697f82a88f6
589021bd4abd0d6c7e0848edb41abe88e0da8f30b8346ce0946a98c1964fcc8a
5c3b7d893de324e949b760db1406424f87425597516760d0e6c46fc6dc190c15
62c0466b6e78094d8bb9b9fb50f13f3eb39e3be88dce7663ecfbcabde18b64bc
63cba2737b92688fd6c6019de8ef1203c98bc3e506573f474c9b1d020dea268f
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
659c310e4e409081aca2a6a1b4c384f5ff1e3d1bea35da105799278dcec3a5eb
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
679e214ed1ace52e8f61fdaa95e1138199179b58bb73f0dc9e9415bd235347c4
68dd88fbb51bfc9738707f140dcd78c93593c91db6514144a236cab51eb14873
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6acb1346242f7c72b1a7c45bf5f6316144c439ce3b8b004c21a232d68729cf04
6bf9e66af9bb111049da7e866a1eaa5a241409162552bdb23491e629cf464a53
6bfbae61daf6218548d35bd824d5299e6f0517f156050c302ddd83fa0e8abdc8
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
73ef385046533349dbdb6264bfdb814819b44a3a7ddeedf7611db7d55f567c7c
779018b7087ac7ab577d1377ce27438d2dd601bdd28740901a2577668e5b4c5f
7c707b4d486575fcdf35497e30073fd70f0a9ea072e4ca1ca724da7fbab22a9b
7e77dfdabc1fa61c939bf6ab876e49c3cba5debc3f5d5ee554ee66e2ea026575
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f2e256cb560023d729b4581ba94e88cedce352fc2cbcbb60e3232a5859d4793
81f701abbdb3dcd7318338357add41af96a3b776549dc928c4703cf1cf9f2ffe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8608c7129a24079dd332403d0aef583dcefdf0bfc02914d626a6559a3ac049ad
89e721702a7118e414d65fdbafb7f858d71d6b8baa8605b5308a85d742a47446
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
90b232dae4b3477832ee21493d7558ace8cf6e9b8bc97f9c552f301da013f1da
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
954410601a823f37e219f7930b7446f86afa15621326a7078d56fb9c910135cb
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9781b176b621773091d98d7dc0a6738d105d1c3436a76e9b8f71cb4da19ddbdd
97880bcd7fcc199a008ea736ab008f7f92e9cf6c0addc2afb6c92b3e70d9c9a5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b9c0898e129c8c18b79f176435c368cecfe30a903797c9feba7a82ee19902bd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a18330d7ea3bc59d954c917055b58b5c8369a16ad54874bb168d5070b4b09b7b
a4d8fed43c183464d59468c502eace502696f43068d22256dfbf4b4ab2710221
a6aea90164a685a02afe0e574bb4c668c83a4b6cdff9ab4b09b0ecbd53e4fd66
a750cf16b7e0c250872f5c10e7cde9dddb64a107d60852f611058389323e13eb
a92e141d13e7bb169d751ca416960688c0c656388433f04b64df3a95d31154a1
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b00ea6dbf24a120110b2c029c3113cf214fe6a5ea3b6dc0c89f021c81bbb6a68
b0b01db4bd5bd0d5ed5d245056b7f4ab683a8adef863866a83a601bf6d150a79
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b232b740e35e175a9a671a7695fc317efc0d86304efd2733f0f8d70105c744c9
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
be289deeec23907337aa1bb44dfe993bcfa92d7a283eee4fdd4cb48f7ceaefe0
c192b274ecde65bc4ebd78ba7c380f898cee74d10e872596d576231560d0f921
c32f034ab32e47f18ed4202a0d87886c30ec7270b98156bfb60cd299c8976cf4
c7b3c3003461547708230b235df4cba748728564e429d4caf69993fc29a47fb5
cb027c80ef19c6deeb3f0e8135c07bedf988eec3e3912658d0211668daf05c8c
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d941abaa1c3e1a6da66e5a4eb0ba6a5e52c910591fc656e5de987e6a96e3a9c4
dacf4a58296eb373e9dc0a19dbc1b3934e1ecbcee02655d5f4987f898988e617
dc4db0c6d81bfc0e126c2596a1f83ef4f5d39b8b3128329e333bf448a3d4119d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df62634d73536ee7e09dc74647871b1996398b865baf55170408add698b8bb73
df7e9ed63ee3833a47d20957c461afe655d6aaa158054e8789471b5984d1a06d
e0932518b65faf032728b3be705f6ce0b56754aa17954d1a385154e5e63e93fe
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e28a8a8b506f5333ea71aeb789ae74b2c05922538c6e44564427018d5aa7aac5
e33937c8718b4891cefe03686c4bac285d9265052427e705bce7e677659ed765
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9027cbc9f2efbff37e09740f41c16a1ffd89eae8f1555f6a5955d3198d9c31d
ea2ca9888a45e1c5def3ccaf9f51f25832f15b08ebe4834ae7622f76d6e7ebe8
eb7e68073ee5ed998d26671859e008697e757f3276759a8ec173e5a62d34a404
edc893306201a7735354a817fe8684bf39db7c391144cf425d19a8fa17ddc916
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2dd128bef6bea6453ed26457e389d8fb704ea91d8947b60c634dc7119ec2d57
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d
fd5b58fa35c45e352b330c6c218b9fbf2aaa94e216e25d7d700fb9280287c9ca
fd8226264cfd611c285f0ad0155bbfcaddc31b03ebdb8442431146379e4340b6
fd8c794bb43e5220596bc1c5d50f865268cd2655c86f0d3175875d7e1c3afcc6
ffc31b055189bb8aa10aeac6fb9f6751a34f1e926a218e6757e359d5d0ab64e2

give.unrefugees.org Open in urlscan Pro 54.200.172.250 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

230 Requests

84 %HTTPS

34 %IPv6

62 Domains

88 Subdomains

76 IPs

7 Countries

3022 kBTransfer

7919 kBSize

80 Cookies

4 Outgoing links

Page URL History

Redirected requests

230 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

give.unrefugees.org Open in urlscan Pro
54.200.172.250 Public Scan

Screenshot
Live screenshot

Full Image

230
Requests

84 %
HTTPS

34 %
IPv6

62
Domains

88
Subdomains

76
IPs

7
Countries

3022 kB
Transfer

7919 kB
Size

80
Cookies

230 HTTP transactions
2 data transactions