give.unrefugees.org Open in urlscan Pro
44.240.141.244 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://give.unrefugees.org/
Effective URL:
https://give.unrefugees.org/180117core_mainpg_p_3000/
Submission: On January 10 via manual (January 10th 2024, 7:27:07 am UTC) from SG — Scanned from SG

Summary HTTP 252 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 83 IPs in 8 countries across 67 domains to perform 252 HTTP transactions. The main IP is 44.240.141.244, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is give.unrefugees.org. The Cisco Umbrella rank of the primary domain is 894034.
TLS certificate: Issued by Amazon RSA 2048 M02 on October 8th 2023. Valid for: a year.

This is the only time give.unrefugees.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.41.104.95 52.41.104.95	16509 (AMAZON-02) (AMAZON-02)
1 13	44.240.141.244 44.240.141.244	16509 (AMAZON-02) (AMAZON-02)
7	23.62.212.15 23.62.212.15	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	192.225.158.1 192.225.158.1	30286 (THM) (THM)
1	13.33.88.73 13.33.88.73	16509 (AMAZON-02) (AMAZON-02)
1 3	34.193.172.55 34.193.172.55	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	104.27.195.88 104.27.195.88	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	74.125.24.105 74.125.24.105	15169 (GOOGLE) (GOOGLE)
6	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
4	142.251.175.92 142.251.175.92	15169 (GOOGLE) (GOOGLE)
3	74.125.130.97 74.125.130.97	15169 (GOOGLE) (GOOGLE)
1	172.253.118.95 172.253.118.95	15169 (GOOGLE) (GOOGLE)
1	23.209.46.10 23.209.46.10	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	74.125.68.94 74.125.68.94	15169 (GOOGLE) (GOOGLE)
8	142.251.10.113 142.251.10.113	15169 (GOOGLE) (GOOGLE)
1 2	172.217.194.155 172.217.194.155	15169 (GOOGLE) (GOOGLE)
1 4	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.35.14.254 13.35.14.254	16509 (AMAZON-02) (AMAZON-02)
1	74.125.24.154 74.125.24.154	15169 (GOOGLE) (GOOGLE)
3	157.240.15.13 157.240.15.13	32934 (FACEBOOK) (FACEBOOK)
2	106.10.236.40 106.10.236.40	56173 (YAHOO-SG3...) (YAHOO-SG3 internet content provider)
1	52.18.38.135 52.18.38.135	16509 (AMAZON-02) (AMAZON-02)
1	35.190.72.228 35.190.72.228	15169 (GOOGLE) (GOOGLE)
3	34.117.209.158 34.117.209.158	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.117.96.99 34.117.96.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.224.250.23 13.224.250.23	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
1	34.117.162.98 34.117.162.98	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.69.255.140 54.69.255.140	16509 (AMAZON-02) (AMAZON-02)
2 2	74.125.68.149 74.125.68.149	15169 (GOOGLE) (GOOGLE)
2	142.251.175.157 142.251.175.157	15169 (GOOGLE) (GOOGLE)
2 4	96.17.96.29 96.17.96.29	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	44.242.13.184 44.242.13.184	16509 (AMAZON-02) (AMAZON-02)
1	35.227.237.181 35.227.237.181	15169 (GOOGLE) (GOOGLE)
1	52.2.178.78 52.2.178.78	14618 (AMAZON-AES) (AMAZON-AES)
2 3	3.213.62.40 3.213.62.40	14618 (AMAZON-AES) (AMAZON-AES)
6 6	64.233.170.154 64.233.170.154	15169 (GOOGLE) (GOOGLE)
1	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
4	74.125.130.156 74.125.130.156	15169 (GOOGLE) (GOOGLE)
6	74.125.24.94 74.125.24.94	15169 (GOOGLE) (GOOGLE)
2	13.107.213.59 13.107.213.59	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	34.111.186.1 34.111.186.1	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	172.217.194.94 172.217.194.94	15169 (GOOGLE) (GOOGLE)
1	54.192.150.71 54.192.150.71	16509 (AMAZON-02) (AMAZON-02)
1 2	142.251.175.149 142.251.175.149	15169 (GOOGLE) (GOOGLE)
2	23.209.46.79 23.209.46.79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	103.229.10.192 103.229.10.192	16509 (AMAZON-02) (AMAZON-02)
11 19	198.8.71.131 198.8.71.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	50.116.239.135 50.116.239.135	6336 (TURN-US-ASN) (TURN-US-ASN)
3	192.229.232.89 192.229.232.89	15133 (EDGECAST) (EDGECAST)
3	151.101.65.35 151.101.65.35	54113 (FASTLY) (FASTLY)
1	52.25.243.35 52.25.243.35	16509 (AMAZON-02) (AMAZON-02)
2	157.240.7.35 157.240.7.35	32934 (FACEBOOK) (FACEBOOK)
12	74.125.130.101 74.125.130.101	15169 (GOOGLE) (GOOGLE)
1	35.85.84.151 35.85.84.151	16509 (AMAZON-02) (AMAZON-02)
1	13.33.33.78 13.33.33.78	16509 (AMAZON-02) (AMAZON-02)
2	44.235.191.156 44.235.191.156	16509 (AMAZON-02) (AMAZON-02)
2	106.10.236.146 106.10.236.146	56173 (YAHOO-SG3...) (YAHOO-SG3 internet content provider)
2	107.23.165.60 107.23.165.60	14618 (AMAZON-AES) (AMAZON-AES)
4	20.119.174.243 20.119.174.243	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.0.109.64 3.0.109.64	16509 (AMAZON-02) (AMAZON-02)
2	50.18.149.54 50.18.149.54	16509 (AMAZON-02) (AMAZON-02)
10 10	13.32.27.28 13.32.27.28	16509 (AMAZON-02) (AMAZON-02)
5 13	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5 8	103.43.90.117 103.43.90.117	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	54.36.150.185 54.36.150.185	16276 (OVH) (OVH)
3 6	52.40.168.36 52.40.168.36	16509 (AMAZON-02) (AMAZON-02)
3	67.199.150.86 67.199.150.86	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 5	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 6	54.251.140.206 54.251.140.206	16509 (AMAZON-02) (AMAZON-02)
3	104.83.196.24 104.83.196.24	16625 (AKAMAI-AS) (AKAMAI-AS)
3	44.213.136.134 44.213.136.134	14618 (AMAZON-AES) (AMAZON-AES)
2 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.207.181.216 23.207.181.216	16625 (AKAMAI-AS) (AKAMAI-AS)
3	3.230.219.56 3.230.219.56	14618 (AMAZON-AES) (AMAZON-AES)
3	18.176.187.153 18.176.187.153	16509 (AMAZON-02) (AMAZON-02)
3	44.229.92.118 44.229.92.118	16509 (AMAZON-02) (AMAZON-02)
3 6	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
6 6	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.81.162.201 35.81.162.201	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1 2	20.205.115.81 20.205.115.81	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 7	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	54.249.27.149 54.249.27.149	16509 (AMAZON-02) (AMAZON-02)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	13.33.100.219 13.33.100.219	16509 (AMAZON-02) (AMAZON-02)
252	83

1 52.41.104.95 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-104-95.us-west-2.compute.amazonaws.com

give.unrefugees.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 44.240.141.244 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-141-244.us-west-2.compute.amazonaws.com

give.unrefugees.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.62.212.15 (Kuala Lumpur, Malaysia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-62-212-15.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 192.225.158.1 (United States)

ASN30286 (THM, US)

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.88.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-73.sin2.r.cloudfront.net

cdn.unrefugees.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.193.172.55 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-172-55.compute-1.amazonaws.com

app.dafwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.27.195.88 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 74.125.24.105 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.175.92 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f92.1e100.net

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.130.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.209.46.10 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-209-46-10.deploy.static.akamaitechnologies.com

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.10.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.194.155 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.107.21.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.14.254 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-14-254.sin5.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.15.13 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-03-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 106.10.236.40 (Singapore, Singapore)

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: o2.ycpi.vip.sg3.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.38.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-38-135.eu-west-1.compute.amazonaws.com

collector-3219.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.228 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 228.72.190.35.bc.googleusercontent.com

www.tp88trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.117.209.158 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 158.209.117.34.bc.googleusercontent.com

g1782759016.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.96.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.96.117.34.bc.googleusercontent.com

geotargetly-api-1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.250.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-23.sin52.r.cloudfront.net

js.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

cdn.veritonic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.162.98 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.162.117.34.bc.googleusercontent.com

pixel.byspotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.255.140 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-255-140.us-west-2.compute.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.68.149 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: sc-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.175.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f157.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 96.17.96.29 (Singapore, Singapore) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a96-17-96-29.deploy.static.akamaitechnologies.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.242.13.184 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-242-13-184.us-west-2.compute.amazonaws.com

ad.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.237.181 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 181.237.227.35.bc.googleusercontent.com

event.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.2.178.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-178-78.compute-1.amazonaws.com

data.adxcel-ec2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.213.62.40 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-62-40.compute-1.amazonaws.com

px.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 64.233.170.154 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: sg-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.130.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.213.59 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.186.1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 1.186.111.34.bc.googleusercontent.com

evnt.byspotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.150.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-71.sin2.r.cloudfront.net

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.175.149 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sh-in-f149.1e100.net

4647326.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.209.46.79 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-209-46-79.deploy.static.akamaitechnologies.com

storage.cloud.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.229.10.192 (Singapore)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 198.8.71.131 (United States) 11 redirects

ASN54312 (ROCKETFUEL, US)

20669309p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
20826429p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
20826430p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.232.89 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.25.243.35 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-243-35.us-west-2.compute.amazonaws.com

lyibja.unrefugees.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.7.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 74.125.130.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f101.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.85.84.151 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-84-151.us-west-2.compute.amazonaws.com

35.85.84.151	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.33.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-78.sin2.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.235.191.156 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-191-156.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 106.10.236.146 (Singapore, Singapore)

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: spdc.pbp.vip.sg3.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.23.165.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-165-60.compute-1.amazonaws.com

atr.veritonicmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.0.109.64 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-109-64.ap-southeast-1.compute.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.18.149.54 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-18-149-54.us-west-1.compute.amazonaws.com

kds-pixel.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.32.27.28 (United States) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-28.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.244.154.8 (Kansas City, United States) 5 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 103.43.90.117 (Singapore, Singapore) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.36.150.185 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ip185.ip-54-36-150.eu

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.40.168.36 (Boardman, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-168-36.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.199.150.86 (Singapore, Singapore)

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.251.140.206 (Singapore, Singapore) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.83.196.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.213.136.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-136-134.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.207.181.216 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-181-216.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.230.219.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-219-56.compute-1.amazonaws.com

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.176.187.153 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-187-153.ap-northeast-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.229.92.118 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-92-118.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.213.12.39 (Tokyo, Japan) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.130.49 (United States) 6 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.162.201 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-162-201.us-west-2.compute.amazonaws.com

gs.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.205.115.81 (Hong Kong, Hong Kong) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.43.134 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.249.27.149 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-27-149.ap-northeast-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.100.219 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-100-219.sin2.r.cloudfront.net

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 6 pay.google.com — Cisco Umbrella Rank: 3910 adservice.google.com — Cisco Umbrella Rank: 189 analytics.google.com — Cisco Umbrella Rank: 266 play.google.com — Cisco Umbrella Rank: 95	466 KB
19	rfihub.com 11 redirects 20669309p.rfihub.com 20826429p.rfihub.com 20826430p.rfihub.com p.rfihub.com — Cisco Umbrella Rank: 1485 a.rfihub.com — Cisco Umbrella Rank: 5072	33 KB
17	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 3974 zrtzph916zvgipvk3klkyv5py6tfyw5ewhy76myw83c00fb72a213c0asac.d.aa.online-metrix.net Failed	112 KB
16	doubleclick.net 10 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 ad.doubleclick.net — Cisco Umbrella Rank: 199 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 4647326.fls.doubleclick.net	6 KB
16	unrefugees.org 2 redirects give.unrefugees.org — Cisco Umbrella Rank: 894034 cdn.unrefugees.org lyibja.unrefugees.org	884 KB
13	rlcdn.com 5 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 764	2 KB
10	rezync.com 10 redirects live.rezync.com — Cisco Umbrella Rank: 2302	7 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	783 KB
9	paypal.com www.paypal.com — Cisco Umbrella Rank: 3050 t.paypal.com — Cisco Umbrella Rank: 3583	89 KB
8	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	7 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1280 r.clarity.ms — Cisco Umbrella Rank: 12813 c.clarity.ms — Cisco Umbrella Rank: 2579	28 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
8	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4707	72 KB
8	typekit.net use.typekit.net — Cisco Umbrella Rank: 1107 p.typekit.net — Cisco Umbrella Rank: 1464	196 KB
7	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 1096 tr6.snapchat.com — Cisco Umbrella Rank: 1403	2 KB
6	everesttech.net 6 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1396	1 KB
6	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 590	4 KB
6	eyeota.net 3 redirects ps.eyeota.net — Cisco Umbrella Rank: 1645	3 KB
6	demdex.net 3 redirects dpm.demdex.net — Cisco Umbrella Rank: 313	4 KB
6	kargo.com storage.cloud.kargo.com — Cisco Umbrella Rank: 7829 crb.kargo.com — Cisco Umbrella Rank: 1708 kds-pixel.kargo.com — Cisco Umbrella Rank: 30874	8 KB
6	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 10713	991 B
5	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194	2 KB
5	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 930	915 B
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 6260	1 KB
4	trkn.us 2 redirects trkn.us — Cisco Umbrella Rank: 4714	3 KB
4	mountain.com dx.mountain.com — Cisco Umbrella Rank: 8722 px.mountain.com — Cisco Umbrella Rank: 8813 gs.mountain.com — Cisco Umbrella Rank: 16057	8 KB
4	ipredictive.com js.ipredictive.com — Cisco Umbrella Rank: 29469 ad.ipredictive.com — Cisco Umbrella Rank: 8095	4 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 692 c.bing.com — Cisco Umbrella Rank: 539	16 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 845	1 KB
3	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 1173	1010 B
3	agkn.com aa.agkn.com — Cisco Umbrella Rank: 973	1 KB
3	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 2179	523 B
3	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 3039	546 B
3	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 3291	325 B
3	media.net contextual.media.net — Cisco Umbrella Rank: 1093	2 KB
3	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 1555	890 B
3	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2512	33 KB
3	adentifi.com 2 redirects px.adentifi.com — Cisco Umbrella Rank: 16453 rtb.adentifi.com — Cisco Umbrella Rank: 2030	541 B
3	byspotify.com pixel.byspotify.com — Cisco Umbrella Rank: 18159 evnt.byspotify.com — Cisco Umbrella Rank: 17628	7 KB
3	g1782759016.co g1782759016.co — Cisco Umbrella Rank: 784771	504 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	202 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	290 KB
3	dafwidget.com 1 redirects app.dafwidget.com	4 KB
2	veritonicmetrics.com atr.veritonicmetrics.com — Cisco Umbrella Rank: 19507	133 B
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 2033	878 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	216 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 2137 pixel.quantserve.com — Cisco Umbrella Rank: 1736	10 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 876	7 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1399	36 KB
1	cloudfront.net d6tizftlrpuof.cloudfront.net	2 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 604	487 B
1	usabilla.com w.usabilla.com — Cisco Umbrella Rank: 5480	11 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 1593	15 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1945	1 KB
1	turn.com r.turn.com — Cisco Umbrella Rank: 6381	398 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 8415	6 KB
1	adxcel-ec2.com data.adxcel-ec2.com — Cisco Umbrella Rank: 8207	131 B
1	mrtnsvr.com event.mrtnsvr.com — Cisco Umbrella Rank: 108921
1	veritonic.com cdn.veritonic.com — Cisco Umbrella Rank: 72027	2 KB
1	geotargetly-api-1.com geotargetly-api-1.com — Cisco Umbrella Rank: 168630	659 B
1	tp88trk.com www.tp88trk.com — Cisco Umbrella Rank: 37819	19 KB
1	tvsquared.com collector-3219.tvsquared.com	190 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	900 B
1	plyr.io cdn.plyr.io — Cisco Umbrella Rank: 14635	32 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1219	30 KB
0	weborama.fr Failed wam.solution.weborama.fr Failed
252	67

	Domain	Requested by
17	h.online-metrix.net	give.unrefugees.org h.online-metrix.net
14	give.unrefugees.org	2 redirects give.unrefugees.org
13	idsync.rlcdn.com	5 redirects give.unrefugees.org
12	play.google.com	www.gstatic.com
11	p.rfihub.com	8 redirects give.unrefugees.org
10	live.rezync.com	10 redirects
10	www.google.com	1 redirects give.unrefugees.org www.gstatic.com www.google.com
9	www.gstatic.com	www.google.com pay.google.com www.gstatic.com
8	ib.adnxs.com	5 redirects give.unrefugees.org
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
8	dev.visualwebsiteoptimizer.com	give.unrefugees.org dev.visualwebsiteoptimizer.com
7	use.typekit.net	give.unrefugees.org use.typekit.net
6	tr.snapchat.com	1 redirects sc-static.net
6	sync-tm.everesttech.net	6 redirects
6	x.bidswitch.net	3 redirects give.unrefugees.org
6	ps.eyeota.net	3 redirects give.unrefugees.org
6	dpm.demdex.net	3 redirects give.unrefugees.org
6	www.google.com.sg	give.unrefugees.org
6	cm.g.doubleclick.net	6 redirects
6	www.paypal.com	give.unrefugees.org www.paypal.com www.paypalobjects.com
5	dsum-sec.casalemedia.com	2 redirects give.unrefugees.org
5	us-u.openx.net	2 redirects give.unrefugees.org
4	cookie-matching.mediarithmics.com	4 redirects
4	a.rfihub.com	2 redirects c1.rfihub.net
4	r.clarity.ms	www.clarity.ms
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	trkn.us	2 redirects give.unrefugees.org
4	pay.google.com	give.unrefugees.org pay.google.com www.gstatic.com
3	pixel.tapad.com	3 redirects
3	beacon.krxd.net	give.unrefugees.org
3	aa.agkn.com	give.unrefugees.org
3	partners.tremorhub.com	give.unrefugees.org
3	x.dlx.addthis.com	give.unrefugees.org
3	bpi.rtactivate.com	give.unrefugees.org
3	contextual.media.net	give.unrefugees.org
3	image2.pubmatic.com	give.unrefugees.org
3	t.paypal.com	give.unrefugees.org
3	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
3	ad.ipredictive.com	give.unrefugees.org js.ipredictive.com
3	g1782759016.co	give.unrefugees.org
3	connect.facebook.net	give.unrefugees.org connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com give.unrefugees.org
3	www.googletagmanager.com	give.unrefugees.org www.googletagmanager.com
3	app.dafwidget.com	1 redirects give.unrefugees.org app.dafwidget.com
2	c.clarity.ms	1 redirects
2	kds-pixel.kargo.com	storage.cloud.kargo.com
2	crb.kargo.com	storage.cloud.kargo.com crb.kargo.com
2	atr.veritonicmetrics.com	cdn.veritonic.com
2	sp.analytics.yahoo.com	give.unrefugees.org
2	px.mountain.com	dx.mountain.com give.unrefugees.org
2	20826429p.rfihub.com	c1.rfihub.net
2	www.facebook.com	give.unrefugees.org
2	storage.cloud.kargo.com	www.googletagmanager.com storage.cloud.kargo.com
2	4647326.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	evnt.byspotify.com	pixel.byspotify.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	rtb.adentifi.com	1 redirects give.unrefugees.org
2	adservice.google.com	give.unrefugees.org 4647326.fls.doubleclick.net
2	ad.doubleclick.net	2 redirects
2	s.yimg.com	give.unrefugees.org s.yimg.com
2	sc-static.net	www.googletagmanager.com tr.snapchat.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
1	d6tizftlrpuof.cloudfront.net	give.unrefugees.org
1	tr6.snapchat.com	sc-static.net
1	bam.nr-data.net	js-agent.newrelic.com
1	w.usabilla.com	give.unrefugees.org
1	c.bing.com	1 redirects
1	js-agent.newrelic.com	give.unrefugees.org
1	gs.mountain.com	give.unrefugees.org
1	pixel.quantserve.com	give.unrefugees.org
1	rules.quantcount.com	secure.quantserve.com
1	20826430p.rfihub.com	c1.rfihub.net
1	lyibja.unrefugees.org	connect.facebook.net
1	r.turn.com	give.unrefugees.org
1	20669309p.rfihub.com	1 redirects
1	secure.quantserve.com	give.unrefugees.org
1	c1.rfihub.net	give.unrefugees.org
1	analytics.google.com	www.googletagmanager.com
1	px.adentifi.com	1 redirects
1	data.adxcel-ec2.com	give.unrefugees.org
1	event.mrtnsvr.com	give.unrefugees.org
1	dx.mountain.com	give.unrefugees.org
1	pixel.byspotify.com	give.unrefugees.org
1	cdn.veritonic.com	give.unrefugees.org
1	js.ipredictive.com	www.googletagmanager.com
1	geotargetly-api-1.com	give.unrefugees.org
1	www.tp88trk.com	www.googletagmanager.com
1	collector-3219.tvsquared.com	give.unrefugees.org
1	www.googleadservices.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	p.typekit.net	use.typekit.net
1	fonts.googleapis.com	give.unrefugees.org
1	cdn.plyr.io	give.unrefugees.org
1	code.jquery.com	give.unrefugees.org
1	cdn.unrefugees.org	give.unrefugees.org
0	zrtzph916zvgipvk3klkyv5py6tfyw5ewhy76myw83c00fb72a213c0asac.d.aa.online-metrix.net Failed
0	wam.solution.weborama.fr Failed	give.unrefugees.org
252	97

This site contains links to these domains. Also see Links.

Domain
dafwidget.com
www.unrefugees.org

Subject Issuer	Validity	Valid
unrefugees.org Amazon RSA 2048 M02	`2023-10-08` - `2024-11-05`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-01-09` - `2024-01-23`	a year	crt.sh
*.unrefugees.org Amazon RSA 2048 M01	`2023-04-06` - `2024-05-04`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
cdn.plyr.io Cloudflare Inc ECC CA-3	`2023-04-12` - `2024-04-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-13` - `2024-08-20`	10 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-19` - `2024-01-17`	3 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-12` - `2024-01-31`	2 months	crt.sh
*.tvsquared.com Amazon RSA 2048 M02	`2023-07-02` - `2024-07-30`	a year	crt.sh
tp88trk.com Starfield Secure Certificate Authority - G2	`2023-12-21` - `2025-01-21`	a year	crt.sh
g1782759016.co GTS CA 1D4	`2023-12-06` - `2024-03-05`	3 months	crt.sh
geotargetly-api-1.com GTS CA 1D4	`2023-12-12` - `2024-03-11`	3 months	crt.sh
*.ipredictive.com Amazon RSA 2048 M02	`2023-03-14` - `2024-04-11`	a year	crt.sh
cdn.veritonic.com Amazon RSA 2048 M03	`2023-08-25` - `2024-09-22`	a year	crt.sh
pixel.byspotify.com GTS CA 1D4	`2024-01-02` - `2024-04-01`	3 months	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2023-06-12` - `2024-06-23`	a year	crt.sh
event.mrtnsvr.com GTS CA 1D4	`2023-11-17` - `2024-02-15`	3 months	crt.sh
adxcel-ec2.com Amazon RSA 2048 M01	`2023-09-18` - `2024-10-17`	a year	crt.sh
*.google.com.sg GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.imarketsmart.com Amazon RSA 2048 M03	`2023-12-26` - `2025-01-24`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
prfx.byspotify.com GTS CA 1D4	`2024-01-07` - `2024-04-06`	3 months	crt.sh
*.rfihub.net Amazon RSA 2048 M03	`2023-10-31` - `2024-11-28`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
kargo.com R3	`2023-11-10` - `2024-02-08`	3 months	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
lyibja.unrefugees.org R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh
35.85.84.151 Sectigo RSA Domain Validation Secure Server CA	`2023-08-23` - `2024-09-22`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-27` - `2024-04-27`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-10-24` - `2024-04-17`	6 months	crt.sh
*.veritonicmetrics.com Amazon RSA 2048 M01	`2023-04-20` - `2024-05-18`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.prod.apse1.green.ops.kargo.com Amazon RSA 2048 M03	`2023-12-12` - `2025-01-10`	a year	crt.sh
*.dev.kargo.com Amazon RSA 2048 M03	`2023-12-05` - `2025-01-01`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
w.usabilla.com Amazon RSA 2048 M03	`2023-12-12` - `2025-01-09`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://give.unrefugees.org/180117core_mainpg_p_3000/
Frame ID: C6A09ED2119E7B46FAC3EE20DF3A6399
Requests: 135 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgive.unrefugees.org&mid=
Frame ID: 035CBE94DB2E831BB4E216B5C3BF519F
Requests: 13 HTTP requests in this frame

Frame: https://ad.ipredictive.com/d/track/event?upid=101374&cache_buster=1704871619&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&val=undefined&tn=undefined&itms=undefined
Frame ID: 01EC0319A1A6C519A8A6ADD409491972
Requests: 1 HTTP requests in this frame

Frame: https://4647326.fls.doubleclick.net/activityi;dc_pre=CMTRgdql0oMDFYQTewcdvk8ECw;src=4647326;type=unrefcms;cat=donfvis;ord=1615921154219;auiddc=778359041.1704871618;u3=undefined;u2=undefined;gtm=45He4180v832800531;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F
Frame ID: 218E0D2AA39E4272E96894CF5780081D
Requests: 2 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 6C6E0AA91317AA0CA0D932E106D21F17
Requests: 3 HTTP requests in this frame

Frame: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&pf=&ra=1614082862755979
Frame ID: 476C2638AF555593298D6132B973F40B
Requests: 18 HTTP requests in this frame

Frame: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&pf=&ra=3230783087017206
Frame ID: 54C673CC151C68A05E2FEAD74754DE6E
Requests: 18 HTTP requests in this frame

Frame: https://20826430p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826430&_o=9587&_t=20826430&pe=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&pf=&ra=19114342845878896
Frame ID: B9278F4AB86B05EA183CB1E7537BCAA7
Requests: 18 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=zh-CN&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=jvpb1efai2ri
Frame ID: 017D709EFFAE8D5ED56A5ACBE720DB38
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm
Frame ID: 2BA1CF2F41C62ECAD376419E758150BD
Requests: 3 HTTP requests in this frame

Frame: https://crb.kargo.com/api/v1/initsync/e7e3384a-3c0f-493d-8764-378bcf272be3?partners=Tapad&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: 2E352E79724C2203EC7B546CCFDF023B
Requests: 2 HTTP requests in this frame

Frame: https://a.rfihub.com/pstats.html?rb=9587&ca=20826430&ri=889620cadfec88d0cb1adf0a5c5653c5&stats=%7B%2213488%22%3A%222164%2C1%22%2C%2217243%22%3A%22113%2C1%22%2C%2242261%22%3A%22107%2C1%22%2C%2250495%22%3A%22510%2C1%22%2C%2252220%22%3A%22153%2C1%22%2C%2253935%22%3A%221374%2C1%22%2C%2254497%22%3A%22514%2C1%22%2C%2254855%22%3A%22101%2C1%22%2C%2254863%22%3A%221380%2C1%22%2C%2255073%22%3A%22349%2C1%22%2C%2256659%22%3A%221060%2C1%22%2C%2256885%22%3A%22758%2C1%22%2C%2257347%22%3A%22865%2C2%22%2C%2257363%22%3A%22830%2C1%22%2C%2258143%22%3A%22314%2C1%22%2C%2258553%22%3A%221909%2C1%22%2C%2258561%22%3A%221051%2C1%22%7D&ra=7652758699620374
Frame ID: B7FC4AD21BB0900756692EAA08AE33A4
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/check.js;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a&jb=35392e24687b6d773f5f6b6c666f7f7b246871673d55696c6c677771273a32333126687360773d43687a6f6d6d24687b603f4160706d6f652d3a32333038
Frame ID: 3DD5E1357A166E1260D87C0623CE7D44
Requests: 11 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=cda0845c-e241-4b98-8d4b-abdc76d31d9d&u_scsid=d3dee16e-e58b-42a2-b68a-de60c28edc4d&u_sclid=f74c1e8f-cfbc-4aca-bd0c-35cb6048c141
Frame ID: A06FE85ADD7B14A3D5C7F604C763EA2E
Requests: 2 HTTP requests in this frame

Frame: https://w.usabilla.com/fa5b33ed7c80.js?lv=1
Frame ID: A10333D7A12702C470DDE62D6DEEE332
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1704798292093&pnid=140&pcid=2b353c0a-ab8a-4131-8694-968aa457a347
Frame ID: 0F43A315F7A49335A30B947A15658B55
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/unhcr-button-ca8fba580979f02c2694fa49ed8ef52a.png
Frame ID: 1353D4DA23BD77E219C72187B80CF337
Requests: 1 HTTP requests in this frame

Frame: https://a.rfihub.com/pstats.html?rb=9587&ca=20826429&ri=230cddecfa9e29e5d5b5a7ce79998cea&stats=%7B%2213488%22%3A%22%22%2C%2217243%22%3A%2232%2C1%22%2C%2242261%22%3A%2233%2C1%22%2C%2250495%22%3A%22421%2C1%22%2C%2252220%22%3A%2263%2C1%22%2C%2253935%22%3A%221284%2C1%22%2C%2254497%22%3A%22424%2C1%22%2C%2254855%22%3A%2233%2C1%22%2C%2254863%22%3A%221292%2C1%22%2C%2255073%22%3A%22279%2C1%22%2C%2256659%22%3A%22892%2C1%22%2C%2256885%22%3A%22702%2C1%22%2C%2257347%22%3A%22775%2C2%22%2C%2257363%22%3A%221437%2C1%22%2C%2258143%22%3A%22217%2C1%22%2C%2258553%22%3A%221859%2C1%22%2C%2258561%22%3A%221065%2C1%22%7D&ra=7822190428205313
Frame ID: BD805C3A4BA9C92F782EE0AA529A15B6
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a
Frame ID: F0C71A8B59C06F50EC5DC705C93E84AA
Requests: 3 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a
Frame ID: 351CFB0CED0C26AB068D50F2D849B189
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/top_fp.html;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a
Frame ID: 99DE163EE332E6FF8C1745926CAEE090
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate To Help Refugees - USA for UNHCR

Page URL History Show full URLs

http://give.unrefugees.org/ HTTP 301
https://give.unrefugees.org/ HTTP 302
https://give.unrefugees.org/180117core_mainpg_p_3000/ Page URL

Detected technologies

Plyr (Video players) Expand

Overall confidence: 100%
Detected patterns

https://cdn\.plyr\.io/([0-9.]+)/.+\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

252
Requests

86 %
HTTPS

0 %
IPv6

67
Domains

97
Subdomains

83
IPs

8
Countries

3445 kB
Transfer

8572 kB
Size

91
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://dafwidget.com/terms-and-privacy-policy/
Title: Terms of Service and Privacy Policy

Search URL Search Domain Scan URL

URL: https://dafwidget.com/add-a-new-fund-to-the-dafwidget/
Title: Don't see your fund? Let us know.

Search URL Search Domain Scan URL

URL: https://www.unrefugees.org/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.unrefugees.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://give.unrefugees.org/ HTTP 301
https://give.unrefugees.org/ HTTP 302
https://give.unrefugees.org/180117core_mainpg_p_3000/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://app.dafwidget.com/api/js/source.js HTTP 301
https://app.dafwidget.com/public/embed.js

Request Chain 54

https://ad.doubleclick.net/ddm/activity/src=4269937;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=4269937;dc_pre=CObB9dml0oMDFQf4TAIdwWkPPA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=4269937;dc_pre=CObB9dml0oMDFQf4TAIdwWkPPA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 55

https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=370356391 HTTP 302
https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=370356391;ip=39.109.224.42;cuidchk=1

Request Chain 56

https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=802097967 HTTP 302
https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=802097967;ip=39.109.224.42;cuidchk=1

Request Chain 61

https://px.adentifi.com/Pixels?a_id=10893;rev=undefined;cv_1=undefined;cv_2=undefined;p_url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F;uq=5502467582723.711 HTTP 302
https://rtb.adentifi.com/CookieSyncAdX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adtheorent&google_hm=pMgTYa-JEe6IFBL6a1iuEQ&google_redir=https%3A%2F%2Frtb.adentifi.com%2FCookieSyncAdXCheck&google_ula=6802874232 HTTP 302
https://rtb.adentifi.com/CookieSyncAdXCheck?google_ula=6802874232,2

Request Chain 66

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10934040069/?random=728179370&cv=11&fst=1704871618512&bg=ffffff&guid=ON&async=1&gtm=45He4180v832800531&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&tiba=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&value=0&auid=778359041.1704871618&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=wkaeZc2xJeWErtoPybWT8AQ&sscte=1&crd=&eitems=ChEIgPrzrAYQkbTW6cHVnIScARIdAMSJEBAVI0Ms-GQHWb_sMepfMjWjhfLjG4WXaxw&pscrd=Ek5DaEVJZ1ByenJBWVF2TkROd3VmX3NMZVBBUklsQUZMemZ0Tnl2UVBfLTNwdldfbFdKMWozQVVZdjExdlNzVWZ0VGVsaTE4NmlvV3dUa0EaV0NoQUlnUHJ6ckFZUWtmbllrTHJmN3FCLUVpMEE2TjhiTWRXaldYN3JIaUw3N1M3Z21oVndYQ0FoSUxYNVVPRHI3bXdZYjdrUXRfNjRla25UVzlHWk5WQSITCM2a3Nml0oMDFWWCSwUdydoETg HTTP 302
https://www.google.com/pagead/1p-conversion/10934040069/?random=728179370&cv=11&fst=1704871618512&bg=ffffff&guid=ON&async=1&gtm=45He4180v832800531&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&tiba=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&value=0&auid=778359041.1704871618&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ1ByenJBWVF2TkROd3VmX3NMZVBBUklsQUZMemZ0Tnl2UVBfLTNwdldfbFdKMWozQVVZdjExdlNzVWZ0VGVsaTE4NmlvV3dUa0EaV0NoQUlnUHJ6ckFZUWtmbllrTHJmN3FCLUVpMEE2TjhiTWRXaldYN3JIaUw3N1M3Z21oVndYQ0FoSUxYNVVPRHI3bXdZYjdrUXRfNjRla25UVzlHWk5WQSITCM2a3Nml0oMDFWWCSwUdydoETg&is_vtc=1&ocp_id=wkaeZc2xJeWErtoPybWT8AQ&cid=CAQSKQAvHhf_9xJAHXLX1jdTP7dEFSa-4Yn1OyrCjUOEqbPQ-UAowrcLD5oy&eitems=ChEIgPrzrAYQkbTW6cHVnIScARIdAMSJEBCVH34eamDtOH8sPLIC53l1lfSJ5wm2BNw&random=1356381250 HTTP 302
https://www.google.com.sg/pagead/1p-conversion/10934040069/?random=728179370&cv=11&fst=1704871618512&bg=ffffff&guid=ON&async=1&gtm=45He4180v832800531&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&tiba=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&value=0&auid=778359041.1704871618&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ1ByenJBWVF2TkROd3VmX3NMZVBBUklsQUZMemZ0Tnl2UVBfLTNwdldfbFdKMWozQVVZdjExdlNzVWZ0VGVsaTE4NmlvV3dUa0EaV0NoQUlnUHJ6ckFZUWtmbllrTHJmN3FCLUVpMEE2TjhiTWRXaldYN3JIaUw3N1M3Z21oVndYQ0FoSUxYNVVPRHI3bXdZYjdrUXRfNjRla25UVzlHWk5WQSITCM2a3Nml0oMDFWWCSwUdydoETg&is_vtc=1&ocp_id=wkaeZc2xJeWErtoPybWT8AQ&cid=CAQSKQAvHhf_9xJAHXLX1jdTP7dEFSa-4Yn1OyrCjUOEqbPQ-UAowrcLD5oy&eitems=ChEIgPrzrAYQkbTW6cHVnIScARIdAMSJEBCVH34eamDtOH8sPLIC53l1lfSJ5wm2BNw&random=1356381250&ipr=y&ezwbk=AZuM4hBC2nrJwKbKwSaFTvmaKW0zO5eWmuXpRH97JqI2zYIqBuYz_nTjO_xHi4Y-dWJPKX8ZhmjeD-I_Rx5Akuug6xY6

Request Chain 88

https://4647326.fls.doubleclick.net/activityi;src=4647326;type=unrefcms;cat=donfvis;ord=1615921154219;auiddc=778359041.1704871618;u3=undefined;u2=undefined;gtm=45He4180v832800531;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F HTTP 302
https://4647326.fls.doubleclick.net/activityi;dc_pre=CMTRgdql0oMDFYQTewcdvk8ECw;src=4647326;type=unrefcms;cat=donfvis;ord=1615921154219;auiddc=778359041.1704871618;u3=undefined;u2=undefined;gtm=45He4180v832800531;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F

Request Chain 91

https://20669309p.rfihub.com/ca.gif?rb=9587&ca=20669309&ra=21259077 HTTP 302
https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=

Request Chain 152

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1917759400169906056&referrer=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=3974e228-b36c-4181-a9a2-13ae9b72028b%3A1704871621.6818504&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D3974e228-b36c-4181-a9a2-13ae9b72028b%253A1704871621.6818504%26_%3D1704871621.6830409&cb=1704871621.683065 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069215&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D3974e228-b36c-4181-a9a2-13ae9b72028b%253A1704871621.6818504%26_%3D1704871621.6830409 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=3974e228-b36c-4181-a9a2-13ae9b72028b%3A1704871621.6818504&_=1704871621.6830409 HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=8984362547217952026

Request Chain 153

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTkxNzc1OTQwMDE2OTkwNjA1Ng==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEHTejuuAUVpJ59j4Nc3Am0g&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069215&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=6d8a0413-1f53-4c47-a56b-2faae4f9720b%3A1704871622.052399&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D6d8a0413-1f53-4c47-a56b-2faae4f9720b%253A1704871622.052399%26_%3D1704871622.0551054&cb=1704871622.0551412 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069215&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D6d8a0413-1f53-4c47-a56b-2faae4f9720b%253A1704871622.052399%26_%3D1704871622.0551054 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=6d8a0413-1f53-4c47-a56b-2faae4f9720b%3A1704871622.052399&_=1704871622.0551054 HTTP 307
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=lvr18 HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?domid=1052 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx&google_gid=CAESEAxXkSsOP7ugbeMsKTzxgQA&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEAxXkSsOP7ugbeMsKTzxgQA&action=GET_ID&etid=&domid=1052 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8984362547217952026&opid=apx&ops=&utidl=tech:goo:CAESEAxXkSsOP7ugbeMsKTzxgQA&action=GET_ID&etid=&domid=1052 HTTP 303
https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A67705016072

Request Chain 154

https://ib.adnxs.com/setuid?entity=18&code=1917759400169906056 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1917759400169906056

Request Chain 155

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1917759400169906056&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1917759400169906056&redir=

Request Chain 157

https://us-u.openx.net/w/1.0/sd?id=537073062&val=1917759400169906056&r= HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537073062&val=1917759400169906056&r=

Request Chain 158

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=1917759400169906056&bid=omt9pi0 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=1917759400169906056&bid=omt9pi0

Request Chain 161

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1917759400169906056&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1917759400169906056&forward=&C=1

Request Chain 167

https://x.bidswitch.net/sync?dsp_id=119&user_id=1917759400169906056&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1917759400169906056&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}

Request Chain 168

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZZ5GxQANaxK5xQBH HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZ5GxQANaxK5xQBH&_test=ZZ5GxQANaxK5xQBH

Request Chain 170

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=1977432095907069215&bid=omt9pi0 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=1977432095907069215&bid=omt9pi0

Request Chain 171

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZZ5GxQANapVykwBU HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZ5GxQANapVykwBU&_test=ZZ5GxQANapVykwBU

Request Chain 172

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069215&referrer=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=57cc3881-b3a4-4877-a264-b12e5c863b0d%3A1704871621.6821756&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D57cc3881-b3a4-4877-a264-b12e5c863b0d%253A1704871621.6821756%26_%3D1704871621.683343&cb=1704871621.683371 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069215&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D57cc3881-b3a4-4877-a264-b12e5c863b0d%253A1704871621.6821756%26_%3D1704871621.683343 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=57cc3881-b3a4-4877-a264-b12e5c863b0d%3A1704871621.6821756&_=1704871621.683343 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGmkeQj7kiBPu7yVOy72PtI&google_cver=1

Request Chain 173

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTk3NzQzMjA5NTkwNzA2OTIxNQ==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEHTejuuAUVpJ59j4Nc3Am0g&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069215&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=66079f0d-2d32-458c-b888-65f04efbefad%3A1704871622.0526054&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D66079f0d-2d32-458c-b888-65f04efbefad%253A1704871622.0526054%26_%3D1704871622.0539322&cb=1704871622.0539613 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069215&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D66079f0d-2d32-458c-b888-65f04efbefad%253A1704871622.0526054%26_%3D1704871622.0539322 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=66079f0d-2d32-458c-b888-65f04efbefad%3A1704871622.0526054&_=1704871622.0539322 HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=8984362547217952026

Request Chain 174

https://ib.adnxs.com/setuid?entity=18&code=1977432095907069215 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1977432095907069215

Request Chain 175

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1977432095907069215&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1977432095907069215&redir=

Request Chain 177

https://us-u.openx.net/w/1.0/sd?id=537073062&val=1977432095907069215&r= HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537073062&val=1977432095907069215&r=

Request Chain 180

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1977432095907069215&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1977432095907069215&forward=&C=1

Request Chain 186

https://x.bidswitch.net/sync?dsp_id=119&user_id=1977432095907069215&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1977432095907069215&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}

Request Chain 188

https://pixel.tapad.com/idsync/ex/receive?partner_id=2781&partner_device_id=89835cca-cc31-94a7-4265-32b8cbb34c38&partner_url=https%3A%2F%2Fcrb.kargo.com%2Fapi%2Fv1%2Fsync%2FTapad%2F89835cca-cc31-94a7-4265-32b8cbb34c38%3Frid%3D5b217d4a-5d64-4456-8438-7dcf53a7aa12%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26exid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2781&partner_device_id=89835cca-cc31-94a7-4265-32b8cbb34c38&partner_url=https%3A%2F%2Fcrb.kargo.com%2Fapi%2Fv1%2Fsync%2FTapad%2F89835cca-cc31-94a7-4265-32b8cbb34c38%3Frid%3D5b217d4a-5d64-4456-8438-7dcf53a7aa12%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26exid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://crb.kargo.com/api/v1/sync/Tapad/89835cca-cc31-94a7-4265-32b8cbb34c38?rid=5b217d4a-5d64-4456-8438-7dcf53a7aa12&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&exid=2b353c0a-ab8a-4131-8694-968aa457a347

Request Chain 189

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=1977432095907069236&bid=omt9pi0 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=1977432095907069236&bid=omt9pi0

Request Chain 190

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZZ5GxQANa3_3ywBH HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZ5GxQANa3_3ywBH&_test=ZZ5GxQANa3_3ywBH

Request Chain 191

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069236&referrer=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=8d07feb0-8648-48fe-861b-cacec8b85126%3A1704871621.8229845&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D8d07feb0-8648-48fe-861b-cacec8b85126%253A1704871621.8229845%26_%3D1704871621.8243897&cb=1704871621.8244169 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069236&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D8d07feb0-8648-48fe-861b-cacec8b85126%253A1704871621.8229845%26_%3D1704871621.8243897 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=8d07feb0-8648-48fe-861b-cacec8b85126%3A1704871621.8229845&_=1704871621.8243897 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGmkeQj7kiBPu7yVOy72PtI&google_cver=1

Request Chain 192

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTk3NzQzMjA5NTkwNzA2OTIzNg==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEHTejuuAUVpJ59j4Nc3Am0g&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069236&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=3974e228-b36c-4181-a9a2-13ae9b72028b%3A1704871621.6818504&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D3974e228-b36c-4181-a9a2-13ae9b72028b%253A1704871621.6818504%26_%3D1704871622.3434105&cb=1704871622.3434381 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069215&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D3974e228-b36c-4181-a9a2-13ae9b72028b%253A1704871621.6818504%26_%3D1704871622.3434105 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=3974e228-b36c-4181-a9a2-13ae9b72028b%3A1704871621.6818504&_=1704871622.3434105 HTTP 307
https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID}

Request Chain 194

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1977432095907069236&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1977432095907069236&redir=

Request Chain 205

https://x.bidswitch.net/sync?dsp_id=119&user_id=1977432095907069236&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1977432095907069236&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}

Request Chain 214

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=0A9131532B814543BD7EABAE1536D15E&RedC=c.clarity.ms&MXFR=32AF4AFF44DF645A1C9A5EFD40DF6ACC HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0A9131532B814543BD7EABAE1536D15E&MUID=38C958F2C6DE6E7A0AAD4CF0C7E66FC7

Request Chain 231

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1704871624015&u_scsid=29d214b1-1262-4ec2-a881-20f491016105&u_sclid=da371c25-aa81-46ac-8ab1-9acc0f52b568 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1704798292093%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1704798292093&pnid=140&pcid=2b353c0a-ab8a-4131-8694-968aa457a347

252 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
give.unrefugees.org/180117core_mainpg_p_3000/
Redirect Chain

http://give.unrefugees.org/
https://give.unrefugees.org/
https://give.unrefugees.org/180117core_mainpg_p_3000/

42 KB
17 KB

453ms
453ms

Document
text/html

44.240.141.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.141.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-141-244.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: f19a35ad572d95f099949885daab3afd9f3d3f45cd9ad917ccdb60f953d767c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 16565
content-type: text/html; charset=utf-8
date: Wed, 10 Jan 2024 07:26:56 GMT
vary: Accept-Encoding

Redirect headers

cache-control: private
content-type: text/html; charset=utf-8
date: Wed, 10 Jan 2024 07:26:56 GMT
location: https://give.unrefugees.org/180117core_mainpg_p_3000/
server: Microsoft-IIS/10.0

GET
H2 200 index.css
give.unrefugees.org/css/ 192 KB
38 KB 540ms
539ms Stylesheet
text/css 44.240.141.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://give.unrefugees.org/css/index.css?v=9.7.3
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.141.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-141-244.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: fd8226264cfd611c285f0ad0155bbfcaddc31b03ebdb8442431146379e4340b6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/180117core_mainpg_p_3000/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:57 GMT
content-encoding: gzip
last-modified: Thu, 09 Mar 2023 22:58:48 GMT
etag: "b3f07db5da52d91:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 38454

GET
H2 200 plyr.css
give.unrefugees.org/css/ 24 KB
6 KB 219ms
217ms Stylesheet
text/css 44.240.141.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://give.unrefugees.org/css/plyr.css
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.141.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-141-244.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 465ecd3c27cf42a3309af6bda6e2b8c4b9cb7a78788908904e0d6761a2c3102a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/180117core_mainpg_p_3000/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:56 GMT
content-encoding: gzip
last-modified: Sat, 23 Feb 2019 20:10:20 GMT
etag: "09e7cdb3cbd41:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 5867

GET
H2 200 hrp3szy.css
use.typekit.net/ 7 KB
1 KB 779ms
405ms Stylesheet
text/css 23.62.212.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/hrp3szy.css

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.212.15 Kuala Lumpur, Malaysia, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-62-212-15.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

111f96ceeeb374dce4a178a719d2c1a18ee2d01921025345ed93a29a1f7af221

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 10 Jan 2024 07:26:57 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1032

GET
H/1.1 200
OK tags.js Show response
h.online-metrix.net/fp/ 95 KB
13 KB 598ms
191ms Script
text/javascript 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/tags.js?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&pageid=1

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

2dce3682d03e9ce280c04af0c75711ea19718cb7dcc5d8fe78fe0cee7164ed41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 07:26:57 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 nudge_arrow.png
give.unrefugees.org/img/ 1 KB
2 KB 220ms
219ms Image
image/png 44.240.141.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/img/nudge_arrow.png
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.141.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-141-244.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 394e68bb96ac874b1a9f9b39286a16349ab781c8513ce632ce5c7ba8bb2ba0ab

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/180117core_mainpg_p_3000/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:56 GMT
cache-control: no-cache
last-modified: Thu, 08 Sep 2022 15:48:50 GMT
accept-ranges: bytes
etag: "05d2e7d9ac3d81:0"
content-length: 1102
content-type: image/png

GET
H2 200 lock-secure-donation.png
give.unrefugees.org/img/ 8 KB
8 KB 219ms
218ms Image
image/png 44.240.141.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/img/lock-secure-donation.png
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.141.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-141-244.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 9b9c0898e129c8c18b79f176435c368cecfe30a903797c9feba7a82ee19902bd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/180117core_mainpg_p_3000/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:56 GMT
cache-control: no-cache
last-modified: Thu, 08 Sep 2022 15:48:50 GMT
accept-ranges: bytes
etag: "05d2e7d9ac3d81:0"
content-length: 8196
content-type: image/png

GET
H/1.1 200
OK monthly-main-rf1224300x530.jpg
cdn.unrefugees.org/u4uforms2020/media/poudf0o4/ 55 KB
56 KB 152ms
23ms Image
image/jpeg 13.33.88.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uforms2020/media/poudf0o4/monthly-main-rf1224300x530.jpg
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-73.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e82a396725669578ed103cfd44c82ecf642c6bbf27ccc706671a3ac214398480

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 14:50:17 GMT
Via: 1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN2-P2
Age: 59801
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-local-date-created: 133062670522150548
Content-Length: 56219
x-amz-meta-local-date-modified: 133062670522150548
Last-Modified: Mon, 29 Aug 2022 17:18:44 GMT
Server: AmazonS3
ETag: "608c01010b440fafb2ec55f0da8b7803"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: GCie1XJ2MPl81SNCl4slLic9GMf5kUsVDmR01S-N-K9rRVckKjNo2w==

GET
H2

200

embed.js Show response
app.dafwidget.com/public/
Redirect Chain

https://app.dafwidget.com/api/js/source.js
https://app.dafwidget.com/public/embed.js

7 KB
2 KB

518ms
518ms

Script
text/javascript

34.193.172.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.dafwidget.com/public/embed.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Server: 34.193.172.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-172-55.compute-1.amazonaws.com
Software: /
Resource Hash: a6aea90164a685a02afe0e574bb4c668c83a4b6cdff9ab4b09b0ecbd53e4fd66

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: gzip
x-cache-hit: 1
last-modified: Thu, 03 Aug 2023 13:19:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

Redirect headers

location: https://app.dafwidget.com:443/public/embed.js
date: Wed, 10 Jan 2024 07:26:58 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 bbb-logo-173x87.png
give.unrefugees.org/media/1017/ 33 KB
34 KB 360ms
360ms Image
image/png 44.240.141.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/media/1017/bbb-logo-173x87.png
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.141.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-141-244.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 97880bcd7fcc199a008ea736ab008f7f92e9cf6c0addc2afb6c92b3e70d9c9a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/180117core_mainpg_p_3000/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:57 GMT
cache-control: no-cache
last-modified: Wed, 28 Mar 2018 18:24:27 GMT
accept-ranges: bytes
etag: "a937c21c2c6d31:0"
content-length: 33886
content-type: image/png

GET
H2 200 guide-star-platinum.png
give.unrefugees.org/media/1005/ 16 KB
17 KB 211ms
211ms Image
image/png 44.240.141.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/media/1005/guide-star-platinum.png
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.141.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-141-244.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 53b492f729960ead9c5779dc772534e0f00e2dcdbd1687a0d236af95417549b5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/180117core_mainpg_p_3000/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:57 GMT
cache-control: no-cache
last-modified: Tue, 05 Dec 2017 18:17:59 GMT
accept-ranges: bytes
etag: "af9bd561f56dd31:0"
content-length: 16468
content-type: image/png

GET
H2 200 unhcr-visibility-horizontal-white-cmyk-v2016.svg
give.unrefugees.org/img/ 12 KB
4 KB 216ms
215ms Image
image/svg+xml 44.240.141.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/img/unhcr-visibility-horizontal-white-cmyk-v2016.svg
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.141.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-141-244.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6bfbae61daf6218548d35bd824d5299e6f0517f156050c302ddd83fa0e8abdc8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/180117core_mainpg_p_3000/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 15:48:50 GMT
etag: "05d2e7d9ac3d81:0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-cache
accept-ranges: bytes
content-length: 4074

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 364ms
22ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://give.unrefugees.org/
Origin: https://give.unrefugees.org
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 188700
x-cache: HIT, HIT
content-length: 30638
x-served-by: cache-lga21923-LGA, cache-qpg1254-QPG
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1704871618.064863,VS0,VE0
etag: W/"28feccc0-15851"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 22, 58888

GET
H2 200 plyr.js Show response
cdn.plyr.io/3.5.2/ 111 KB
32 KB 389ms
37ms Script
application/javascript 104.27.195.88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.5.2/plyr.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.195.88 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8608c7129a24079dd332403d0aef583dcefdf0bfc02914d626a6559a3ac049ad

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5220531
cf-polished: origSize=113855
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 20 Apr 2023 10:33:42 GMT
server: cloudflare
etag: W/"26d009457000af80d7306229fc132b15"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRjs0ez0dQxoEaEbh8XwXgXWFfwZx0DtcE2ZOG%2FU8dMBbCEYkzbHfEpU8kPXCg277dPUBxz9lkgKFJgj6Fm3n9tmRcWKrVQYESXjlH5TjONcVFTVOhngJTE0pw7D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 843331deda36a3ca-SIN

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 373ms
24ms Script
text/javascript 74.125.24.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f105.1e100.net

Software

GSE /

Resource Hash

09f16e78ea0ea8f73670ef3f8fc0ae50d03756c2241f1b8a11bbfdba8f44d256

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 10 Jan 2024 07:26:58 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 293 KB
80 KB 758ms
703ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f1b1f868f0cefc8cfc07aee8dabc332a9b75adde18bd2f93335116c0f5254836

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-xr4Q21v6zas7+MMPSXLHXQ8RxXET+3r9t2Ge0g7bR2IDG4gF' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-xr4Q21v6zas7+MMPSXLHXQ8RxXET+3r9t2Ge0g7bR2IDG4gF' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-xr4Q21v6zas7+MMPSXLHXQ8RxXET+3r9t2Ge0g7bR2IDG4gF' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-xr4Q21v6zas7+MMPSXLHXQ8RxXET+3r9t2Ge0g7bR2IDG4gF' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Wed, 10 Jan 2024 07:26:58 GMT
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: true
paypal-debug-id: f734946b2972a
server-timing: "traceparent;desc="00-0000000000000000000f734946b2972a-f2605284067c8551-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 80035
x-xss-protection: 1; mode=block
x-served-by: cache-qpg1279-QPG, cache-qpg1279-QPG
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f734946b2972a-bba630a4c7e3e3d1-01
x-timer: S1704871618.079853,VS0,VE692
etag: W/"138a3-3hGoURmj+xg4TOIzGnqB9At7kPQ"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 index.min.js Show response
give.unrefugees.org/scripts/lib/ 759 KB
671 KB 232ms
231ms Script
application/javascript 44.240.141.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://give.unrefugees.org/scripts/lib/index.min.js?v=9.7.3
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.141.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-141-244.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 458ee255c6d13348f36f7ea70ae12bc6810e7ab5ae56f92fa4aabb4752ab32e1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/180117core_mainpg_p_3000/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: gzip
last-modified: Thu, 09 Mar 2023 21:50:48 GMT
accept-ranges: bytes
etag: "e4e6b735d152d91:0"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 commerce.min.js Show response
give.unrefugees.org/scripts/lib/ 52 KB
17 KB 220ms
219ms Script
application/javascript 44.240.141.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://give.unrefugees.org/scripts/lib/commerce.min.js?v=9.7.3
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.141.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-141-244.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 5c3b7d893de324e949b760db1406424f87425597516760d0e6c46fc6dc190c15

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/180117core_mainpg_p_3000/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: gzip
last-modified: Mon, 08 May 2023 14:47:28 GMT
etag: "040812bc81d91:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 16863

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 120 KB
37 KB 452ms
100ms Script
application/javascript 142.251.175.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f92.1e100.net

Software

ESF /

Resource Hash

bdea39ff0aaefeb286939cb448721dd04ba163b068146c411304d5afd9238555

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-0xPE_w_c8lxYpRudRUAOTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-0xPE_w_c8lxYpRudRUAOTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 10 Jan 2024 07:26:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 455 KB
118 KB 402ms
53ms Script
application/javascript 74.125.130.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

149a8bc27efaf28b0d261ef6dcd079b4019f233404403aecdefd8bf2f8730423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120090
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Jan 2024 07:26:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
900 B 391ms
18ms Stylesheet
text/css 172.253.118.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Kalam|Lato&display=swap

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=9.7.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f95.1e100.net

Software

ESF /

Resource Hash

589021bd4abd0d6c7e0848edb41abe88e0da8f30b8346ce0946a98c1964fcc8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 07:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 07:26:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 07:26:57 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 485ms
57ms Stylesheet
text/css 23.209.46.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=hrp3szy&ht=tk&f=139.140.171.173.174.175.176.15701.15703.15705.15708&a=1630018&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.209.46.10 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-209-46-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:57 GMT
last-modified: Fri, 07 Jul 2023 12:44:58 GMT
server: nginx
etag: "64a808ca-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 27 KB
7 KB 78ms
30ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=760031&u=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&vn=2
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gsng2 /
Resource Hash: 1ecf817dbcfacecb3235825e2058688365a7c42c9bea9489d402c382c456a8f7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: gzip
via: 1.1 google
server: gsng2
etag: W/"1704295789_EA"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 l
use.typekit.net/af/925423/00000000000000003b9b038f/27/ 19 KB
20 KB 378ms
18ms Font
application/font-woff2 23.62.212.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/925423/00000000000000003b9b038f/27/l?subset_id=2&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.212.15 Kuala Lumpur, Malaysia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-62-212-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7c707b4d486575fcdf35497e30073fd70f0a9ea072e4ca1ca724da7fbab22a9b

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://give.unrefugees.org
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
server: nginx
etag: "af967ea1356382090341795946181a15b4b5bcf0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19900

GET
H2 200 l
use.typekit.net/af/220823/000000000000000000015231/27/ 45 KB
45 KB 377ms
17ms Font
application/font-woff2 23.62.212.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/220823/000000000000000000015231/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.212.15 Kuala Lumpur, Malaysia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-62-212-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 73ef385046533349dbdb6264bfdb814819b44a3a7ddeedf7611db7d55f567c7c

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://give.unrefugees.org
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
server: nginx
etag: "25d9000ed11ad93413dd9fab416a1870c8ae46cd"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46076

GET
H2 200 l
use.typekit.net/af/180254/00000000000000000001522c/27/ 45 KB
46 KB 378ms
30ms Font
application/font-woff2 23.62.212.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/180254/00000000000000000001522c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.212.15 Kuala Lumpur, Malaysia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-62-212-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 38c9c1413e17c7a5ee87095bdb4cad0da069451ee937cb801c8f37f2c734644f

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://give.unrefugees.org
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
server: nginx
etag: "d8f0e75543cc417069e2148d573e1b3687264d73"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46404

GET
H2 200 checkmark-icon.svg
give.unrefugees.org/img/ 899 B
1 KB 594ms
593ms Image
image/svg+xml 44.240.141.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/img/checkmark-icon.svg
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=9.7.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.141.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-141-244.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 2f61f967f0f19fe63c743f330f862db14d88fcc7e09eae7d22998e87a4e97749

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/css/index.css?v=9.7.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
cache-control: no-cache
last-modified: Thu, 08 Sep 2022 15:48:50 GMT
accept-ranges: bytes
etag: "05d2e7d9ac3d81:0"
content-length: 899
content-type: image/svg+xml

GET
H2 200 l
use.typekit.net/af/6c7e72/000000000000000000015232/27/ 46 KB
46 KB 374ms
27ms Font
application/font-woff2 23.62.212.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6c7e72/000000000000000000015232/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.212.15 Kuala Lumpur, Malaysia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-62-212-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3cd854806809b430cf2a895390bfac5b1ff996643f6e9bb55abb7a36a1e33fc3

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://give.unrefugees.org
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
server: nginx
etag: "e855751b4c412caa5b02bc2213270b96d80c67d9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47300

GET
H2 200 YA9dr0Wd4kDdMthROCc.woff2
fonts.gstatic.com/s/kalam/v16/ 22 KB
22 KB 345ms
13ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kalam/v16/YA9dr0Wd4kDdMthROCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kalam|Lato&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

954410601a823f37e219f7930b7446f86afa15621326a7078d56fb9c910135cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.unrefugees.org
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 06:51:43 GMT
x-content-type-options: nosniff
age: 2115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22336
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:47:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 06:51:43 GMT

GET
H3 200 va_gq-014e271cb682624402ff2d52b5857b6f.js Show response
dev.visualwebsiteoptimizer.com/edrv/ 218 KB
58 KB 55ms
21ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-014e271cb682624402ff2d52b5857b6f.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=760031&u=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&vn=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gsng2 /
Resource Hash: 68077e8a64152d634eeccdf5cc41207956497ba2a093e4ae618ea89ea834f728

Request headers

Referer: https://give.unrefugees.org/
Origin: https://give.unrefugees.org
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 10 Jan 2024 05:32:07 GMT
server: gsng2
etag: "659e2bd7-e6c0"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59072

GET
H3 200 nc-014e271cb682624402ff2d52b5857b6f.js Show response
dev.visualwebsiteoptimizer.com/edrv/ 8 KB
3 KB 51ms
18ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/edrv/nc-014e271cb682624402ff2d52b5857b6f.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=760031&u=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&vn=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gsng2 /
Resource Hash: 09ee16c6f3b0151e3ebe54947c050b97409fa22acf9aac74334b4cf3a4504402

Request headers

Referer: https://give.unrefugees.org/
Origin: https://give.unrefugees.org
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 10 Jan 2024 05:32:07 GMT
server: gsng2
etag: "659e2bd7-ac5"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2757

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
143 B 246ms
245ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=760031&d=give.unrefugees.org&u=D0757D984F80E61B149CC9F629942D38F&h=b28b56e1863b1129bf35c94cb0147735&t=false

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv2c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv2c
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
BLOB 200
OK 9e2f8ee3-332a-4390-ae52-1b14e1b8b3ea
https://give.unrefugees.org/ 698 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://give.unrefugees.org/9e2f8ee3-332a-4390-ae52-1b14e1b8b3ea
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12ee7f21bdcb2a3c6ce590fc7f253fb15ae3af0ac86ce5ed6896f6c89964268c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 698
Content-Type: application/javascript

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
53 B 252ms
251ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=760031&u=D0757D984F80E61B149CC9F629942D38F&s=1704871618&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22en-us%22%2C%22r%22%3A%22%22%2C%22lt%22%3A1704871618204%2C%22tO%22%3A-8%2C%22tz%22%3A%22Asia%2FSingapore%22%7D&cu=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&r=0&p=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1704871618223&v=eddfc4940

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv2c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:26:58 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv2c
content-type: image/gif
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 apmLib-014e271cb682624402ff2d52b5857b6f.js Show response
dev.visualwebsiteoptimizer.com/ 4 KB
2 KB 13ms
12ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/apmLib-014e271cb682624402ff2d52b5857b6f.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-014e271cb682624402ff2d52b5857b6f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gsng2 /
Resource Hash: fd601ce33489ba6e895aa416ba26cac8ad54f92eea59e1037f7c08d86e4fc2b9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 10 Jan 2024 05:32:07 GMT
server: gsng2
etag: "659e2bd7-613"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1555

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 6 KB
3 KB 20ms
19ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=760031&settings_type=1&vn=&eventArch=1&uuid=&ec=256808&exc=61|62|63|64|65
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-014e271cb682624402ff2d52b5857b6f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gsng2 /
Resource Hash: be381e4dd3d87fb47e23748de8a7701caf1da337d458fadbce7325e66c82a08b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: gzip
via: 1.1 google
server: gsng2
etag: W/"1704295789_EA"
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 25ms
24ms Script
application/javascript 74.125.130.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EVDQTJ4LMY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

837d965f6a5dc4be06e74a50285fd304af0c8a70d857aab1f4595b0bbaa08071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82284
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Jan 2024 07:26:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
92 KB 26ms
25ms Script
application/javascript 74.125.130.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P9YZZV758Y&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e9237b7cbf52841699a220eac1d5830b38b89740b3d5e64421610a480ffb8d50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94061
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Jan 2024 07:26:58 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 355ms
12ms Script
text/javascript 142.251.10.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 10 Jan 2024 06:42:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2673
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 10 Jan 2024 08:42:25 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957115417/ 3 KB
2 KB 358ms
22ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957115417/?random=1704871618502&cv=11&fst=1704871618502&bg=ffffff&guid=ON&async=1&gtm=45He4180v832800531&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&hn=www.googleadservices.com&frm=0&tiba=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&auid=778359041.1704871618&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

a57a7d44b28768cc4e8a0491b150283b0524224c0177f117441c1da2ef840684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 396ms
52ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 10 Jan 2024 07:26:58 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5A3A51D162E4475CB757672FB7DB69EE Ref B: SGEEDGE0421 Ref C: 2024-01-10T07:26:58Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 scevent.min.js Show response
sc-static.net/ 41 KB
18 KB 122ms
27ms Script
application/javascript 13.35.14.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.14.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-14-254.sin5.r.cloudfront.net
Software: CloudFront /
Resource Hash: e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: gzip
via: 1.1 34a84b82ff144b427f99aaae61510d20.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN5-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17883
x-amz-cf-id: QJ1DmSB35wWsxQaWNI3KdAACYfwEZhF1vgVBFozV3mfeCcEjrUHbcQ==

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/10934040069/ 3 KB
2 KB 110ms
22ms Script
text/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10934040069/?random=1704871618512&cv=11&fst=1704871618512&bg=ffffff&guid=ON&async=1&gtm=45He4180v832800531&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&tiba=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&value=0&bttype=purchase&auid=778359041.1704871618&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

8c7cd7f2b28c9e2e3efdcc0efbf24c8a9e722464c9347a41f7663db3f412f8e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1668
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 349ms
11ms Script
application/x-javascript 157.240.15.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-03-sin6.fbcdn.net

Software

Resource Hash

b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 10 Jan 2024 07:26:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54366
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: gv20tpXT9r1Q5ffXlNXMHCP7ouj39xNzG3y1SDa9gl0d5QPMW1FLoj3r47KD+OLCYhNaD2z2hoYqlU6jqGwJxQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 976ms
56ms Script
application/javascript 106.10.236.40
YAHOO-SG3 interne...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

106.10.236.40 Singapore, Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),

Reverse DNS

o2.ycpi.vip.sg3.yahoo.com

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Wed, 10 Jan 2024 07:16:43 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: NGHPXYDMZ2HXYD59
age: 617
x-amz-server-side-encryption: AES256
content-length: 6262
x-amz-id-2: CmpUF+hGYEHOOM5i9Pfa95INuFLEYBLfEe9CcWvtBEbrXAko6jx+yvYvsZ7x9+q3hfxB++IOZak=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H/1.1 200
OK tv2track.js Show response
collector-3219.tvsquared.com/ 0
190 B 1202ms
176ms Script
application/javascript 52.18.38.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-3219.tvsquared.com/tv2track.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.38.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-38-135.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 07:26:59 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Content-Type: application/javascript, application/javascript

GET
H2 200 everflow.js Show response
www.tp88trk.com/scripts/sdk/ 60 KB
19 KB 331ms
239ms Script
text/javascript 35.190.72.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tp88trk.com/scripts/sdk/everflow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.72.228 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 228.72.190.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 74e2b289e3723bdbb00011d16216dece7e2143b8aee51c19e325dcf9be1133fd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: 24c19144-aeaf-4dfe-93eb-5d5d8b36bb12
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gp Show response
g1782759016.co/ 26 B
104 B 375ms
31ms Script
application/javascript 34.117.209.158
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g1782759016.co/gp?id=-L_Ny2xXp1FWryzFl6qy&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&cw=1600&ch=1200
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.209.158 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 158.209.117.34.bc.googleusercontent.com
Software: Google Frontend / Express
Resource Hash: eb7e68073ee5ed998d26671859e008697e757f3276759a8ec173e5a62d34a404

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
via: 1.1 google
server: Google Frontend
x-powered-by: Express
etag: W/"1a-7KeVhWk+843gX+8y2fD4wjI8a34"
content-type: application/javascript; charset=utf-8
x-cloud-trace-context: 204e86a687fb632ceb78f00ce072e23d
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26

GET
H2 200 gp Show response
g1782759016.co/ 26 B
173 B 372ms
31ms Script
application/javascript 34.117.209.158
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g1782759016.co/gp?id=-LXPWq_CG-cVgJYLdmun&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&cw=1600&ch=1200
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.209.158 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 158.209.117.34.bc.googleusercontent.com
Software: Google Frontend / Express
Resource Hash: eb7e68073ee5ed998d26671859e008697e757f3276759a8ec173e5a62d34a404

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
via: 1.1 google
server: Google Frontend
x-powered-by: Express
etag: W/"1a-7KeVhWk+843gX+8y2fD4wjI8a34"
content-type: application/javascript; charset=utf-8
x-cloud-trace-context: e47bb2627dfd79c076d04fd50bae766a
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26

GET
H2 200 gp Show response
g1782759016.co/ 0
227 B 219ms
30ms Script
application/javascript 34.117.209.158
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g1782759016.co/gp?id=-LFI9dAMttdUZNQm4p8O&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&cw=1600&ch=1200
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.209.158 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 158.209.117.34.bc.googleusercontent.com
Software: Google Frontend / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
via: 1.1 google
server: Google Frontend
x-powered-by: Express
content-type: application/javascript
x-cloud-trace-context: a0d7d93172346d8cc4aba62559f44505
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 gr Show response
geotargetly-api-1.com/ 389 B
659 B 378ms
25ms Script
application/javascript 34.117.96.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://geotargetly-api-1.com/gr?id=-NMjTrhTer02I79EmwF_&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.96.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.96.117.34.bc.googleusercontent.com
Software: Google Frontend / Express
Resource Hash: 480757989054b1d20e83c1da0e71993fec48492dd5bb6081885f0654e2552faa

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:59 GMT
via: 1.1 google
server: Google Frontend
x-powered-by: Express
etag: W/"185-LSoImGASsAx7FqD4eZaRx1Yr/Fk"
content-type: application/javascript; charset=utf-8
x-cloud-trace-context: 010a3d87ccc5851f3786704d8ef03fec
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 389

GET
H2 200 adelphic_universal_pixel.js Show response
js.ipredictive.com/ 2 KB
2 KB 124ms
16ms Script
application/javascript 13.224.250.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ipredictive.com/adelphic_universal_pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-23.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 06:49:29 GMT
via: 1.1 1098c68725f26a6e79b4565dded7de38.cloudfront.net (CloudFront)
last-modified: Fri, 30 Sep 2022 15:42:59 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 2249
etag: "83b469155694c51d4c5581028a6788bc"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2108
x-amz-cf-id: 13Td5AJtocVbAc8SGPemH4J2an5Ub7CVl2MrclA3CI2uTBc6L7qXhg==

GET
H2 200 vpr.min.js Show response
cdn.veritonic.com/static/ 4 KB
2 KB 2064ms
178ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.veritonic.com/static/vpr.min.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-54.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 121c08aa32d56feaf1e2a15f735b9d20d34ff00ed6afa8b21839de50e0b3f233

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: pDsvIAuyukwEAlDifEQFaPMRdc4vW31E
content-encoding: gzip
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
date: Tue, 09 Jan 2024 19:34:50 GMT
last-modified: Thu, 24 Aug 2023 18:30:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 42730
x-amz-server-side-encryption: AES256
etag: W/"8cb8e115ba7a7e3d69fc12100ce233fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: sJfn54Z1atn8LPdyDW-fhrb01Szp7yOdqNCjkJXyVUooRviGNQeQXA==

GET
H2 200 ping.min.js Show response
pixel.byspotify.com/ 32 KB
7 KB 57ms
10ms Script
application/javascript 34.117.162.98
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.byspotify.com/ping.min.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.162.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 98.162.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 20c0114a672ac0b5b31a1c0100543a2306bf389816ab20774b66e8f7b30fb60c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 06:34:02 GMT
content-encoding: gzip
via: 1.1 google
age: 3176
x-guploader-uploadid: ABPtcPqzE6xusikRBsSa0DOw8ddmeo1Hd-Mp1rNsDWNRw23nusK-QxcY3l5HC-o7vFSjHF_PX7Y3NEtT1A
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6158
last-modified: Wed, 11 Oct 2023 19:00:35 GMT
server: UploadServer
etag: "13069f74108a788c598831c3a4ff2cdf"
vary: Accept-Encoding
x-goog-generation: 1697050835633914
x-goog-hash: crc32c=We0+rw==, md5=EwafdBCKeIxZiDHDpP8s3w==
content-type: application/javascript;
cache-control: public, max-age=3600
x-goog-stored-content-length: 6158
accept-ranges: bytes
expires: Wed, 10 Jan 2024 07:34:02 GMT

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 16 KB
5 KB 958ms
216ms Script
application/javascript 54.69.255.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=35855&tdr=&plh=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&cb=75939306828179970term=value
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.69.255.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-255-140.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 0bc354eed79a5fed73692a5866e0a848e9eaf7111ecfabb50e40aed343f502bb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:59 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
x-envoy-upstream-service-time: 3
connection: close
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

src=4269937;dc_pre=CObB9dml0oMDFQf4TAIdwWkPPA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=4269937;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=4269937;dc_pre=CObB9dml0oMDFQf4TAIdwWkPPA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=4269937;dc_pre=CObB9dml0oMDFQf4TAIdwWkPPA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
401 B

446ms
73ms

Image
image/gif

142.251.175.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=4269937;dc_pre=CObB9dml0oMDFQf4TAIdwWkPPA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Server

142.251.175.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:26:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:26:59 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=4269937;dc_pre=CObB9dml0oMDFQf4TAIdwWkPPA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=370356391
https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=370356391;ip=39.109.224.42;cuidchk=1

42 B
780 B

1243ms
1243ms

Image
image/gif

96.17.96.29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=370356391;ip=39.109.224.42;cuidchk=1

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

HTTP/1.1

Server

96.17.96.29 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-17-96-29.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 07:27:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Wed, 10 Jan 2024 07:26:59 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=UTF-8
Location: /pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=370356391;ip=39.109.224.42;cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ppt=18676;g=sitewide;gid=43404;ord=undefined
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=802097967
https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=802097967;ip=39.109.224.42;cuidchk=1

42 B
780 B

1518ms
1518ms

Image
image/gif

96.17.96.29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=802097967;ip=39.109.224.42;cuidchk=1

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

HTTP/1.1

Server

96.17.96.29 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-17-96-29.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 07:27:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Wed, 10 Jan 2024 07:26:59 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=UTF-8
Location: /pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=802097967;ip=39.109.224.42;cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK pixel
ad.ipredictive.com/d/rt/ 631 B
787 B 925ms
210ms Image
image/jpeg 44.242.13.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=60700&uuid=d5534c09-ec00-4f6f-9451-54fa79df98bb&rr=CACHE_BUSTER&gtmcb=390567773
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.242.13.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-242-13-184.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 07:26:59 GMT
Content-Encoding: gzip
Connection: keep-alive
X-CI-RTID: 0cc9e61a-d06e-48ec-acc2-136523280ef9
Content-Length: 479
Content-Type: image/jpeg

GET
H/1.1 200
OK pixel
ad.ipredictive.com/d/track/cvt/ 631 B
858 B 974ms
211ms Image
image/jpeg 44.242.13.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.ipredictive.com/d/track/cvt/pixel?acct_id=58684&cache_buster=[timestamp]&gtmcb=1836595371
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.242.13.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-242-13-184.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 07:26:59 GMT
Content-Encoding: gzip
Connection: keep-alive
X-CI-RTID: 5cc379b8-a05a-473f-a900-409dd91cc955
Content-Length: 479
Content-Type: image/jpeg

GET
H2 502 /
event.mrtnsvr.com/ 0
0 352ms
225ms Image
text/html 35.227.237.181
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.mrtnsvr.com/?adv=17114&cb=368656863&ref=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&gtmcb=291441363
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.237.181 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 181.237.227.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H/1.1 200
OK /
data.adxcel-ec2.com/pixel/ 43 B
131 B 1086ms
246ms Image
image/gif 52.2.178.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=content&pixid=f2fb3240-c0e1-432f-91c7-686941e6de69
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.178.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-178-78.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

204

CookieSyncAdXCheck
rtb.adentifi.com/
Redirect Chain

https://px.adentifi.com/Pixels?a_id=10893;rev=undefined;cv_1=undefined;cv_2=undefined;p_url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F;uq=5502467582723.711
https://rtb.adentifi.com/CookieSyncAdX
https://cm.g.doubleclick.net/pixel?google_nid=adtheorent&google_hm=pMgTYa-JEe6IFBL6a1iuEQ&google_redir=https%3A%2F%2Frtb.adentifi.com%2FCookieSyncAdXCheck&google_ula=6802874232
https://rtb.adentifi.com/CookieSyncAdXCheck?google_ula=6802874232,2

0
34 B

294ms
294ms

Image
text/plain

3.213.62.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncAdXCheck?google_ula=6802874232,2
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Server: 3.213.62.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-62-40.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:01 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb.adentifi.com/CookieSyncAdXCheck?google_ula=6802874232,2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 264
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
56 B 20ms
19ms Ping
text/plain 142.251.10.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-EVDQTJ4LMY&gtm=45je4180v9104144426z8832800531&_p=1704871616773&gcd=11l1l1l1l1&dma=0&cid=1657659349.1704871619&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1704871618&sct=1&seg=0&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&dt=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&en=page_view&_fv=1&_nsi=1&_ss=1&ep.local_country=USA&ep.cs_container_id_version=GTM-N9KWLLF_95&ep.cs_container_id=GTM-N9KWLLF&ep.application_type=Website%20-%20ecom&ep.custom_event_id=8ef7e105-6af4-4e5e-b8a8-b26953e246a5&ep.custom_event_timestamp=2024-01-10T15%3A26%3A58.518%2B08%3A00&tfd=4044
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EVDQTJ4LMY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
248 B 350ms
14ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-P9YZZV758Y&gtm=45je4180v889592756z8832800531&_p=1704871616773&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1657659349.1704871619&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704871618&sct=1&seg=0&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&dt=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&en=page_view&_fv=1&_ss=1&tfd=4098
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P9YZZV758Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 16ms
15ms Ping
text/plain 74.125.130.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P9YZZV758Y&cid=1657659349.1704871619&gtm=45je4180v889592756z8832800531&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P9YZZV758Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sb-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
408 B 350ms
14ms Image
image/gif 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P9YZZV758Y&cid=1657659349.1704871619&gtm=45je4180v889592756z8832800531&aip=1&dma=0&gcd=11l1l1l1l1&z=429453147

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:26:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com.sg/pagead/1p-conversion/10934040069/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10934040069/?random=728179370&cv=11&fst=1704871618512&bg=ffffff&guid=ON&async=1&gtm=45He4180v832800531&gcd=11l1l1l1l1&dma=0&u_w=1600...
https://www.google.com/pagead/1p-conversion/10934040069/?random=728179370&cv=11&fst=1704871618512&bg=ffffff&guid=ON&async=1&gtm=45He4180v832800531&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3...
https://www.google.com.sg/pagead/1p-conversion/10934040069/?random=728179370&cv=11&fst=1704871618512&bg=ffffff&guid=ON&async=1&gtm=45He4180v832800531&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=http...

42 B
108 B

278ms
21ms

Image
image/gif

74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-conversion/10934040069/?random=728179370&cv=11&fst=1704871618512&bg=ffffff&guid=ON&async=1&gtm=45He4180v832800531&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&tiba=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&value=0&auid=778359041.1704871618&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ1ByenJBWVF2TkROd3VmX3NMZVBBUklsQUZMemZ0Tnl2UVBfLTNwdldfbFdKMWozQVVZdjExdlNzVWZ0VGVsaTE4NmlvV3dUa0EaV0NoQUlnUHJ6ckFZUWtmbllrTHJmN3FCLUVpMEE2TjhiTWRXaldYN3JIaUw3N1M3Z21oVndYQ0FoSUxYNVVPRHI3bXdZYjdrUXRfNjRla25UVzlHWk5WQSITCM2a3Nml0oMDFWWCSwUdydoETg&is_vtc=1&ocp_id=wkaeZc2xJeWErtoPybWT8AQ&cid=CAQSKQAvHhf_9xJAHXLX1jdTP7dEFSa-4Yn1OyrCjUOEqbPQ-UAowrcLD5oy&eitems=ChEIgPrzrAYQkbTW6cHVnIScARIdAMSJEBCVH34eamDtOH8sPLIC53l1lfSJ5wm2BNw&random=1356381250&ipr=y&ezwbk=AZuM4hBC2nrJwKbKwSaFTvmaKW0zO5eWmuXpRH97JqI2zYIqBuYz_nTjO_xHi4Y-dWJPKX8ZhmjeD-I_Rx5Akuug6xY6

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:26:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:26:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.com.sg/pagead/1p-conversion/10934040069/?random=728179370&cv=11&fst=1704871618512&bg=ffffff&guid=ON&async=1&gtm=45He4180v832800531&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&tiba=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&value=0&auid=778359041.1704871618&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ1ByenJBWVF2TkROd3VmX3NMZVBBUklsQUZMemZ0Tnl2UVBfLTNwdldfbFdKMWozQVVZdjExdlNzVWZ0VGVsaTE4NmlvV3dUa0EaV0NoQUlnUHJ6ckFZUWtmbllrTHJmN3FCLUVpMEE2TjhiTWRXaldYN3JIaUw3N1M3Z21oVndYQ0FoSUxYNVVPRHI3bXdZYjdrUXRfNjRla25UVzlHWk5WQSITCM2a3Nml0oMDFWWCSwUdydoETg&is_vtc=1&ocp_id=wkaeZc2xJeWErtoPybWT8AQ&cid=CAQSKQAvHhf_9xJAHXLX1jdTP7dEFSa-4Yn1OyrCjUOEqbPQ-UAowrcLD5oy&eitems=ChEIgPrzrAYQkbTW6cHVnIScARIdAMSJEBCVH34eamDtOH8sPLIC53l1lfSJ5wm2BNw&random=1356381250&ipr=y&ezwbk=AZuM4hBC2nrJwKbKwSaFTvmaKW0zO5eWmuXpRH97JqI2zYIqBuYz_nTjO_xHi4Y-dWJPKX8ZhmjeD-I_Rx5Akuug6xY6
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 button.css
app.dafwidget.com/public/ 3 KB
1 KB 242ms
242ms Stylesheet
text/css 34.193.172.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.dafwidget.com/public/button.css
Requested by: Host: app.dafwidget.com
URL: https://app.dafwidget.com/api/js/source.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.172.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-172-55.compute-1.amazonaws.com
Software: /
Resource Hash: d941abaa1c3e1a6da66e5a4eb0ba6a5e52c910591fc656e5de987e6a96e3a9c4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:58 GMT
content-encoding: gzip
last-modified: Thu, 03 Aug 2023 13:19:28 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
x-cache-hit: 1
accept-ranges: bytes
content-length: 905

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 17ms
15ms XHR
text/plain 142.251.10.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1903231075&t=pageview&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&ul=en-us&de=UTF-8&dt=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiAABBAAAAC~&jid=1640787147&gjid=767793789&cid=1657659349.1704871619&tid=UA-3754388-9&_gid=1988560469.1704871619&_slc=1&gtm=45He4180n81N9KWLLFv832800531&gcd=11l1l1l1l1&dma=0&z=1125054003

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:26:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
356 B 363ms
17ms XHR
text/plain 74.125.130.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3754388-9&cid=1657659349.1704871619&jid=1640787147&gjid=767793789&_gid=1988560469.1704871619&_u=YCDAiAABBAAAAG~&z=1653397340

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 10 Jan 2024 07:26:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
68 B 11ms
11ms XHR
text/plain 142.251.10.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1903231075&t=pageview&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&ul=en-us&de=UTF-8&dt=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCHAiEABBAAAAGAAI~&jid=1436192572&gjid=556541964&cid=1657659349.1704871619&tid=UA-1473340-18&_gid=1988560469.1704871619&_slc=1&gtm=45He4180n81N9KWLLFv832800531&gcd=11l1l1l1l1&dma=0&cd3=USA&cd5=GTM-N9KWLLF_95&cd6=GTM-N9KWLLF&z=960101059

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:26:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
74 B 358ms
17ms XHR
text/plain 74.125.130.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1473340-18&cid=1657659349.1704871619&jid=1436192572&gjid=556541964&_gid=1988560469.1704871619&_u=YCHAiEABBAAAAGAAI~&z=2009459974

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 10 Jan 2024 07:26:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/957115417/ 42 B
327 B 34ms
33ms Image
image/gif 74.125.24.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/957115417/?random=1704871618502&cv=11&fst=1704870000000&bg=ffffff&guid=ON&async=1&gtm=45He4180v832800531&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&frm=0&tiba=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_OgQ2gRDvxEmuIM_Qe1G_7Iil2JqztQ&random=2387069414&rmt_tld=0&ipr=y

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:26:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/957115417/ 42 B
154 B 227ms
20ms Image
image/gif 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/957115417/?random=1704871618502&cv=11&fst=1704870000000&bg=ffffff&guid=ON&async=1&gtm=45He4180v832800531&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&frm=0&tiba=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_OgQ2gRDvxEmuIM_Qe1G_7Iil2JqztQ&random=2387069414&rmt_tld=1&ipr=y

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:26:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 363860773806760 Show response
connect.facebook.net/signals/config/ 362 KB
113 KB 591ms
590ms Script
application/x-javascript 157.240.15.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/363860773806760?v=2.9.139&r=stable&domain=give.unrefugees.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-03-sin6.fbcdn.net

Software

Resource Hash

af42292454173d092a79b1975e419d92f78fc827771cd9c145cf4def1fbde838

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 10 Jan 2024 07:26:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: +OmSfyrz2svCIL0I/rs/eVsyEA8FrwF7Rz7V0ByaNVkbY9YmCc2t9FQtg3AqKw+j6ax6UAFb9+HRG+eBwIDTuA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5612726.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 52ms
51ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5612726.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ba2ecd1923f59d3c6fc4b0b0c14f145208d1bfef21d4cf226ff4d058e1188e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Wed, 10 Jan 2024 07:26:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5103F53D07E748B585C289659938E5AA Ref B: SGEEDGE0421 Ref C: 2024-01-10T07:26:58Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 200 5612726 Show response
www.clarity.ms/tag/uet/ 827 B
1 KB 975ms
535ms Script
application/x-javascript 13.107.213.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5612726
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5612726.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 273002c60ff85b572781bf57fe5a16c2ed6c52973f745c3b821da1cd21dc61f1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: -1
date: Wed, 10 Jan 2024 07:27:00 GMT
x-azure-ref: 20240110T072700Z-dvucspyb412831p3auxdkr29d40000000hd000000000v5x1
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 827
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

OPTIONS
H2 200 /
evnt.byspotify.com/ Frame 0
0 262ms
223ms Preflight 34.111.186.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://evnt.byspotify.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.186.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.186.111.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.unrefugees.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://give.unrefugees.org
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 10 Jan 2024 07:26:59 GMT
via: 1.1 google

POST
H2 200 / Show response
evnt.byspotify.com/ 2 B
97 B 257ms
257ms Fetch
application/json 34.111.186.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://evnt.byspotify.com/
Requested by: Host: pixel.byspotify.com
URL: https://pixel.byspotify.com/ping.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.186.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.186.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json
Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 10 Jan 2024 07:26:59 GMT
via: 1.1 google
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Accept
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 unhcr-visibility-horizontal-blue.svg
give.unrefugees.org/img/ 12 KB
12 KB 212ms
211ms Image
image/svg+xml 44.240.141.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/img/unhcr-visibility-horizontal-blue.svg
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=9.7.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.141.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-141-244.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e9027cbc9f2efbff37e09740f41c16a1ffd89eae8f1555f6a5955d3198d9c31d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/css/index.css?v=9.7.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:59 GMT
cache-control: no-cache
last-modified: Tue, 31 Oct 2017 17:19:01 GMT
accept-ranges: bytes
etag: "4aa739586c52d31:0"
content-length: 12267
content-type: image/svg+xml

GET
H2 200 l
use.typekit.net/af/8e11d4/00000000000000003b9b038c/27/ 19 KB
19 KB 23ms
22ms Font
application/font-woff2 23.62.212.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8e11d4/00000000000000003b9b038c/27/l?subset_id=2&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.212.15 Kuala Lumpur, Malaysia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-62-212-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62c0466b6e78094d8bb9b9fb50f13f3eb39e3be88dce7663ecfbcabde18b64bc

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://give.unrefugees.org
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:59 GMT
server: nginx
etag: "50fb462bb968fa8996b7f205254cfa92e534ea41"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19600

GET
H2 200 l
use.typekit.net/af/219c30/00000000000000003b9b0389/27/ 19 KB
19 KB 21ms
21ms Font
application/font-woff2 23.62.212.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/219c30/00000000000000003b9b0389/27/l?subset_id=2&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.212.15 Kuala Lumpur, Malaysia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-62-212-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 50bfd91bb65762023b74efba030d3212fef8f6261707ba8edb9e4b28d13bb5ed

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://give.unrefugees.org
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:59 GMT
server: nginx
etag: "7c243ed5f8437a6687e49316f96967fcfd3feb05"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19160

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
6 KB 29ms
26ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=give.unrefugees.org&t=xo&v=5.0.418&source=payments_sdk&client_id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&disableSetCookie=true&vault=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

063246c58c78997fa59c4ca4b09e4151c14baeee6e2865e2e2363ded621a3e04

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-0xaTBWb2CV01jIT0pLGItopkfb6iIeBy74mfVD+l6UJ+iEHs' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-0xaTBWb2CV01jIT0pLGItopkfb6iIeBy74mfVD+l6UJ+iEHs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 10 Jan 2024 07:26:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 82946
x-cache: HIT, MISS
paypal-debug-id: f453859e1b84a
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4772
x-xss-protection: 1; mode=block
x-served-by: cache-qpg1279-QPG, cache-qpg1279-QPG
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f453859e1b84a-fd3babaca842fe5d-01
x-timer: S1704871619.071174,VS0,VE14
etag: W/"3668-VexC/SPTcAB2Qn7W5kWv2fnChLI"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 511 KB
204 KB 649ms
14ms Script
text/javascript 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__zh_cn.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

367bfe6624fd43bfc66ab68fe8ca0960120486b21adebd23b05ad85d05375af8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/
Origin: https://give.unrefugees.org
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 07:24:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 208028
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 07:24:53 GMT

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 035C 19 KB
8 KB 260ms
259ms Document
text/html 142.251.175.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgive.unrefugees.org&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f92.1e100.net

Software

ESF /

Resource Hash

73772a71fac175a7d4e7b93f10b764d31e9d8bf0cc0350096c9b09052df599fa

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-UH-v3JmJXoTfAs6CMo5BNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-UH-v3JmJXoTfAs6CMo5BNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 10 Jan 2024 07:26:59 GMT
expires: Wed, 10 Jan 2024 07:26:59 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 204 0
bat.bing.com/action/ 0
360 B 51ms
51ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5612726&tm=gtm002&Ver=2&mid=1ab6a74e-06b0-4756-884e-4135f091b9ad&sid=a3f00860af8911ee85e467d7983dd01c&vid=a3f02db0af8911eeb836b9c2563a1490&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&p=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&r=&lt=4537&evt=pageLoad&sv=1&rn=711546

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 10 Jan 2024 07:26:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A71700567DE6484A89471EB335AD53A7 Ref B: SGEEDGE0421 Ref C: 2024-01-10T07:26:59Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 439ms
13ms Script
application/x-javascript 54.192.150.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-71.sin2.r.cloudfront.net
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:22:06 GMT
content-encoding: gzip
via: 1.1 e1fec368f5b53b4a839d0400d00dede6.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jan 2024 07:21:56 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: SIN2-C1
age: 294
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: NStYIcmm6MFjH3XfeQpIOd-hUlQo9AfcohK-_n08pzlbxrMfE_MZOg==
expires: Wed, 10 Jan 2024 08:22:06 GMT

GET
H/1.1 200
OK event Show response
ad.ipredictive.com/d/track/ Frame 01EC 0
327 B 819ms
209ms Document
text/plain 44.242.13.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ipredictive.com/d/track/event?upid=101374&cache_buster=1704871619&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&val=undefined&tn=undefined&itms=undefined
Requested by: Host: js.ipredictive.com
URL: https://js.ipredictive.com/adelphic_universal_pixel.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.242.13.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-242-13-184.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Connection: keep-alive
Content-Length: 0
Date: Wed, 10 Jan 2024 07:26:59 GMT
X-CI-RTID: 5593dbd8-76af-4316-9852-49a6e926c2a4

GET
H2

200

activityi;dc_pre=CMTRgdql0oMDFYQTewcdvk8ECw;src=4647326;type=unrefcms;cat=donfvis;ord=1615921154219;auiddc=778359041.1704871618;u3=undefined;u2=undefined;gtm=45He4180v832800531;gcd=11l1l1l1l1;dma=0... Show response
4647326.fls.doubleclick.net/ Frame 218E
Redirect Chain

https://4647326.fls.doubleclick.net/activityi;src=4647326;type=unrefcms;cat=donfvis;ord=1615921154219;auiddc=778359041.1704871618;u3=undefined;u2=undefined;gtm=45He4180v832800531;gcd=11l1l1l1l1;dma...
https://4647326.fls.doubleclick.net/activityi;dc_pre=CMTRgdql0oMDFYQTewcdvk8ECw;src=4647326;type=unrefcms;cat=donfvis;ord=1615921154219;auiddc=778359041.1704871618;u3=undefined;u2=undefined;gtm=45H...

538 B
424 B

285ms
284ms

Document
text/html

142.251.175.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4647326.fls.doubleclick.net/activityi;dc_pre=CMTRgdql0oMDFYQTewcdvk8ECw;src=4647326;type=unrefcms;cat=donfvis;ord=1615921154219;auiddc=778359041.1704871618;u3=undefined;u2=undefined;gtm=45He4180v832800531;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f149.1e100.net

Software

cafe /

Resource Hash

d9d55e54f3e18867082c4f8d7751bdce6beebb8e77fcd84bd1719b4ae7fe2d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 314
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 07:26:59 GMT
expires: Wed, 10 Jan 2024 07:26:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 07:26:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://4647326.fls.doubleclick.net/activityi;dc_pre=CMTRgdql0oMDFYQTewcdvk8ECw;src=4647326;type=unrefcms;cat=donfvis;ord=1615921154219;auiddc=778359041.1704871618;u3=undefined;u2=undefined;gtm=45He4180v832800531;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 kds-events-gtm.min.js Show response
storage.cloud.kargo.com/kds/ 17 KB
5 KB 46ms
11ms Script
application/javascript 23.209.46.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.cloud.kargo.com/kds/kds-events-gtm.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.209.46.79 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-209-46-79.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cc0a16b9cc4dc240bcecf6d80b11432787e455e26e7463872da2c343b21976c0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: U1z0Jpsr3q3kzVptMNL2ZrhLJb5hz4jR
content-encoding: gzip
date: Wed, 10 Jan 2024 07:26:59 GMT
x-amz-request-id: H4XQ9EDFZ8FTQ7AD
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
content-length: 4733
x-amz-id-2: UrMzHnR6a3+RwObH61F91LADqNY+UwWBaXYLdhH5JmhzYQSt1AllQ61NRMDlAK7u8fe+TjMRH2k=
last-modified: Wed, 01 Nov 2023 04:29:15 GMT
server: AmazonS3
etag: "69648ffa0e24777fd6c09273c1da6b0e"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1800
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 734ms
23ms Script
application/javascript 103.229.10.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:00 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 17 Jan 2024 07:27:00 GMT

GET
H2

200

beacon
r.turn.com/r/
Redirect Chain

https://20669309p.rfihub.com/ca.gif?rb=9587&ca=20669309&ra=21259077
https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=

43 B
398 B

518ms
102ms

Image
image/gif

50.116.239.135
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Server: 50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 10 Jan 2024 07:27:00 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

Location: https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=
Date: Wed, 10 Jan 2024 07:27:00 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
17 KB 207ms
47ms Script
application/javascript 192.229.232.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=give.unrefugees.org&t=xo&v=5.0.418&source=payments_sdk&client_id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&disableSetCookie=true&vault=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.232.89 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (sgc/56D4) /

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 43f0f4f1652ca
dc: ccg11-origin-www-1.paypal.com
content-length: 16488
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
server: ECAcc (sgc/56D4)
traceparent: 00-000000000000000000043f0f4f1652ca-2fe3a08aaeafd556-01
etag: "64f25363-daa8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 10 Jan 2024 08:27:00 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
505 B 354ms
207ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AZXYADENKNJPZE-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AZXYADENKNJPZE-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3f710125-e254-44cc-ba7e-5d8abc3fb13d&fltp=analytics&mrid=ZXYADENKNJPZE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1704871619148&g=-480&completeurl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&disableSetCookie=true

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 10 Jan 2024 07:27:00 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 7a1456c256f02
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-qpg1266-QPG
pragma: no-cache
correlation-id: 7a1456c256f02
traceparent: 00-00000000000000000007a1456c256f02-2e774bfb75f5e1b8-01
x-timer: S1704871620.355107,VS0,VE191
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 07:27:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 26ms
26ms Image
image/gif 74.125.24.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3754388-9&cid=1657659349.1704871619&jid=1640787147&_u=YCDAiAABBAAAAG~&z=645115858

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:26:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
107 B 80ms
80ms Image
image/gif 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3754388-9&cid=1657659349.1704871619&jid=1640787147&_u=YCDAiAABBAAAAG~&z=645115858

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 26ms
26ms Image
image/gif 74.125.24.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1473340-18&cid=1657659349.1704871619&jid=1436192572&_u=YCHAiEABBAAAAGAAI~&z=1297136183

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:26:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
107 B 79ms
79ms Image
image/gif 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1473340-18&cid=1657659349.1704871619&jid=1436192572&_u=YCHAiEABBAAAAGAAI~&z=1297136183

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh.bf1XCZUSTzY.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 035C 159 KB
57 KB 344ms
11ms Script
text/javascript 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh.bf1XCZUSTzY.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgrjihAMtcqXiJrgE3AnYc1T_XpPg/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgive.unrefugees.org&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

1356525a47387ae2facc8e15a0f3b4af9c88abeec954cdc01a0bf333a0e96349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 21:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57478
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 03:12:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 21:13:04 GMT

POST
H2 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 035C 2 KB
2 KB 115ms
115ms Other
text/html 142.251.175.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.175.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f92.1e100.net
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 10 Jan 2024 07:26:59 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 10095779.json Show response
s.yimg.com/wi/config/ 2 B
515 B 1445ms
1089ms XHR
application/json 106.10.236.40
YAHOO-SG3 interne...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10095779.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

106.10.236.40 Singapore, Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),

Reverse DNS

o2.ycpi.vip.sg3.yahoo.com

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: GG6SRDBX98ZJV1EP
age: 3
content-length: 22
x-amz-id-2: XCNxlmr5JcFcXAnzMePPHVHjXCL+vBsQ+S2C+d/wy3wkbMmwmPZp6FaVqO2ZDK0P6z729PGuaWBfVI3qMRp6GQN+ObATAT15U04F6Nw5OwU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 2587217788243604 Show response
connect.facebook.net/signals/config/ 130 KB
34 KB 240ms
240ms Script
application/x-javascript 157.240.15.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2587217788243604?v=2.9.139&r=stable&domain=give.unrefugees.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-03-sin6.fbcdn.net

Software

Resource Hash

67907ba1c747d97bedea8f75096503111143004f8e369c46f55e36f8d73a7dc2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 10 Jan 2024 07:26:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 3GVq+V2AqqfQ/hTqCvZsgoAYpwwC9QC5SKhG3tUfC8bfIZnHamUuTbPv/tMfBlEgxhg9N/zEjSnmjxm3KIPnzw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 8c05b4348610338c51bc4e47bbb97a3b23b0f2cc4c16de44f36a8705349963a3 Show response
lyibja.unrefugees.org/events/ 0
166 B 711ms
246ms XHR
text/plain 52.25.243.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lyibja.unrefugees.org/events/8c05b4348610338c51bc4e47bbb97a3b23b0f2cc4c16de44f36a8705349963a3

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/363860773806760?v=2.9.139&r=stable&domain=give.unrefugees.org

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.25.243.35 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-243-35.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://give.unrefugees.org
date: Wed, 10 Jan 2024 07:27:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 362ms
14ms Image
text/plain 157.240.7.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=363860773806760&ev=PageView&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&rl=&if=false&ts=1704871619569&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704871619566.1995413694&eid=ob3_plugin-set_5b3b23374ef6382375a3e822f8e3da36c8c7b8f076300dc52ca84a58e0a10c4c&ler=empty&it=1704871618900&coo=false&rqm=GET

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 10 Jan 2024 07:27:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 dc_pre=CMTRgdql0oMDFYQTewcdvk8ECw;src=4647326;type=unrefcms;cat=donfvis;ord=1615921154219;auiddc=*;u3=undefined;u2=undefined;gtm=45He4180v832800531;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=...
adservice.google.com/ddm/fls/z/ Frame 218E 42 B
107 B 113ms
112ms Image
image/gif 142.251.175.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMTRgdql0oMDFYQTewcdvk8ECw;src=4647326;type=unrefcms;cat=donfvis;ord=1615921154219;auiddc=*;u3=undefined;u2=undefined;gtm=45He4180v832800531;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F

Requested by

Host: 4647326.fls.doubleclick.net
URL: https://4647326.fls.doubleclick.net/activityi;dc_pre=CMTRgdql0oMDFYQTewcdvk8ECw;src=4647326;type=unrefcms;cat=donfvis;ord=1615921154219;auiddc=778359041.1704871618;u3=undefined;u2=undefined;gtm=45He4180v832800531;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://4647326.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:26:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh.bf1XCZUSTzY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGe... Frame 035C 74 KB
27 KB 12ms
12ms Script
text/javascript 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh.bf1XCZUSTzY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGeBOJ00.L.B1.O/am=gEEY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrg8-zo4OzEgBrQNGhe_4fcc6l3n2A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh.bf1XCZUSTzY.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgrjihAMtcqXiJrgE3AnYc1T_XpPg/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

192c4df056a2a86da1850775fa915d06b2ce2cd3e84a468d355209a615bb34d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 21:25:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27587
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 04:21:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 21:25:50 GMT

GET
H2 200 pay Show response
pay.google.com/gp/p/ui/ Frame 035C 1 MB
378 KB 80ms
79ms XHR
text/html 142.251.175.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f92.1e100.net

Software

ESF /

Resource Hash

1e3b8eb71a2c62b756a0fe39d6300910f8b48ed472d50a3cdaeefdcf62bac1bd

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-j6VAygjKa4tyKXGm-nNDSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:26:59 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-j6VAygjKa4tyKXGm-nNDSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 10 Jan 2024 07:26:59 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh.bf1XCZUSTzY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGe... Frame 035C 9 KB
4 KB 11ms
11ms Script
text/javascript 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh.bf1XCZUSTzY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGeBOJ00.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrg8-zo4OzEgBrQNGhe_4fcc6l3n2A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

b5d2d26b6ad7e80a51b7ac6e808a6de3b09969a85918bf016f374cbde728e61d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 21:25:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3744
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 04:21:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 21:25:50 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh.bf1XCZUSTzY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGe... Frame 035C 37 KB
14 KB 14ms
14ms Script
text/javascript 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh.bf1XCZUSTzY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGeBOJ00.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrg8-zo4OzEgBrQNGhe_4fcc6l3n2A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

e97405925dab56a870e5827a77ef6b38b3c5f5ae2d9532c5abf22c5bd553d431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 21:25:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14290
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 04:21:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 21:25:50 GMT

POST
H2 200 log Show response
play.google.com/ Frame 035C 131 B
420 B 709ms
91ms XHR
text/plain 74.125.130.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f101.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 10 Jan 2024 07:27:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Jan 2024 07:27:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 509ms
127ms Preflight
text/plain 74.125.130.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f101.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 10 Jan 2024 07:27:00 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 035C 131 B
421 B 710ms
91ms XHR
text/plain 74.125.130.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f101.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 10 Jan 2024 07:27:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Jan 2024 07:27:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 507ms
127ms Preflight
text/plain 74.125.130.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f101.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 10 Jan 2024 07:27:00 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 035C 131 B
722 B 753ms
81ms XHR
text/plain 74.125.130.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f101.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 10 Jan 2024 07:27:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Jan 2024 07:27:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 455ms
76ms Preflight
text/plain 74.125.130.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f101.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 10 Jan 2024 07:27:00 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 035C 131 B
419 B 756ms
85ms XHR
text/plain 74.125.130.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f101.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 10 Jan 2024 07:27:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Jan 2024 07:27:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 454ms
76ms Preflight
text/plain 74.125.130.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f101.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 10 Jan 2024 07:27:00 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 035C 131 B
419 B 728ms
112ms XHR
text/plain 74.125.130.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f101.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 10 Jan 2024 07:27:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Jan 2024 07:27:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 505ms
128ms Preflight
text/plain 74.125.130.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f101.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 10 Jan 2024 07:27:00 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 035C 131 B
418 B 699ms
82ms XHR
text/plain 74.125.130.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f101.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 10 Jan 2024 07:27:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Jan 2024 07:27:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 503ms
127ms Preflight
text/plain 74.125.130.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f101.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 10 Jan 2024 07:27:00 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 176ms
14ms Image
text/plain 157.240.7.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2587217788243604&ev=PageView&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&rl=&if=false&ts=1704871619848&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704871619566.1995413694&ler=empty&it=1704871618900&coo=false&rqm=GET

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 10 Jan 2024 07:27:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK is Show response
35.85.84.151/ 32 B
437 B 866ms
218ms Fetch
text/plain 35.85.84.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://35.85.84.151/is
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=35855&tdr=&plh=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&cb=75939306828179970term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.85.84.151 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-84-151.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 0e3110d75d3617b90426d7f9adec14a43968f4fbb8063f25c10dacd80c7b4b39

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 32
x-application-context: application:prod:8080

GET
H2 403 Kargo.json Show response
storage.cloud.kargo.com/kds/configs/ 255 B
647 B 1096ms
1010ms Fetch
application/xml 23.209.46.79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.cloud.kargo.com/kds/configs/Kargo.json
Requested by: Host: storage.cloud.kargo.com
URL: https://storage.cloud.kargo.com/kds/kds-events-gtm.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.209.46.79 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-209-46-79.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0f0558ede1e4c3ec700e0c2220185ccc70931690ad1915f5774891cf587a5443

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:01 GMT
server: AmazonS3
x-amz-request-id: GG6SR6GVGDHY6W8A
access-control-max-age: 3000
access-control-allow-methods: GET,POST
content-type: application/xml
access-control-allow-origin: https://give.unrefugees.org
cache-control: max-age=1800
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 255
x-amz-id-2: Jbi9hUClMBW1Vx6gqo9CXVNr6XWgJ1rG2yX16vOrwo6agmdxazYQrcm8v54l5LzJcRl8PYXvI4aIzTfgzc0Nsg==

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 6C6E 55 KB
17 KB 71ms
71ms Document
text/html 192.229.232.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.232.89 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (sgc/56C0) /

Resource Hash

7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16892
content-type: text/html
date: Wed, 10 Jan 2024 07:27:00 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "64f25363-dacc"
expires: Wed, 10 Jan 2024 08:27:00 GMT
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id: 6f0fcdf0f1ab3
server: ECAcc (sgc/56C0)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000006f0fcdf0f1ab3-9913015a6ec00b94-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame 6C6E 18 B
210 B 266ms
266ms Fetch
application/javascript 192.229.232.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.232.89 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (sgc/56D9) /

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
paypal-debug-id: b9d464a70e815
dc: ccg11-origin-www-1.paypal.com
content-length: 18
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
server: ECAcc (sgc/56D9)
traceparent: 00-0000000000000000000b9d464a70e815-6e67e049b5a30c0e-01
etag: "60271cd0-12"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 10 Jan 2024 07:26:59 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
166 B 236ms
235ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AZXYADENKNJPZE-1&page=muse%3Aoffer%3A%3A%3AZXYADENKNJPZE-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3f710125-e254-44cc-ba7e-5d8abc3fb13d&es=visitorInfoFlowStarted&mrid=ZXYADENKNJPZE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1704871620322&g=-480&completeurl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&disableSetCookie=true

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 10 Jan 2024 07:27:00 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 6e611865af843
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-qpg1266-QPG
pragma: no-cache
correlation-id: 6e611865af843
traceparent: 00-00000000000000000006e611865af843-b7d800c3ed2e1e9b-01
x-timer: S1704871621.568247,VS0,VE215
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 07:27:00 GMT

GET
H/1.1 200
OK ca.html Show response
20826429p.rfihub.com/ Frame 476C 5 KB
6 KB 762ms
214ms Document
text/html 198.8.71.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&pf=&ra=1614082862755979
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.8.71.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: df27560e9b6c231480a8661b4c76e1b73d35f691528fbe3bdff3ba2cdc7e24ed

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 4943
Content-Type: text/html;charset=utf-8
Date: Wed, 10 Jan 2024 07:27:01 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1 200
OK ca.html Show response
20826429p.rfihub.com/ Frame 54C6 5 KB
6 KB 883ms
369ms Document
text/html 198.8.71.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&pf=&ra=3230783087017206
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.8.71.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 98c633b9dcc18c1f957191f2704f46525ab7c6be5c15f08c4e8dc3ba16488522

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 4943
Content-Type: text/html;charset=utf-8
Date: Wed, 10 Jan 2024 07:27:01 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1 200
OK ca.html Show response
20826430p.rfihub.com/ Frame B927 5 KB
6 KB 792ms
385ms Document
text/html 198.8.71.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20826430p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826430&_o=9587&_t=20826430&pe=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&pf=&ra=19114342845878896
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.8.71.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: b3d12dd3994a7bc913d4101a9cb504ad628972234aabe749ee8c39f7ffb2d713

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 4943
Content-Type: text/html;charset=utf-8
Date: Wed, 10 Jan 2024 07:27:01 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 6C6E 440 B
2 KB 335ms
335ms Fetch
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

470fcaf54282eb95b042afde8ec10b0bc01d772f6a697815e53e146dadc0311a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-P7T/kljAolba3cSECgFU4ghF2AGi716mY0Oezbu8/1MtnI3S' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
disable-set-cookie: true
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-P7T/kljAolba3cSECgFU4ghF2AGi716mY0Oezbu8/1MtnI3S' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 10 Jan 2024 07:27:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f280671673c29
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-qpg1279-QPG, cache-qpg1279-QPG
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f280671673c29-8a828e9d78a79d89-01
x-timer: S1704871621.903714,VS0,VE321
etag: W/"1b8-yXk5JpAyFYvlMGiJP1H/R/mhsaU"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 297ms
231ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,disable-set-cookie
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,disable-set-cookie
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 10 Jan 2024 07:27:00 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f280671d1fcee
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f280671d1fcee-55e3e1e1dd3ce0d8-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-qpg1257-QPG, cache-qpg1257-QPG
x-timer: S1704871621.672290,VS0,VE209

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 017D 42 KB
27 KB 39ms
38ms Document
text/html 74.125.24.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=zh-CN&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=jvpb1efai2ri

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__zh_cn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f105.1e100.net

Software

GSE /

Resource Hash

2a3323e171be680f989a11abfc0b8a73618c6b66f58ea011c3bf8092d82f80c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IoefHogpp36FkAhFNN9eJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-IoefHogpp36FkAhFNN9eJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 07:27:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 rules-p-SLcBYqRUU3yLq.js Show response
rules.quantcount.com/ 2 KB
1 KB 362ms
15ms Script
application/javascript 13.33.33.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-SLcBYqRUU3yLq.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-78.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f2e256cb560023d729b4581ba94e88cedce352fc2cbcbb60e3232a5859d4793

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:11:15 GMT
content-encoding: gzip
via: 1.1 efb1b7f3f8c49c642a3c171f148004fe.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 946
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:22:26 GMT
server: AmazonS3
etag: W/"291bda9609975bc4fbca3a725bc18ab7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: NW7cMwzA5MShryiiCzmJJmUFQ4g3hXTcmE_PHfYcJ90vNURuS4CLyg==

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 017D 55 KB
24 KB 18ms
15ms Stylesheet
text/css 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=zh-CN&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=jvpb1efai2ri

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:20:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 19:20:06 GMT

GET
H2 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 017D 511 KB
203 KB 19ms
16ms Script
text/javascript 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__zh_cn.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

367bfe6624fd43bfc66ab68fe8ca0960120486b21adebd23b05ad85d05375af8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 07:24:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 208028
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 07:24:53 GMT

GET
H2 200 SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js Show response
www.google.com/js/bg/ Frame 017D 17 KB
7 KB 13ms
12ms Script
text/javascript 74.125.24.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__zh_cn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f105.1e100.net

Software

sffe /

Resource Hash

487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=zh-CN&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=jvpb1efai2ri
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:57:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 566966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6849
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 17:57:34 GMT

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame 017D 105 B
212 B 13ms
13ms Other
text/javascript 74.125.24.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=zh-CN&v=u-xcq3POCWFlCr3x8_IPxgPu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f105.1e100.net

Software

GSE /

Resource Hash

f19cc290fd41fdec38c7716a5cba8c52d04bab97e1f2b0febee657eabdd23c16

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=zh-CN&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=jvpb1efai2ri
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 10 Jan 2024 07:27:00 GMT

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
2 KB 963ms
221ms Script
application/javascript 44.235.191.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=UA-3754388-3&ga_client_id=1657659349.1704871619&shpt=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-3754388-3%22%2C%22ga_client_id%22%3A%221657659349.1704871619%22%2C%22shpt%22%3A%22Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR%22%2C%22dcm_cid%22%3A%221704871618.1%22%2C%22dcm_gid%22%3A%221988560469.1704871619%22%2C%22mntnis%22%3A%22klyyh%2BG5mj%2B4%2F1M%2BEEPr48THgmnyn4vs%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1704871618.1&dcm_gid=1988560469.1704871619&available_ga=%5B%7B%22id%22%3A%22G-EVDQTJ4LMY%22%2C%22sess_id%22%3A%221704871618%22%7D%2C%7B%22id%22%3A%22G-P9YZZV758Y%22%2C%22sess_id%22%3A%221704871618%22%7D%2C%7B%22id%22%3A%22UA-1473340-18%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22UA-3754388-9%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=UA-3754388-3&dxver=4.0.0&shaid=35855&plh=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&cb=75939306828179970term%3Dvalue&shadditional=sh_conversion%3DSHBLOCK%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=35855&tdr=&plh=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&cb=75939306828179970term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.235.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-191-156.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: c63a5162d2cd0e76b4d04be3cf3f71bad58f6a4bc8b73d7dd72b647502213218

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:01 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 3
connection: close

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 20ms
18ms Script
application/javascript 13.107.213.59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5612726
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:00 GMT
content-encoding: br
last-modified: Mon, 08 Jan 2024 12:01:53 GMT
etag: W/"0x8DC10419AF46081"
vary: Accept-Encoding
x-azure-ref: 20240110T072700Z-dvucspyb412831p3auxdkr29d40000000hd000000000v5ze
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 5a6082e2-d01e-0027-7f5d-42391f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 1113ms
39ms Image
image/gif 106.10.236.146
YAHOO-SG3 interne...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2010%20Jan%202024%2007%3A27%3A00%20GMT&n=-8&b=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&.yp=10095779&f=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

106.10.236.146 Singapore, Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),

Reverse DNS

spdc.pbp.vip.sg3.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Wed, 10 Jan 2024 07:27:02 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
246 B 1113ms
40ms Image
image/gif 106.10.236.146
YAHOO-SG3 interne...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&.yp=10095779&f=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&enc=UTF-8&yv=1.15.1&et=custom&ec=pageview&ea=donation_form_visit&tagmgr=gtm

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

106.10.236.146 Singapore, Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),

Reverse DNS

spdc.pbp.vip.sg3.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Wed, 10 Jan 2024 07:27:02 GMT

POST
H2 200 / Show response
atr.veritonicmetrics.com/ 13 B
133 B 543ms
542ms XHR
application/json 107.23.165.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://atr.veritonicmetrics.com/
Requested by: Host: cdn.veritonic.com
URL: https://cdn.veritonic.com/static/vpr.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.165.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-165-60.compute-1.amazonaws.com
Software: /
Resource Hash: b232b740e35e175a9a671a7695fc317efc0d86304efd2733f0f8d70105c744c9

Request headers

Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 10 Jan 2024 07:27:02 GMT
content-length: 13
apigw-requestid: RT__DjYjIAMEJXw=
content-type: application/json

OPTIONS
H2 200 /
atr.veritonicmetrics.com/ Frame 0
0 1011ms
274ms Preflight
application/json 107.23.165.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://atr.veritonicmetrics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.165.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-165-60.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.unrefugees.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS,POST
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: RT_-9iCfIAMEJEg=
content-length: 13
content-type: application/json
date: Wed, 10 Jan 2024 07:27:01 GMT

GET
H2 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 2BA1 7 KB
1 KB 15ms
14ms Document
text/html 74.125.24.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__zh_cn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f105.1e100.net

Software

GSE /

Resource Hash

5fd02602839f10db9b16c0765cef41d103b484a1d639d0ed417d91e18cd27751

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ro7Ld125S3Qss32Q-w0S9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ro7Ld125S3Qss32Q-w0S9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 07:27:01 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
299 B 953ms
256ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://give.unrefugees.org
Date: Wed, 10 Jan 2024 07:27:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 2BA1 55 KB
24 KB 12ms
11ms Stylesheet
text/css 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:20:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 19:20:06 GMT

GET
H2 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 2BA1 511 KB
203 KB 17ms
17ms Script
text/javascript 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__zh_cn.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

367bfe6624fd43bfc66ab68fe8ca0960120486b21adebd23b05ad85d05375af8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 07:24:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 208028
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 07:24:53 GMT

GET
H2 200 pixel;r=1402903237;labels=_fp.event.Donation%20Landing%20Page%2C_fp.customer.undefined;rf=0;a=p-SLcBYqRUU3yLq;url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F;uht=2;fpan=1;fpa=P0...
pixel.quantserve.com/ 35 B
371 B 98ms
18ms Image
image/gif 103.229.10.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1402903237;labels=_fp.event.Donation%20Landing%20Page%2C_fp.customer.undefined;rf=0;a=p-SLcBYqRUU3yLq;url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F;uht=2;fpan=1;fpa=P0-1268859197-1704871620692;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=unrefugees.org;dst=0;et=1704871621085;tzo=-480;ogl=title.Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR%2Ctype.website%2Curl.https%3A%2F%2Fgive%252Eunrefugees%252Eorg%2F180117core_mainpg_p_3000%2F%2Cimage.https%3A%2F%2Fcdn%252Eunrefugees%252Eorg%2Fu4uforms2020%2Fmedia%2Fmaqbu5rj%2Fmonthly-og-rf1224300x1200%2Cdescription.More%20than%20100%20million%20people%20worldwide%20have%20been%20forced%20from%20their%20homes%20to%20esca;ses=e6860631-914e-472b-915a-c7eacd13f96c;mdl=

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 e7e3384a-3c0f-493d-8764-378bcf272be3 Show response
crb.kargo.com/api/v1/initsync/ Frame 2E35 436 B
662 B 154ms
37ms Document
text/html 3.0.109.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://crb.kargo.com/api/v1/initsync/e7e3384a-3c0f-493d-8764-378bcf272be3?partners=Tapad&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by: Host: storage.cloud.kargo.com
URL: https://storage.cloud.kargo.com/kds/kds-events-gtm.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.0.109.64 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-109-64.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: c66b7e03bcee850f749dbb96fcddad1f21bad2c8a7264537b88a102b4e275840

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-encoding: gzip
content-length: 317
content-type: text/html; charset=UTF-8
date: Wed, 10 Jan 2024 07:27:01 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
vary: Origin
x-accel-expires: 0

POST
H/1.1 200
OK v1
kds-pixel.kargo.com/api/ 43 B
566 B 867ms
200ms Ping
image/gif 50.18.149.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kds-pixel.kargo.com/api/v1?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by: Host: storage.cloud.kargo.com
URL: https://storage.cloud.kargo.com/kds/kds-events-gtm.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.18.149.54 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-18-149-54.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
X-Accel-Expires: 0
Date: Wed, 10 Jan 2024 07:27:01 GMT
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H/1.1 200
OK v1
kds-pixel.kargo.com/api/ 43 B
566 B 915ms
207ms Ping
image/gif 50.18.149.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kds-pixel.kargo.com/api/v1?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by: Host: storage.cloud.kargo.com
URL: https://storage.cloud.kargo.com/kds/kds-events-gtm.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.18.149.54 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-18-149-54.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
X-Accel-Expires: 0
Date: Wed, 10 Jan 2024 07:27:01 GMT
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3

200

52154.gif
idsync.rlcdn.com/ Frame 476C
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1917759400169906056&referrer=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=3974e228-b36c-4181-a9a2-13ae9b72028b%3A1704871621.6818504&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D3974e228-b36c-4181-a9a2-13ae9b7...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069215&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D3974e228-b36c-4181-a9...
https://idsync.rlcdn.com/501709.gif?partner_uid=3974e228-b36c-4181-a9a2-13ae9b72028b%3A1704871621.6818504&_=1704871621.6830409
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=8984362547217952026

42 B
60 B

257ms
257ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=8984362547217952026
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:03 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:02 GMT
an-x-request-uuid: 0a30aea9-5213-4531-ba3a-c1df3899a3b5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=8984362547217952026
x-proxy-origin: 39.109.224.42; 39.109.224.42; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

480429.gif
idsync.rlcdn.com/ Frame 476C
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTkxNzc1OTQwMDE2OTkwNjA1Ng==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEHTejuuAUVpJ59j4Nc3Am0g&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069215&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=6d8a0413-1f53-4c47-a56b-2faae4f9720b%3A1704871622.052399&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D6d8a0413-1f53-4c47-a56b-2faae4f9...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069215&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D6d8a0413-1f53-4c47-a5...
https://idsync.rlcdn.com/501709.gif?partner_uid=6d8a0413-1f53-4c47-a56b-2faae4f9720b%3A1704871622.052399&_=1704871622.0551054
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=lvr18
https://cookie-matching.mediarithmics.com/v1/get_or_create?domid=1052
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx&google_gid=CAESEAxXkSsOP7ugbeMsKTzxgQA&google_cver=1
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEAxXkSsOP7ugbeMsKTzxgQA&action=GET_ID&etid=&domid=1052
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8984362547217952026&opid=apx&ops=&utidl=tech:goo:CAESEAxXkSsOP7ugbeMsKTzxgQA&action=GET_ID&etid=&domid=1052
https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A67705016072

42 B
60 B

253ms
252ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A67705016072
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:05 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A67705016072
date: Wed, 10 Jan 2024 07:27:05 GMT
strict-transport-security: max-age=63072000;includeSubDomains;preload
content-length: 0

GET
H2

200

bounce
ib.adnxs.com/ Frame 476C
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=1917759400169906056
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1917759400169906056

43 B
1 KB

37ms
36ms

Image
image/gif

103.43.90.117
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1917759400169906056

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Server

103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
an-x-request-uuid: 0053d86a-6bec-47b3-9431-ee195987c76f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 39.109.224.42; 39.109.224.42; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
an-x-request-uuid: b8df4909-ed77-4930-9965-d1f41ff5984d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1917759400169906056
cache-control: no-store, no-cache, private
x-proxy-origin: 39.109.224.42; 39.109.224.42; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 476C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1917759400169906056&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1917759400169906056&redir=

42 B
717 B

437ms
436ms

Image
image/gif

52.40.168.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1917759400169906056&redir=

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Server

52.40.168.36 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-168-36.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

dcs: dcs-prod-usw2-1-v050-0278bc5b0.edge-usw2.demdex.com 4 ms
pragma: no-cache
date: Wed, 10 Jan 2024 07:27:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: F/KsHwxCQtE=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-usw2-2-v050-06bab71ca.edge-usw2.demdex.com 0 ms
pragma: no-cache
date: Wed, 10 Jan 2024 07:27:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: uChMN+C0RnI=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1917759400169906056&redir=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 476C 42 B
273 B 122ms
25ms Image
image/gif 67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=1917759400169906056&r=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 10 Jan 2024 07:27:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 476C
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537073062&val=1917759400169906056&r=
https://us-u.openx.net/w/1.0/sd?cc=1&id=537073062&val=1917759400169906056&r=

43 B
171 B

32ms
32ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537073062&val=1917759400169906056&r=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537073062&val=1917759400169906056&r=
date: Wed, 10 Jan 2024 07:27:01 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame 476C
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=1917759400169906056&bid=omt9pi0
https://ps.eyeota.net/match/bounce/?uid=1917759400169906056&bid=omt9pi0

70 B
440 B

46ms
33ms

Image
image/gif

54.251.140.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=1917759400169906056&bid=omt9pi0
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: HTTP/1.1
Server: 54.251.140.206 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 10 Jan 2024 07:27:01 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=1917759400169906056&bid=omt9pi0
Date: Wed, 10 Jan 2024 07:27:01 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 cksync.php
contextual.media.net/ Frame 476C 57 B
643 B 282ms
60ms Image
image/gif 104.83.196.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=1917759400169906056

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-83-196-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 07:27:01 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Wed, 10 Jan 2024 07:27:01 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 476C 43 B
108 B 1080ms
310ms Image
image/gif 44.213.136.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=1917759400169906056
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.213.136.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-213-136-134.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:02 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 476C
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1917759400169906056&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1917759400169906056&forward=&C=1

43 B
337 B

51ms
48ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1917759400169906056&forward=&C=1
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvNBti7H0q2PhhGxHWGnubelIwcuM1%2FgH7%2FQ5fO72oeyZytLsRomQbPCr9NWQdhXZQMmm6%2Fqdtl2vERAp8iPI3A2RmCnkIRZGMYmqfK8GCDK3kN309xwY6bImKEcCtb5N4CVcUPmZLy47w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 843331f0fc584d9f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfMm5XprIFadxUFMdIzrmM3V6VjfcXDPMus7xKhklMsC7rE7%2F4CEK9IZcpCpvE0y8aGfjTvqtUfBCVfAtGircpHN7lsKNePVR8uJQ8SO4BLmyrBlmjHRDM%2BievTj15Yi7heDmVC5q9lPjw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=57&external_user_id=1917759400169906056&forward=&C=1
cache-control: no-cache
cf-ray: 843331f0bbef4d9f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame 476C 42 B
441 B 368ms
238ms Image
image/gif 35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=1917759400169906056
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:01 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 476C 43 B
182 B 407ms
244ms Image
image/gif 23.207.181.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=1917759400169906056

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.181.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-181-216.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 10 Jan 2024 07:27:01 GMT
pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H2 200 sync
partners.tremorhub.com/ Frame 476C 43 B
174 B 1279ms
245ms Image
image/gif 3.230.219.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=1917759400169906056&r=WdQHUyBw5H0U
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.219.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-219-56.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 10 Jan 2024 07:27:02 GMT
server: nginx
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 476C 43 B
376 B 393ms
87ms Image
image/gif 18.176.187.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=1917759400169906056
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.176.187.153 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-187-153.ap-northeast-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 476C 0
337 B 732ms
218ms Image
text/plain 44.229.92.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1917759400169906056
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.92.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-92-118.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-served-by: beacon-n004-pdx-prod.krxd.net
date: Wed, 10 Jan 2024 07:27:01 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1704871621
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 476C
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=1917759400169906056&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1917759400169906056&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}

43 B
510 B

100ms
99ms

Image
image/gif

35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1917759400169906056&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: HTTP/1.1
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 07:27:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1917759400169906056&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Date: Wed, 10 Jan 2024 07:27:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 476C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZZ5GxQANaxK5xQBH
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZ5GxQANaxK5xQBH&_test=ZZ5GxQANaxK5xQBH

42 B
970 B

248ms
208ms

Image
image/gif

198.8.71.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZ5GxQANaxK5xQBH&_test=ZZ5GxQANaxK5xQBH
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: HTTP/1.1
Server: 198.8.71.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 10 Jan 2024 07:27:01 GMT
Cache-Control: no-cache
Server: Jetty(9.4.51.v20230217)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-qpg1260-QPG
pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1704871622.747779,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZ5GxQANaxK5xQBH&_test=ZZ5GxQANaxK5xQBH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
299 B 1048ms
478ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://give.unrefugees.org
Date: Wed, 10 Jan 2024 07:27:02 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame B927
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=1977432095907069215&bid=omt9pi0
https://ps.eyeota.net/match/bounce/?uid=1977432095907069215&bid=omt9pi0

70 B
440 B

33ms
24ms

Image
image/gif

54.251.140.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=1977432095907069215&bid=omt9pi0
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: HTTP/1.1
Server: 54.251.140.206 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 10 Jan 2024 07:27:01 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=1977432095907069215&bid=omt9pi0
Date: Wed, 10 Jan 2024 07:27:01 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame B927
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZZ5GxQANapVykwBU
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZ5GxQANapVykwBU&_test=ZZ5GxQANapVykwBU

42 B
974 B

208ms
204ms

Image
image/gif

198.8.71.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZ5GxQANapVykwBU&_test=ZZ5GxQANapVykwBU
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: HTTP/1.1
Server: 198.8.71.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 10 Jan 2024 07:27:01 GMT
Cache-Control: no-cache
Server: Jetty(9.4.51.v20230217)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-qpg1260-QPG
pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1704871622.778366,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZ5GxQANapVykwBU&_test=ZZ5GxQANapVykwBU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame B927
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069215&referrer=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=57cc3881-b3a4-4877-a264-b12e5c863b0d%3A1704871621.6821756&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D57cc3881-b3a4-4877-a264-b12e5c8...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069215&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D57cc3881-b3a4-4877-a2...
https://idsync.rlcdn.com/501709.gif?partner_uid=57cc3881-b3a4-4877-a264-b12e5c863b0d%3A1704871621.6821756&_=1704871621.683343
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGmkeQj7kiBPu7yVOy72PtI&google_cver=1

42 B
60 B

271ms
271ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGmkeQj7kiBPu7yVOy72PtI&google_cver=1
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:02 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGmkeQj7kiBPu7yVOy72PtI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

52154.gif
idsync.rlcdn.com/ Frame B927
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTk3NzQzMjA5NTkwNzA2OTIxNQ==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEHTejuuAUVpJ59j4Nc3Am0g&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069215&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=66079f0d-2d32-458c-b888-65f04efbefad%3A1704871622.0526054&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D66079f0d-2d32-458c-b888-65f04ef...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069215&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D66079f0d-2d32-458c-b8...
https://idsync.rlcdn.com/501709.gif?partner_uid=66079f0d-2d32-458c-b888-65f04efbefad%3A1704871622.0526054&_=1704871622.0539322
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=8984362547217952026

42 B
60 B

225ms
225ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=8984362547217952026
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:03 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:03 GMT
an-x-request-uuid: 0760c7e3-4bd6-4b37-ad0b-d506ff29e7a8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=8984362547217952026
x-proxy-origin: 39.109.224.42; 39.109.224.42; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame B927
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=1977432095907069215
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1977432095907069215

43 B
1 KB

30ms
30ms

Image
image/gif

103.43.90.117
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1977432095907069215

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Server

103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
an-x-request-uuid: de11284c-7929-4822-b835-94930277929b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 39.109.224.42; 39.109.224.42; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
an-x-request-uuid: 63b679b7-bc86-47a4-9dd3-51f642e05db6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1977432095907069215
cache-control: no-store, no-cache, private
x-proxy-origin: 39.109.224.42; 39.109.224.42; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame B927
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1977432095907069215&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1977432095907069215&redir=

42 B
716 B

440ms
440ms

Image
image/gif

52.40.168.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1977432095907069215&redir=

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Server

52.40.168.36 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-168-36.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

dcs: dcs-prod-usw2-2-v050-0d5ff5902.edge-usw2.demdex.com 2 ms
pragma: no-cache
date: Wed, 10 Jan 2024 07:27:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: W+bJ9Yt1QcM=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-usw2-1-v050-07675a7c3.edge-usw2.demdex.com 0 ms
pragma: no-cache
date: Wed, 10 Jan 2024 07:27:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: N5KIqDhfS5w=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1977432095907069215&redir=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame B927 42 B
423 B 97ms
24ms Image
image/gif 67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=1977432095907069215&r=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 10 Jan 2024 03:08:06 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B927
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537073062&val=1977432095907069215&r=
https://us-u.openx.net/w/1.0/sd?cc=1&id=537073062&val=1977432095907069215&r=

43 B
97 B

33ms
32ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537073062&val=1977432095907069215&r=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537073062&val=1977432095907069215&r=
date: Wed, 10 Jan 2024 07:27:01 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 cksync.php
contextual.media.net/ Frame B927 57 B
643 B 257ms
61ms Image
image/gif 104.83.196.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=1977432095907069215

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-83-196-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 07:27:01 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Wed, 10 Jan 2024 07:27:01 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame B927 43 B
109 B 1046ms
301ms Image
image/gif 44.213.136.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=1977432095907069215
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.213.136.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-213-136-134.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:02 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame B927
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1977432095907069215&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1977432095907069215&forward=&C=1

43 B
336 B

57ms
56ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1977432095907069215&forward=&C=1
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1z6wb%2FZRmV1%2BK%2BD8tvY%2BiyLHbdd%2BWXd5tSRjTvwU8vdzR8hdqQ0Q4nn1SEPgxkyIGnvExBi1n6R%2BtdbTR%2Bh4f9iGzLJOxsEYJZx%2B9Z52egrCEgGAayzAaZoVrl%2F7LUhzrEVXM48ZKIFSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 843331f12c924d9f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GhbBvdppWMO0%2BW4rMAlJnBAvTx%2F161neMTDTYQaq8ocQu2eTlpl13Q1P4dqB2X52gYR1RXgRW7ym2Cu%2BmkuB83BHaf2qNpOy6obhj8tolLUuwmWiIgYMgh3JXAkdroa0oviayFlj%2FJeLVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=57&external_user_id=1977432095907069215&forward=&C=1
cache-control: no-cache
cf-ray: 843331f0bbf24d9f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame B927 42 B
277 B 247ms
239ms Image
image/gif 35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=1977432095907069215
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:01 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame B927 43 B
182 B 402ms
243ms Image
image/gif 23.207.181.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=1977432095907069215

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.181.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-181-216.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 10 Jan 2024 07:27:01 GMT
pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H2 200 sync
partners.tremorhub.com/ Frame B927 43 B
175 B 1267ms
244ms Image
image/gif 3.230.219.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=1977432095907069215&r=Rc6YE0l3x_ly
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.219.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-219-56.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 10 Jan 2024 07:27:02 GMT
server: nginx
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame B927 43 B
376 B 360ms
88ms Image
image/gif 18.176.187.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=1977432095907069215
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.176.187.153 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-187-153.ap-northeast-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame B927 0
336 B 550ms
219ms Image
text/plain 44.229.92.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1977432095907069215
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.92.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-92-118.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-served-by: beacon-n002-pdx-prod.krxd.net
date: Wed, 10 Jan 2024 07:27:01 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1704871621
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame B927
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=1977432095907069215&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1977432095907069215&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}

43 B
510 B

90ms
89ms

Image
image/gif

35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1977432095907069215&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: HTTP/1.1
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 07:27:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1977432095907069215&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Date: Wed, 10 Jan 2024 07:27:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 ts
t.paypal.com/ 42 B
213 B 266ms
265ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AZXYADENKNJPZE-1&page=muse%3Aoffer%3A%3A%3AZXYADENKNJPZE-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3f710125-e254-44cc-ba7e-5d8abc3fb13d&es=visitorInfo&cust=identified&mrid=ZXYADENKNJPZE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&unsc=0&identifier_used=IP&e=im&t=1704871621232&g=-480&completeurl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&disableSetCookie=true

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 10 Jan 2024 07:27:01 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 5134cb637a4bd
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-qpg1266-QPG
pragma: no-cache
correlation-id: 5134cb637a4bd
traceparent: 00-00000000000000000005134cb637a4bd-422d323615677967-01
x-timer: S1704871621.244862,VS0,VE210
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 07:27:01 GMT

GET
H2

200

89835cca-cc31-94a7-4265-32b8cbb34c38
crb.kargo.com/api/v1/sync/Tapad/ Frame 2E35
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2781&partner_device_id=89835cca-cc31-94a7-4265-32b8cbb34c38&partner_url=https%3A%2F%2Fcrb.kargo.com%2Fapi%2Fv1%2Fsync%2FTapad%2F89835cca-cc31-94...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2781&partner_device_id=89835cca-cc31-94a7-4265-32b8cbb34c38&partner_url=https%3A%2F%2Fcrb.kargo.com%2Fapi%2Fv1%2Fsync%2FTapad%2F89835cca-c...
https://crb.kargo.com/api/v1/sync/Tapad/89835cca-cc31-94a7-4265-32b8cbb34c38?rid=5b217d4a-5d64-4456-8438-7dcf53a7aa12&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&exid=2b353c0a-ab8a-4131-8694-968...

43 B
358 B

21ms
20ms

Image
image/gif

3.0.109.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/sync/Tapad/89835cca-cc31-94a7-4265-32b8cbb34c38?rid=5b217d4a-5d64-4456-8438-7dcf53a7aa12&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&exid=2b353c0a-ab8a-4131-8694-968aa457a347
Requested by: Host: crb.kargo.com
URL: https://crb.kargo.com/api/v1/initsync/e7e3384a-3c0f-493d-8764-378bcf272be3?partners=Tapad&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol: H2
Server: 3.0.109.64 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-109-64.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://crb.kargo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
x-accel-expires: 0
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 10 Jan 2024 07:27:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://crb.kargo.com/api/v1/sync/Tapad/89835cca-cc31-94a7-4265-32b8cbb34c38?rid=5b217d4a-5d64-4456-8438-7dcf53a7aa12&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&exid=2b353c0a-ab8a-4131-8694-968aa457a347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame 54C6
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=1977432095907069236&bid=omt9pi0
https://ps.eyeota.net/match/bounce/?uid=1977432095907069236&bid=omt9pi0

70 B
440 B

43ms
32ms

Image
image/gif

54.251.140.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=1977432095907069236&bid=omt9pi0
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: HTTP/1.1
Server: 54.251.140.206 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 10 Jan 2024 07:27:01 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=1977432095907069236&bid=omt9pi0
Date: Wed, 10 Jan 2024 07:27:01 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 54C6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZZ5GxQANa3_3ywBH
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZ5GxQANa3_3ywBH&_test=ZZ5GxQANa3_3ywBH

42 B
1 KB

206ms
206ms

Image
image/gif

198.8.71.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZ5GxQANa3_3ywBH&_test=ZZ5GxQANa3_3ywBH
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: HTTP/1.1
Server: 198.8.71.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 10 Jan 2024 07:27:02 GMT
Cache-Control: no-cache
Server: Jetty(9.4.51.v20230217)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-qpg1260-QPG
pragma: no-cache
date: Wed, 10 Jan 2024 07:27:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1704871622.453120,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZ5GxQANa3_3ywBH&_test=ZZ5GxQANa3_3ywBH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame 54C6
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069236&referrer=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=8d07feb0-8648-48fe-861b-cacec8b85126%3A1704871621.8229845&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D8d07feb0-8648-48fe-861b-cacec8b...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069236&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D8d07feb0-8648-48fe-86...
https://idsync.rlcdn.com/501709.gif?partner_uid=8d07feb0-8648-48fe-861b-cacec8b85126%3A1704871621.8229845&_=1704871621.8243897
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGmkeQj7kiBPu7yVOy72PtI&google_cver=1

42 B
60 B

221ms
221ms

Image
image/gif

35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGmkeQj7kiBPu7yVOy72PtI&google_cver=1
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:03 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGmkeQj7kiBPu7yVOy72PtI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

dispatch.fcgi
wam.solution.weborama.fr/fcgi-bin/ Frame 54C6
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTk3NzQzMjA5NTkwNzA2OTIzNg==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEHTejuuAUVpJ59j4Nc3Am0g&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069236&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=3974e228-b36c-4181-a9a2-13ae9b72028b%3A1704871621.6818504&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D3974e228-b36c-4181-a9a2-13ae9b7...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1977432095907069215&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D3974e228-b36c-4181-a9...
https://idsync.rlcdn.com/501709.gif?partner_uid=3974e228-b36c-4181-a9a2-13ae9b72028b%3A1704871621.6818504&_=1704871622.3434105
https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID}

0
0

GET
H2 200 setuid
ib.adnxs.com/ Frame 54C6 43 B
1000 B 29ms
23ms Image
image/gif 103.43.90.117
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=18&code=1977432095907069236

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
an-x-request-uuid: f8ecb0cd-52fd-4c7c-b1fb-6197d3cd832d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 39.109.224.42; 39.109.224.42; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 54C6
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1977432095907069236&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1977432095907069236&redir=

42 B
716 B

439ms
438ms

Image
image/gif

52.40.168.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1977432095907069236&redir=

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Server

52.40.168.36 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-168-36.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

dcs: dcs-prod-usw2-1-v050-0d8637530.edge-usw2.demdex.com 2 ms
pragma: no-cache
date: Wed, 10 Jan 2024 07:27:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: EgrVsCj8S0w=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-usw2-1-v050-094f2cc33.edge-usw2.demdex.com 0 ms
pragma: no-cache
date: Wed, 10 Jan 2024 07:27:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: HTZlVUZqRis=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1977432095907069236&redir=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 54C6 42 B
194 B 29ms
25ms Image
image/gif 67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=1977432095907069236&r=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 10 Jan 2024 07:27:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame 54C6 43 B
97 B 29ms
25ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=1977432095907069236&r=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 54C6 57 B
643 B 214ms
105ms Image
image/gif 104.83.196.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=1977432095907069236

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-83-196-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 07:27:01 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Wed, 10 Jan 2024 07:27:01 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 54C6 43 B
108 B 1062ms
404ms Image
image/gif 44.213.136.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=1977432095907069236
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.213.136.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-213-136-134.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:02 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2 200 rum
dsum-sec.casalemedia.com/ Frame 54C6 43 B
336 B 59ms
56ms Image
image/gif 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1977432095907069236&forward=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7%2FPBxbGmRfHmJERT8Oy1Jt%2FJ57%2BIC1EEU%2FKaN6bDHHKeibRqqFX8XP6lf%2BvW8QdYdSr%2BWHWEXufuwJRPHdRnKJc9JdC7UxZyGGl5%2BTQOQD0Etjk1X%2BX5JpvUZ57VQmNKmRgaqM2p8K6gw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 843331f12c914d9f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame 54C6 42 B
169 B 256ms
240ms Image
image/gif 35.244.154.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=1977432095907069236
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:01 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 54C6 43 B
182 B 416ms
245ms Image
image/gif 23.207.181.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=1977432095907069236

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.207.181.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-181-216.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 10 Jan 2024 07:27:01 GMT
pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H2 200 sync
partners.tremorhub.com/ Frame 54C6 43 B
174 B 1287ms
245ms Image
image/gif 3.230.219.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=1977432095907069236&r=Yaghrx818I_r
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.219.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-219-56.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 10 Jan 2024 07:27:02 GMT
server: nginx
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 54C6 43 B
377 B 417ms
85ms Image
image/gif 18.176.187.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=1977432095907069236
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.176.187.153 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-187-153.ap-northeast-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:01 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 54C6 0
337 B 770ms
219ms Image
text/plain 44.229.92.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1977432095907069236
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.92.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-92-118.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-served-by: beacon-n006-pdx-prod.krxd.net
date: Wed, 10 Jan 2024 07:27:01 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1704871621
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 54C6
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=1977432095907069236&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1977432095907069236&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}

43 B
510 B

96ms
95ms

Image
image/gif

35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1977432095907069236&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: HTTP/1.1
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 07:27:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1977432095907069236&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Date: Wed, 10 Jan 2024 07:27:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK gs Show response
gs.mountain.com/ 144 B
733 B 942ms
242ms Script
application/javascript 35.81.162.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.mountain.com/gs
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.81.162.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-162-201.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 8672826b4bfe9c375e14db73384de562eb023c2b7ce6fb458142bbfb6093fe35

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:02 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
1 KB 736ms
285ms Script
application/javascript 44.235.191.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=UA-3754388-3&ga_client_id=1657659349.1704871619&shpt=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-3754388-3%22%2C%22ga_client_id%22%3A%221657659349.1704871619%22%2C%22shpt%22%3A%22Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR%22%2C%22dcm_cid%22%3A%221704871618.1%22%2C%22dcm_gid%22%3A%221988560469.1704871619%22%2C%22mntnis%22%3A%22klyyh%2BG5mj%2B4%2F1M%2BEEPr48THgmnyn4vs%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1704871618.1&dcm_gid=1988560469.1704871619&available_ga=%5B%7B%22id%22%3A%22G-EVDQTJ4LMY%22%2C%22sess_id%22%3A%221704871618%22%7D%2C%7B%22id%22%3A%22G-P9YZZV758Y%22%2C%22sess_id%22%3A%221704871618%22%7D%2C%7B%22id%22%3A%22UA-1473340-18%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22UA-3754388-9%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=UA-3754388-3&dxver=4.0.0&shaid=35855&plh=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&shadditional=sh_conversion%3DSHBLOCK%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1704871621720491&shguid=0b8a8354-c80b-3323-8eec-814a06d321de&shgts=1704871622634
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.235.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-191-156.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:03 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 22
connection: close

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
299 B 258ms
257ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://give.unrefugees.org
Date: Wed, 10 Jan 2024 07:27:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H/1.1 200
OK pstats.html Show response
a.rfihub.com/ Frame B7FC 26 B
981 B 220ms
219ms Document
text/html 198.8.71.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://a.rfihub.com/pstats.html?rb=9587&ca=20826430&ri=889620cadfec88d0cb1adf0a5c5653c5&stats=%7B%2213488%22%3A%222164%2C1%22%2C%2217243%22%3A%22113%2C1%22%2C%2242261%22%3A%22107%2C1%22%2C%2250495%22%3A%22510%2C1%22%2C%2252220%22%3A%22153%2C1%22%2C%2253935%22%3A%221374%2C1%22%2C%2254497%22%3A%22514%2C1%22%2C%2254855%22%3A%22101%2C1%22%2C%2254863%22%3A%221380%2C1%22%2C%2255073%22%3A%22349%2C1%22%2C%2256659%22%3A%221060%2C1%22%2C%2256885%22%3A%22758%2C1%22%2C%2257347%22%3A%22865%2C2%22%2C%2257363%22%3A%22830%2C1%22%2C%2258143%22%3A%22314%2C1%22%2C%2258553%22%3A%221909%2C1%22%2C%2258561%22%3A%221051%2C1%22%7D&ra=7652758699620374
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.8.71.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Content-Length: 26
Content-Type: text/html;charset=iso-8859-1
Date: Wed, 10 Jan 2024 07:27:03 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
15 KB 60ms
11ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-1216.min.js

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: ibRtDmp9QPDop46QbSE1xCN8MEKug8pl
content-encoding: br
via: 1.1 varnish
date: Wed, 10 Jan 2024 07:27:03 GMT
strict-transport-security: max-age=300
x-amz-request-id: CV1JV19A9YHCJ9FD
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15095
x-amz-id-2: 2uJL4r0NBRr0JkPjAyyGop9Vf6c+izXay3HymFEeZcSh6DM0AL3BDH/jIsOk3UvW1au4FEbAE+g=
x-served-by: cache-qpg1248-QPG
last-modified: Wed, 18 Oct 2023 20:59:41 GMT
server: AmazonS3
x-timer: S1704871624.640690,VS0,VE0
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 375

GET
H/1.1 200
OK check.js;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB Show response
h.online-metrix.net/fp/ Frame 3DD5 296 KB
51 KB 623ms
198ms Script
text/javascript 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/check.js;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a&jb=35392e24687b6d773f5f6b6c666f7f7b246871673d55696c6c677771273a32333126687360773d43687a6f6d6d24687b603f4160706d6f652d3a32333038

Requested by

Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/tags.js?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

799d9b1fabf5266a370ae99f608c90991a86caf7e6ccf3de05255f6874078f91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 07:27:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 83c00fb72a213c0a
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
h.online-metrix.net/fp/ Frame 3DD5 81 B
475 B 609ms
185ms Image
image/png 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 07:27:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
h.online-metrix.net/fp/ Frame 3DD5 81 B
475 B 668ms
243ms Image
image/png 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 07:27:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=0A9131532B814543BD7EABAE1536D15E&RedC=c.clarity.ms&MXFR=32AF4AFF44DF645A1C9A5EFD40DF6ACC
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0A9131532B814543BD7EABAE1536D15E&MUID=38C958F2C6DE6E7A0AAD4CF0C7E66FC7

42 B
443 B

56ms
53ms

Image
image/gif

20.205.115.81
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0A9131532B814543BD7EABAE1536D15E&MUID=38C958F2C6DE6E7A0AAD4CF0C7E66FC7
Protocol: H2
Server: 20.205.115.81 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:03 GMT
last-modified: Tue, 12 Dec 2023 19:03:29 GMT
server: Microsoft-IIS/10.0
etag: "e8d91e42d2dda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 935643BB4D73499DACD56064B4A906BA Ref B: SGEEDGE0421 Ref C: 2024-01-10T07:27:03Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0A9131532B814543BD7EABAE1536D15E&MUID=38C958F2C6DE6E7A0AAD4CF0C7E66FC7
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 cda0845c-e241-4b98-8d4b-abdc76d31d9d.js Show response
tr.snapchat.com/config/org/ 175 B
446 B 360ms
22ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/org/cda0845c-e241-4b98-8d4b-abdc76d31d9d.js?v=3.8.0-2401042024

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

bd0f581c676be109e4886cdf44ce4f2ca6e24ff0cac5c706e0de4b0be59ec9c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://give.unrefugees.org/
Origin: https://give.unrefugees.org
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://give.unrefugees.org
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame A06F 672 B
884 B 366ms
32ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=cda0845c-e241-4b98-8d4b-abdc76d31d9d&u_scsid=d3dee16e-e58b-42a2-b68a-de60c28edc4d&u_sclid=f74c1e8f-cfbc-4aca-bd0c-35cb6048c141

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Wed, 10 Jan 2024 07:27:03 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 10

GET
H2 200 p
tr.snapchat.com/ 68 B
443 B 351ms
24ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=cda0845c-e241-4b98-8d4b-abdc76d31d9d&ev=PAGE_VIEW&intg=gtm&pids=cda0845c-e241-4b98-8d4b-abdc76d31d9d&u_c1=25ffb1ea-2cdd-46ef-b8c3-279dbdd185a5&u_sclid=f74c1e8f-cfbc-4aca-bd0c-35cb6048c141&u_scsid=d3dee16e-e58b-42a2-b68a-de60c28edc4d&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=0&m_fcps=3746&m_pi=0&m_pl=0&m_pv=2&m_rd=9068&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&trackId=958d7817-50ee-4dc6-9603-ad542013cdb1&ts=1704871623616&v=3.8.0-2401042024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 14ms
13ms XHR
text/plain 142.251.10.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1903231075&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&ul=en-us&de=UTF-8&dt=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F180117core_mainpg_p_3000%2F&el=25%25&_u=aDHACEABBAAAAGAAI~&jid=2081975447&gjid=1752036267&cid=1657659349.1704871619&tid=UA-3754388-9&_gid=1988560469.1704871619&_r=1&gtm=45He4180n81N9KWLLFv832800531&gcd=11l1l1l1l1&dma=0&z=33523196

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
131 B 20ms
19ms Image
image/gif 142.251.10.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1903231075&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&ul=en-us&de=UTF-8&dt=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F180117core_mainpg_p_3000%2F&el=50%25&_u=aDHACEABBAAAAGAAI~&jid=&gjid=&cid=1657659349.1704871619&tid=UA-3754388-9&_gid=1988560469.1704871619&gtm=45He4180n81N9KWLLFv832800531&gcd=11l1l1l1l1&dma=0&z=750355025

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 05:40:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6401
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 22ms
21ms Image
image/gif 142.251.10.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1903231075&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&ul=en-us&de=UTF-8&dt=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F180117core_mainpg_p_3000%2F&el=75%25&_u=aDHACEABBAAAAGAAI~&jid=&gjid=&cid=1657659349.1704871619&tid=UA-3754388-9&_gid=1988560469.1704871619&gtm=45He4180n81N9KWLLFv832800531&gcd=11l1l1l1l1&dma=0&z=1253404750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 05:40:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6401
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 21ms
20ms Image
image/gif 142.251.10.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1903231075&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&ul=en-us&de=UTF-8&dt=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F180117core_mainpg_p_3000%2F&el=100%25&_u=aDHACEABBAAAAGAAI~&jid=&gjid=&cid=1657659349.1704871619&tid=UA-3754388-9&_gid=1988560469.1704871619&gtm=45He4180n81N9KWLLFv832800531&gcd=11l1l1l1l1&dma=0&z=826193685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 05:40:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6401
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fa5b33ed7c80.js Show response
w.usabilla.com/ Frame A103 37 KB
11 KB 341ms
83ms Script
text/javascript 54.249.27.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/fa5b33ed7c80.js?lv=1
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.249.27.149 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-249-27-149.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: c39cdceba8ffcac02a50091ccc8e8170850f1a138d5a2dfae311619dd632b76a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:03 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "3405d853c9cdb4cdabab46e828ab58e1"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 11277

POST
H3 200 apm
dev.visualwebsiteoptimizer.com/ 0
33 B 251ms
251ms Ping
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/apm
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/apmLib-014e271cb682624402ff2d52b5857b6f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv2c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 10 Jan 2024 07:27:03 GMT
content-encoding: gzip
via: 1.1 google
server: gnv2c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/javascript; charset=UTF-8

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1011 B
908 B 278ms
270ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

922921392a5b02b2585b82ad1efba1600596b8a50f58b17d7d6e56a7c4a036e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

date: Wed, 10 Jan 2024 07:27:04 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f202541e1a69d
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-qpg1257-QPG, cache-qpg1257-QPG
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f202541e1a69d-5a69fe3699311432-01
x-timer: S1704871624.956824,VS0,VE251
etag: W/"3f3-skfChsWti+Fh6ENHhGY/6jJ0PNA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://give.unrefugees.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 270ms
269ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.unrefugees.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://give.unrefugees.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Wed, 10 Jan 2024 07:27:03 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f202541d3e88e
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f202541d3e88e-18bd609451c5b382-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-qpg1257-QPG, cache-qpg1257-QPG
x-timer: S1704871624.678181,VS0,VE253

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
74 B 41ms
40ms XHR
text/plain 74.125.130.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3754388-9&cid=1657659349.1704871619&jid=2081975447&gjid=1752036267&_gid=1988560469.1704871619&_u=aDHACEABBAAAAGAAI~&z=947660120

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 10 Jan 2024 07:27:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 cf888b8b66 Show response
bam.nr-data.net/1/ 56 B
487 B 1318ms
1240ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/cf888b8b66?a=357730915&v=1216.487a282&to=ZFNSZUsADUJYWxFRC10ZfWd6TjFUV1wASilFVXNeVxURXlVUAEpLfllURFUEM1BeXQ%3D%3D&rst=9131&ck=1&ref=https://give.unrefugees.org/180117core_mainpg_p_3000/&ap=16&be=2224&fe=9039&dc=4537&perf=%7B%22timing%22:%7B%22of%22:1704871614547,%22n%22:0,%22f%22:1744,%22dn%22:1744,%22dne%22:1744,%22c%22:1744,%22ce%22:1744,%22rq%22:1744,%22rp%22:2197,%22rpe%22:2198,%22dl%22:2201,%22di%22:4536,%22ds%22:4537,%22de%22:4537,%22dc%22:9037,%22l%22:9038,%22le%22:9058%7D,%22navigation%22:%7B%7D%7D&fp=3746&fcp=3746&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1b1e54380b8b8e45010115f3d0f7caad60ca0f34be8bee3e11e11727cc64d49f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:27:04 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 56
x-served-by: cache-qpg1282-QPG

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 23ms
22ms Image
image/gif 74.125.24.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3754388-9&cid=1657659349.1704871619&jid=2081975447&_u=aDHACEABBAAAAGAAI~&z=459894679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
107 B 20ms
20ms Image
image/gif 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3754388-9&cid=1657659349.1704871619&jid=2081975447&_u=aDHACEABBAAAAGAAI~&z=459894679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 07:27:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame A06F 41 KB
18 KB 13ms
12ms Script
application/javascript 13.35.14.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=cda0845c-e241-4b98-8d4b-abdc76d31d9d&u_scsid=d3dee16e-e58b-42a2-b68a-de60c28edc4d&u_sclid=f74c1e8f-cfbc-4aca-bd0c-35cb6048c141
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.14.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-14-254.sin5.r.cloudfront.net
Software: CloudFront /
Resource Hash: e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 20:48:43 GMT
content-encoding: gzip
via: 1.1 34a84b82ff144b427f99aaae61510d20.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN5-C1
age: 38300
etag: dc4e3509882e40c68a170453af779220
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
access-control-allow-headers: Content-Type
content-length: 17883
x-amz-cf-id: KJykRBGt7wjN5jOZqivvhW6SCk0qGjKu9WhH9wk1z5neujMeC-kB-w==

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame 0F43
Redirect Chain

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1704871624015&u_scsid=29d214b1-1262-4ec2-a881-20f491016105&u_sclid=da371c25-aa81-46ac-8ab1-9acc0f52b568
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1704798292093%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1704798292093&pnid=140&pcid=2b353c0a-ab8a-4131-8694-968aa457a347

0
17 B

38ms
38ms

Document
text/html

35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1704798292093&pnid=140&pcid=2b353c0a-ab8a-4131-8694-968aa457a347

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Wed, 10 Jan 2024 07:27:04 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 12

Redirect headers

accept-ch: Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 10 Jan 2024 07:27:04 GMT
location: https://tr.snapchat.com/cm/p?rand=1704798292093&pnid=140&pcid=2b353c0a-ab8a-4131-8694-968aa457a347
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server: Jetty(11.0.13)
strict-transport-security: max-age=31536000
via: 1.1 google

POST
H2 200 p
tr6.snapchat.com/ 0
44 B 96ms
20ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 10 Jan 2024 07:27:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK unhcr-button-ca8fba580979f02c2694fa49ed8ef52a.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame 1353 2 KB
2 KB 66ms
19ms Image
image/png 13.33.100.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d6tizftlrpuof.cloudfront.net/themes/production/unhcr-button-ca8fba580979f02c2694fa49ed8ef52a.png
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.100.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-100-219.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90b232dae4b3477832ee21493d7558ace8cf6e9b8bc97f9c552f301da013f1da

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 10:24:20 GMT
x-amz-version-id: .SrcatzoiMfoqGSBwRAbfAVYaagZkb9i
Via: 1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
Last-Modified: Tue, 05 Feb 2019 19:50:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN2-P2
Age: 13294965
ETag: "ca8fba580979f02c2694fa49ed8ef52a"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=315360000, no-transform, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1768
X-Amz-Cf-Id: KtkYedkK1D2B-QGOMz8eyG9jaOoGr0ijvCgaH7qCuGelnBz4nVr-0Q==

GET
H/1.1 200
OK pstats.html Show response
a.rfihub.com/ Frame BD80 26 B
993 B 219ms
219ms Document
text/html 198.8.71.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://a.rfihub.com/pstats.html?rb=9587&ca=20826429&ri=230cddecfa9e29e5d5b5a7ce79998cea&stats=%7B%2213488%22%3A%22%22%2C%2217243%22%3A%2232%2C1%22%2C%2242261%22%3A%2233%2C1%22%2C%2250495%22%3A%22421%2C1%22%2C%2252220%22%3A%2263%2C1%22%2C%2253935%22%3A%221284%2C1%22%2C%2254497%22%3A%22424%2C1%22%2C%2254855%22%3A%2233%2C1%22%2C%2254863%22%3A%221292%2C1%22%2C%2255073%22%3A%22279%2C1%22%2C%2256659%22%3A%22892%2C1%22%2C%2256885%22%3A%22702%2C1%22%2C%2257347%22%3A%22775%2C2%22%2C%2257363%22%3A%221437%2C1%22%2C%2258143%22%3A%22217%2C1%22%2C%2258553%22%3A%221859%2C1%22%2C%2258561%22%3A%221065%2C1%22%7D&ra=7822190428205313
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.8.71.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Content-Length: 26
Content-Type: text/html;charset=iso-8859-1
Date: Wed, 10 Jan 2024 07:27:04 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

POST
H3 200 p
tr.snapchat.com/ 0
15 B 26ms
26ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 10 Jan 2024 07:27:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://give.unrefugees.org
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK clear.png Show response
h.online-metrix.net/fp/ Frame 3DD5 81 B
535 B 591ms
187ms XHR
image/png 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png

Requested by

Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/check.js;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a&jb=35392e24687b6d773f5f6b6c666f7f7b246871673d55696c6c677771273a32333126687360773d43687a6f6d6d24687b603f4160706d6f652d3a32333038

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, zrtzph91/83c00fb72a213c0ae1873-6679ccc4-9bf6-4256-9af2-331530230548
Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 07:27:05 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 10 Jan 2024 07:27:05 GMT
Server: Apache
Etag: efdf050a16cc4c8aa141b69312e27ed7
Content-Type: image/png
Access-Control-Allow-Origin: https://give.unrefugees.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Mon, 08 Jan 2029 07:27:05 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB Show response
h.online-metrix.net/fp/ Frame F0C7 92 KB
14 KB 196ms
190ms Document
text/html 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

7ecd7bbf65a77f015cdc970c9e228a709ac1cbf0e56512d6616b7c8a5c9333e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Wed, 10 Jan 2024 07:27:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
h.online-metrix.net/fp/ Frame 3DD5 0
387 B 197ms
189ms Script
text/javascript 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a&jb=33362e6e71693f64353f323563326c303763633c323b66633b6a373b603a663538663636343366

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 07:27:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK es.js Show response
h.online-metrix.net/fp/ Frame 3DD5 134 B
654 B 200ms
193ms Script
text/javascript 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/es.js?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

322375ccd30656b6c3b462fd5a594e5b81d19818e4f994e5a1f222bd2d201cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 07:27:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB Show response
h.online-metrix.net/fp/ Frame 351C 103 KB
15 KB 383ms
190ms Document
text/html 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

4505833e7a3c374c74dfb3a5a829f62598032713b3521e1137f8e0fd7399e3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Wed, 10 Jan 2024 07:27:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB Show response
h.online-metrix.net/fp/ Frame 99DE 89 KB
13 KB 372ms
187ms Document
text/html 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/top_fp.html;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

64d852cd69b7e4bfc5e4e5a1b6f1bd47c0f74f1f8ed8c6bd162871a899ef5592

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Wed, 10 Jan 2024 07:27:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
h.online-metrix.net/fp/ Frame 3DD5 0
218 B 393ms
202ms Script
text/javascript 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a&ja=31383e33242e613f36303224783d382e643f333e303278333a383024636e3f333630327833303030267b787935327a382466727a3f332e313e38322e333a30322c333e38302e333a32322c313430322e313230382c313e323224333032382e322e302e65763f6330383061606b6c6335356c666464663b65633a3431313c37303e603b69356324656c3f36267b6b663f303c266e683f607c7472712d31432532442530446769766d2e756670676e7765676d712c6d726f2d30443330303331356b6772675d65636b6e70655f725d3330303825324e2472643f3124786a3f35386e3a3a63633e626166606d393131603f313a3761673066316264623a64342e6a6a356736306d646137333f6c6030363c36636331393a6161373e616763373039343b266a73673d57616c66677571273a32333326627b603f4160726d6d672d3a303330382468736f773d556b6e646f7f73266271607d3f416a7a6d6f67266660613f362e6e666d3f302e6e6f76783f32267478643f437369612d32465b6b6c6f63726d7a67246f617c60703f3638303164336b3a6267613830673663613534323038326964313d3736383364663c373a3a313c3966346769613034666b313463646a663532333333333b3661266c723d6076767871273149273044253a4e656b746d2e776e706d6e7565676d712c6f72652530443138303931376b6d706d5d6f63616c72655f785731323238253046247835706e776f6b6c5f666e61716a2535456e616c7b6723786e7765616c5d7569666c6d7571576d67646b6957706e6371677025354766636e736521786c756f6b6c5763666d6a675d63637a676063762d35476663647b652372647765696e5d71776b636b74616d652d37476e636e716d23726e756f616c5d71606f616b75697e6527374d64636c736721726e756769665f726d636e786e637b6d702737456e696e716729706e756561665f746e6b5d726c617b657027354566696c736d23726477656b665d66677669647470273d4564616e7b6d21726e7d656b6e5f7176655d7669657f65722d37476e636e716d23726e756f616c5d6869766325374d6e616e716d24656c5f613d756762676c5f65624f4e273a32332c38273032284778676c4544253030475b2d32323026322732304168706d6d69756529576d6045442730324f4e514e253a384751273a30332e322d3a302a4d78676c474c2732324753253238474c5b4e273a3247512d3032332e382d30324160726d6d6b7d652955676a496b74576762496b7425323857656a454e494c454e4d5d6b6c737c696c61676c5f63727069717327314a273030455a545d606c656e6c5f6d616c6f697a27314a27303245505c5d616d646f705f607d6e666770576a636c665d666e6d6174253b42253a324750565d64646d63765f6a64676c662d33402530384d58565d6e7063675f666572766825334a253238475a5c5d716a696667705f7c6d7a76777a655d6c6d6c2d3340273a324758545d74677a7475726d5f63676f727a677171616d6c5d62787c6127314a25303047505c5f766770767772655d636d6f7072657b7369676c5d7a6576612d31402732384d5a565d7c657a74777a6d5f646b647667725f636e6b716f74726770696b27314a2730324d5a565d735a4f4027314a2530304d4d5b5f676e6d6f676e745d696c6665785f7d696e7c27314a2730324747515d666a675d7067666467725d6561706f63782731422530304d47535f737c616e6c63706c5d66677a6b746374617e6771273b42273232474d535d766d7a767572675f646e6f61742d33422d30324747515d7c677a76757a6d5d646e6761765f6e61666563702d31402532324f47515f74657074757a675d60636e6457646e6d617c2d3140273a304d4551577c657a767d70675f68636c645d666c6f69745f646b6c6d6370273b40273030474d515d746d7276657a5769727063715d6d626a676376273342253a30574d4045445d616d646d705d627d6e64677057666e6f637c2d3340273a32554542454c5d616f6d707a65737b67665776677a7c7770675f697b7661273b422732325f4d42454e57616d6d707065717165645f7c65787c77706d5d67766b273140253a385547404f4c5d636d65787267717b67665f746778767772655f6d74633927314a2730325f4740454c576b6d6f727a657173676c5774677a7c7770655f713376612533422d32305f47404f4e5d61676f7270657b7b67665d7c657a74777a6d5f71317c615d7372656227314225323857454a454e576667607d655d7065666c6770677a5f6b6e64672d3340273a32554542454c5d66657074605f746d7a767d7067273b402730305f4d40454e5764706175576a7564646d70712533402530325745424f4c5f646d716d5d616d6676677a742d3b402730385747424544576d776e7c6b5d64726377333426676c57683d3b64643d6664643c353632646c6b3632356d36306267386d3736663a37373436333036663432353126776f6e74354b6c766d6e2730304166612c247f676e723f416674676e2d303249726b732730304f706d6e4744273038476c65616c6724636b6c3f37&jb=31353d246e793f4f6d726b6e6e612d3a44372c382530302a5f616e666d7f712732304c5427303031302630253b40273a32556b66343627334a2d30327a3e342b2530384970726e6d5567624b6b7427304635333f2e333e2730382a494a5c4f4e27324b2d30326e616b672530384f656169672b2732304168706d6d65253a46313a322c382c3432313b2c30313e2d303251696663726b2d3a4637313f2c3136

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 07:27:04 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Type: text/javascript;charset=UTF-8

GET clear.png
zrtzph916zvgipvk3klkyv5py6tfyw5ewhy76myw83c00fb72a213c0asac.d.aa.online-metrix.net/fp/ Frame 3DD5 0
0

GET
H/1.1 204
No Content clear.png Show response
h.online-metrix.net/fp/ Frame F0C7 0
387 B 204ms
203ms Script
text/javascript 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a&jf=33362e6e716a3f34616c606464343d3b6632343c6561653b3031376033696033316467373b3261

Requested by

Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 07:27:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK es.js Show response
h.online-metrix.net/fp/ Frame F0C7 134 B
653 B 202ms
201ms Script
text/javascript 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/es.js?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a&fr

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

f705ee532673bd6d4764f8b5ded7db656af52dad6c4d8483bc08d6728ee17b35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 07:27:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
h.online-metrix.net/fp/ Frame 3DD5 0
387 B 187ms
187ms Script
text/javascript 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a&jac=1&je=353630242462646c3f3b2468646835313b34333f31646264313f3335673b34356261353536606233396a63343a613a2e686476663f3238333c31383124786d3f6e6d2e6a6176717c3f2737422732306e6576656425323a273149332c3238273041253a3a7176637c757125303a2d3343273a3061686170676b6c6725323a25374c24637d666a3f6b633560396d3e67343a39636161613e6e3263356b333b3239313631363662356b33313f3b346a36663a6c66363a363838313a646d346430316e6b643a363d3b246578313d61333363346d303531673a396632353f643164646a38663a3a3f613b38363c693860676b316133622475636a3d25374a25323a63706b6a6b766d617677726d2d3030273b412732302d3a3227304b273032626b746c677373253a32253b43273a3027303a273041253a3a60706366647125303a2d3343273d40273544273241273232667d6c6c5e67707b6b6d6c446b7176253a3a2731432d354025374c2d3241273a306f6f626b6c67273232253b4166696e716d2730412d30306f6f6c6d6e27303a253141273a3a2530302d3041253230706e6374666f7a6d253a30273b4327303a273030253a4b273030786c637464677a6d54677a716b6f6e273230273341253a32253a30273a4127303a756d75363c2d3030273b4164616e7b6d2535462e77636c3d273740273232627a616e6c71273a30273149273740253d4c2730412d32306d6d6a616c67273a3027334164616e716525324b25323a726e6976646d7a6f2730322d3b4327303a253032273f4c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 07:27:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB
h.online-metrix.net/fp/ Frame 3DD5 0
401 B 291ms
290ms Image
image/png 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a&jf=34313e247161665d7066663f76647a57324f724c53503578717f445b3349403326736b645d6661746535313738363a3f3334303d24716b64577c7b726735776762386d6b6471632e716b645f69657b3f3330353133303931323e323530693a3436386b6d3166323a30333034383032633a3e363a6365316432313031303f30333c3032383236333e363a34313e3d66366469663534646a313367343c343a6132636236663765353130363e61643e3435306a633561646e3d3a6436316334393b6b316532333e32633235363536333031396c646530373569676367303b3534333b6b33333b39653135306a3a63316431373a3663613635303961393933363c37356e3131333b24716b64577b6b653f3b303635323a3a3132326d32353866323864606132323e32383d30363e6330373f63346434393a36663730326333613c313532323030323264343636316564333f66356d64646933353338303032353a6a3364616c633566376d6d3364676967636431606163323139326e66303d66636d30323b3967376163383063363038323262603b39383b3569606062653a26716b66723d38

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 07:27:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB
h.online-metrix.net/fp/ Frame 351C 0
401 B 287ms
287ms Image
image/png 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a&jf=34313c247161665d7066663f76647a57324c745f7a407a6a31787757516b756926736b645d6661746535313738363a3f3334303d24716b64577c7b726735776762386d6b6471632e716b645f69657b3f3330353133303931323e323530693a3436386b6d3166323a30333034383032633a3e363a6365316432313031303f30333c3032383236336a663a67663f3c3537353c653037676c6b633b313c613b3733326661323739353b3238693a6131303b37313532633738396035663d333a30673c3c3067633d31336261303235613661666a33366e32306c6134616b643563346a3f31613530363266353f3e3136326c613633663b66673b37323331356230323b3c3b64636924716b64577b6b653f3b303634323a3a3031673f36673534663834373566356d30633e60606c316037393460336169386337373b6131326031383937663b35363934636536636534333165356d63333e3a32303a323564323c3e333b646c633332606b3939663069336433313b3537303132393b39376a663b6d33613b3b343461653b3e6060613a626435613c6b65363b6e64363826716964703d31

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=752B540FD04C86CC2905D5A6EB2D13FB?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 07:27:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
h.online-metrix.net/fp/ Frame 3DD5 0
387 B 188ms
188ms Script
text/javascript 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a&jac=1&je=31382e24756d6b3f31312c333239263a30362c3c32

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 07:27:06 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
299 B 288ms
287ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://give.unrefugees.org/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://give.unrefugees.org
Date: Wed, 10 Jan 2024 07:27:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wam.solution.weborama.fr
URL: https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID}

Domain: zrtzph916zvgipvk3klkyv5py6tfyw5ewhy76myw83c00fb72a213c0asac.d.aa.online-metrix.net
URL: https://zrtzph916zvgipvk3klkyv5py6tfyw5ewhy76myw83c00fb72a213c0asac.d.aa.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-6679ccc4-9bf6-4256-9af2-331530230548&nonce=83c00fb72a213c0a&di=yes

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

91 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
give.unrefugees.org/180117core_mainpg_p_3000	1969-12-31 23:59:59	Name: trcksesh Value: ad488cc2-2de7-48c3-a3d9-15c0af1ab58d
sc-static.net/scevent.min.js	1970-01-20 17:35:58	Name: X-AB Value: dc4e3509882e40c68a170453af779220
h.online-metrix.net/	1970-01-21 03:10:31	Name: thx_guid Value: 3a4ebb9d77ea7be837cf332700900c07
h.online-metrix.net/	1970-01-21 03:10:31	Name: tmx_guid Value: AAzGW43SdsLoH0RoXyAAByj-8Br2HDZpaHrvdAD2lDKw-kjz0bIYA4XVDU5RDqGTIKEaEqGfW-WYeAuRPIgRC2LDDGVDIQ
.give.unrefugees.org/	1970-01-21 02:21:34	Name: _vwo_uuid_v2 Value: D0757D984F80E61B149CC9F629942D38F\|b28b56e1863b1129bf35c94cb0147735
.unrefugees.org/	1970-01-21 03:10:31	Name: _vwo_uuid Value: D0757D984F80E61B149CC9F629942D38F
.unrefugees.org/	1970-01-20 19:44:07	Name: _vwo_ds Value: 3%241704871618%3A26.70830613%3A%3A
.unrefugees.org/	1970-01-20 17:34:33	Name: _vwo_sn Value: 0%3A1%3A%3A%3A1
.unrefugees.org/	1970-01-20 19:58:31	Name: _vis_opt_s Value: 1%7C
.unrefugees.org/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.unrefugees.org/	1970-01-20 19:44:07	Name: _gcl_au Value: 1.1.778359041.1704871618
.unrefugees.org/	1970-01-21 03:10:31	Name: _rup_ga_EVDQTJ4LMY Value: GS1.1.1704871618.1.0.1704871618.0.0.0
.unrefugees.org/	1970-01-21 03:10:31	Name: _rup_ga Value: GA1.1.1657659349.1704871619
.unrefugees.org/	1970-01-21 03:10:31	Name: _ga_P9YZZV758Y Value: GS1.1.1704871618.1.0.1704871618.60.0.0
.unrefugees.org/	1970-01-21 03:04:18	Name: _scid Value: 25ffb1ea-2cdd-46ef-b8c3-279dbdd185a5
.unrefugees.org/	1970-01-21 03:04:18	Name: _scid_r Value: 25ffb1ea-2cdd-46ef-b8c3-279dbdd185a5
.give.unrefugees.org/	1970-01-21 03:10:31	Name: _ga Value: GA1.3.1657659349.1704871619
.give.unrefugees.org/	1970-01-20 17:35:58	Name: _gid Value: GA1.3.1988560469.1704871619
.give.unrefugees.org/	1970-01-20 17:34:31	Name: _dc_gtm_UA-3754388-9 Value: 1
.unrefugees.org/	1970-01-21 03:10:31	Name: _ga Value: GA1.2.1657659349.1704871619
.unrefugees.org/	1970-01-20 17:35:58	Name: _gid Value: GA1.2.1988560469.1704871619
.unrefugees.org/	1970-01-20 17:34:31	Name: _dc_gtm_UA-1473340-18 Value: 1
give.unrefugees.org/	1970-01-21 02:20:07	Name: __spdt Value: 0685ef8a20cf4f59aff1039a4801b6b3
.unrefugees.org/	1970-01-20 17:35:58	Name: _uetsid Value: a3f00860af8911ee85e467d7983dd01c
.unrefugees.org/	1970-01-21 02:56:07	Name: _uetvid Value: a3f02db0af8911eeb836b9c2563a1490
.doubleclick.net/	1970-01-21 03:10:31	Name: IDE Value: AHWqTUk5MEvos09NaV2_vSXMFhuoi7SCDYN_qGi5jV0nva7afNuA83RBe4ZY2TO7iDA
.bing.com/	1970-01-21 02:56:07	Name: MUID Value: 38C958F2C6DE6E7A0AAD4CF0C7E66FC7
.bat.bing.com/	1970-01-20 17:44:36	Name: MR Value: 0
give.unrefugees.org/	1970-01-20 17:44:36	Name: AWSALB Value: Kze4UYfys36hAF3hxvqvbli+nuHoCC7FAFKMnJ4mNpPhbhuVLRIeb/WrlrMn4QHNKVHccw//B/keVSVyfXI6VrJP6nNBNQdOCCIOCTYh/PaQ8t9PIIcat3o0QUUk
give.unrefugees.org/	1970-01-20 17:44:36	Name: AWSALBCORS Value: Kze4UYfys36hAF3hxvqvbli+nuHoCC7FAFKMnJ4mNpPhbhuVLRIeb/WrlrMn4QHNKVHccw//B/keVSVyfXI6VrJP6nNBNQdOCCIOCTYh/PaQ8t9PIIcat3o0QUUk
.unrefugees.org/	1970-01-20 19:44:07	Name: _fbp Value: fb.1.1704871619566.1995413694
.ipredictive.com/	1970-01-20 19:00:55	Name: ci_rtc Value: _uts=1704871619
.ipredictive.com/	1970-01-21 02:20:07	Name: cu Value: e225ebc2-ef7c-41b0-84ed-850e419da6cc\|1704871619878
.kargo.com/	1970-01-20 17:35:58	Name: krg_seg Value: 1
.adentifi.com/	1970-01-21 03:10:31	Name: adtheorent[cuid] Value: cuid_a4c81361-af89-11ee-8814-12fa6b58ae11
.trkn.us/	1970-01-21 02:20:07	Name: barometric[cuid] Value: cuid_7fc0d6b5-6a3e-47ee-8629-8d4b69a398a0
www.clarity.ms/	1970-01-21 02:20:07	Name: CLID Value: e23f58052fc24f4da325ad45db699dd8.20240110.20250109
.unrefugees.org/	1970-01-21 02:20:07	Name: _clck Value: 1q9r61z%7C2%7Cfia%7C0%7C1470
.google.com/	1970-01-20 21:58:02	Name: NID Value: 511=UUB6llocnaFcyFG3J74eAQVic_v9fx-3Cy6BmHNvEWCYVk85Nw8mTDkXEH-Frk-otHmhjdp1ZKe50C9D_-092zP7I3VC0fyum9QQwFa_qyyHrnyYgC-lhQITplJj8oqEUt9zKL5l6X6IKLI6Im3sqeF4v77K_sagMHRl4vuuhds
.quantserve.com/	1970-01-21 03:04:46	Name: mc Value: 659e46c5-2a670-00926-e02c0
.unrefugees.org/	1970-01-21 02:59:00	Name: __qca Value: P0-1268859197-1704871620692
.openx.net/	1970-01-21 02:20:07	Name: i Value: f5953b75-3cf0-4a31-8532-d55c7be6af3e\|1704871621
.adnxs.com/	1970-01-20 19:44:07	Name: uuid2 Value: 8984362547217952026
.casalemedia.com/	1970-01-20 19:44:07	Name: CMPS Value: 4944
.pubmatic.com/	1970-01-20 18:17:43	Name: PugT Value: 1704871621
.adnxs.com/	1970-01-20 19:44:07	Name: anj Value: dTM7k!M4/YErk#WF']wIg2H`gvuW:a!@wnfH8KAM.xpH^GmVS$HMVIrCyoDnCzFDfFp5%/I7$F(+I'sZ!2>h9/+0J2!(?E(_nG*.
.pubmatic.com/	1970-01-20 19:44:07	Name: KRTBCOOKIE_18 Value: 22947-1977432095907069236
.casalemedia.com/	1970-01-21 02:20:07	Name: CMID Value: ZZ5GxS4ItZbChFq9L9mVHgAA
.casalemedia.com/	1970-01-20 19:44:07	Name: CMPRO Value: 4944
.turn.com/	1970-01-20 21:53:43	Name: uid Value: 4544162297162316278
.tapad.com/	1970-01-20 19:00:55	Name: TapAd_TS Value: 1704871621417
.tapad.com/	1970-01-20 19:00:55	Name: TapAd_DID Value: 2b353c0a-ab8a-4131-8694-968aa457a347
.media.net/	1970-01-21 02:20:07	Name: visitor-id Value: 3478732211223458000V10
.media.net/	1970-01-21 02:18:41	Name: data-rk Value: 1977432095907069236~~3
.tapad.com/	1970-01-20 19:00:55	Name: TapAd_3WAY_SYNCS Value:
.mountain.com/	1970-01-21 02:20:07	Name: guid Value: a581ee2e-af89-11ee-a1bb-ff1b19b2872b
.eyeota.net/	1970-01-21 02:21:34	Name: mako_uid Value: 18cf244751d-76a700000108495e
.eyeota.net/	1970-01-20 17:34:32	Name: SERVERID Value: 18782~DM
.unrefugees.org/	1970-01-20 17:35:58	Name: _clsk Value: 2mkvs0%7C1704871621997%7C1%7C1%7Cr.clarity.ms%2Fcollect
.kargo.com/	1970-01-21 02:20:07	Name: ktcid Value: bc464b94-ac94-0ca0-3458-0af8c7326ec2
.krxd.net/	1970-01-20 21:53:43	Name: _kuid_ Value: QBuSQ4p_
.bidswitch.net/	1970-01-21 02:20:07	Name: c Value: 1704871622
.bidswitch.net/	1970-01-21 02:20:07	Name: tuuid_lu Value: 1704871622
.yahoo.com/	1970-01-21 02:20:29	Name: A3 Value: d=AQABBMZGnmUCEGb6sDUeTq6EPvjvFkFv6QYFEgEBAQGYn2WoZa9C8HgB_eMAAA&S=AQAAAm7QTbHdvG_feHlIgJrrHRI
.rfihub.com/	1970-01-21 02:56:07	Name: rud Value: H4sIAAAAAAAA_-MSNrQ0NzcxNjKwNLU0MDcwszQyNBXiM9TN8io2MXeqjAj1S_MEALZEcSElAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNrQ0NzcxNjKwNLU0MDcwszQyNBXiM9TN8io2MXeqjAj1S_MEALZEcSElAAAA
.bidswitch.net/	1970-01-21 02:20:07	Name: tuuid Value: e4c98986-4935-4e2c-81ad-1277ae35b7c8
.everesttech.net/	1970-01-21 02:20:07	Name: everest_g_v2 Value: g_surferid~ZZ5GxQANa3_3ywBH
.dpm.demdex.net/	1970-01-20 21:53:43	Name: dpm Value: 53322250471015898253765920816962833592
.demdex.net/	1970-01-20 21:53:43	Name: demdex Value: 53322250471015898253765920816962833592
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129QhJzSotdQwNK_Aytcwy8Us2dsw1SG9iMTe2NDdJNTKy0E0yNkvWNTG0MNRNtEw00jU0Tky1TDI3MjCySLIyNDcwsTA3NDMy1DOzMLQwNTABAJmCnbVYAAAA
.rezync.com/	1970-01-21 02:56:07	Name: zync-uuid Value: 6d8a0413-1f53-4c47-a56b-2faae4f9720b:1704871622.052399
live.rezync.com/	1970-01-21 02:56:07	Name: sd-session-id Value: .eJwNylEOgyAMANC79FuWUgq1XMagQkI22SLuZ8a7z8-XvBOmT9631HI7IB77Nw-wvOqtDvGEXn9bfkIEqyLsCNUrCgYl6-EaoOfe67tNdb1PWMeEbJ2xxTvDC4tJPsyGSkqZiwrhHK0gj2ID0QM9OVW4_ocEJWI.ZZ5Gxg.tob6YgBLVZgeza_nfqmB6Jpz-so
.rlcdn.com/	1970-01-20 19:00:55	Name: pxrc Value: CMaN+awGEgYItuoBEAASBgi66gEQABIGCK/rARAB
.px.mountain.com/	1970-01-21 02:20:07	Name: tt Value: H4sIAAAAAAAAAKtWKlOyMqoFAP609q8HAAAA
.unrefugees.org/	1970-01-20 17:34:31	Name: _gat_UA-3754388-9 Value: 1
.c.bing.com/	1970-01-20 17:44:36	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:56:07	Name: SRM_B Value: 38C958F2C6DE6E7A0AAD4CF0C7E66FC7
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:56:07	Name: MUID Value: 38C958F2C6DE6E7A0AAD4CF0C7E66FC7
.c.clarity.ms/	1970-01-20 17:44:36	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 17:34:32	Name: ANONCHK Value: 0
.snapchat.com/	1970-01-21 02:56:07	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GyQ3AMAgEwIqQliOLlW6AyFW4eH8zr5nJb9IgcG6JXi1dpOz0p2yK7nM08GoiViotzq+4m146I0AAAAA=
.unrefugees.org/	1970-01-21 03:04:18	Name: _sctr Value: 1%7C1704816000000
.rfihub.com/	1970-01-21 02:56:07	Name: eud Value: H4sIAAAAAAAA_13SsWrCUBQGYBSblkqnrL5C5Jxzb-69cQtFkA4dtO2eSCgECi55AR8hY0bHjBkzOjo6Ojr6CE4d4_3Hj__wcw6c1xm_p8vNcvVVlFWVfv_sPuKk1J9blf7R7_qNLWln2QhbMc3oweSoA_fgE_gGvoPrse8DuAV34B7nJ74v4O7J9_nBWkx8Bd_Ad3ATDFbaUhv4-RF8Bl_AV8yfYR_w_sV3P_XvO079vA6tSqwuRFyUK7ONNDuOsiSTiFVWJLkVEpcvhpK5cexi0k04NIkhOvjmNoRLQvgEyP8BBI0QNYcCAAA
.adnxs.com/	1970-01-21 03:10:31	Name: XANDR_PANID Value: AH8go18ZuSvkezbtwkVZQelDX1RSRya8lzTbJDOUh3G5McPDeEJItmbHsITxD8ljzxxOV8nRvIF-6R4HnhYqOsk6jqUmqZMOuUG1fxQiCqw.
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 32fa5341156b06a5
.mediarithmics.com/	1970-01-21 02:20:07	Name: mics_vid Value: 67705016072
.mediarithmics.com/	1970-01-21 02:20:07	Name: mics_uaid Value: web:1:9edc3879-91b3-4947-b8ba-9f600ee5ae40
.mediarithmics.com/	1970-01-21 02:20:07	Name: mics_lts Value: 1704871625092
.rlcdn.com/	1970-01-21 02:20:07	Name: rlas3 Value: qvi+Znw+YIehgimPQD4fYuVozE0fQgHDleAM92SrcSE=

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://give.unrefugees.org/180117core_mainpg_p_3000/ Message: [.WebGL-0x2c6c02f38600]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://event.mrtnsvr.com/?adv=17114&cb=368656863&ref=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%2F&gtmcb=291441363 Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://storage.cloud.kargo.com/kds/configs/Kargo.json Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20669309p.rfihub.com
20826429p.rfihub.com
20826430p.rfihub.com
4647326.fls.doubleclick.net
a.rfihub.com
aa.agkn.com
ad.doubleclick.net
ad.ipredictive.com
adservice.google.com
analytics.google.com
app.dafwidget.com
atr.veritonicmetrics.com
bam.nr-data.net
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
c.bing.com
c.clarity.ms
c1.rfihub.net
cdn.plyr.io
cdn.unrefugees.org
cdn.veritonic.com
cm.g.doubleclick.net
code.jquery.com
collector-3219.tvsquared.com
connect.facebook.net
contextual.media.net
cookie-matching.mediarithmics.com
crb.kargo.com
d6tizftlrpuof.cloudfront.net
data.adxcel-ec2.com
dev.visualwebsiteoptimizer.com
dpm.demdex.net
dsum-sec.casalemedia.com
dx.mountain.com
event.mrtnsvr.com
evnt.byspotify.com
fonts.googleapis.com
fonts.gstatic.com
g1782759016.co
geotargetly-api-1.com
give.unrefugees.org
googleads.g.doubleclick.net
gs.mountain.com
h.online-metrix.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
js-agent.newrelic.com
js.ipredictive.com
kds-pixel.kargo.com
live.rezync.com
lyibja.unrefugees.org
p.rfihub.com
p.typekit.net
partners.tremorhub.com
pay.google.com
pixel.byspotify.com
pixel.quantserve.com
pixel.tapad.com
play.google.com
ps.eyeota.net
px.adentifi.com
px.mountain.com
r.clarity.ms
r.turn.com
rtb.adentifi.com
rules.quantcount.com
s.yimg.com
sc-static.net
secure.quantserve.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
storage.cloud.kargo.com
sync-tm.everesttech.net
t.paypal.com
tr.snapchat.com
tr6.snapchat.com
trkn.us
us-u.openx.net
use.typekit.net
w.usabilla.com
wam.solution.weborama.fr
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.sg
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.tp88trk.com
x.bidswitch.net
x.dlx.addthis.com
zrtzph916zvgipvk3klkyv5py6tfyw5ewhy76myw83c00fb72a213c0asac.d.aa.online-metrix.net
wam.solution.weborama.fr
zrtzph916zvgipvk3klkyv5py6tfyw5ewhy76myw83c00fb72a213c0asac.d.aa.online-metrix.net
103.229.10.192
103.43.90.117
104.18.36.155
104.27.195.88
104.83.196.24
106.10.236.146
106.10.236.40
107.23.165.60
13.107.21.200
13.107.213.59
13.224.250.23
13.32.27.28
13.32.27.54
13.33.100.219
13.33.33.78
13.33.88.73
13.35.14.254
142.251.10.113
142.251.175.149
142.251.175.157
142.251.175.92
151.101.1.21
151.101.130.49
151.101.2.137
151.101.65.35
151.101.66.137
157.240.15.13
157.240.7.35
162.247.243.29
172.217.194.155
172.217.194.94
172.253.118.95
18.176.187.153
192.225.158.1
192.229.232.89
198.8.71.131
20.119.174.243
20.205.115.81
216.239.32.181
23.207.181.216
23.209.46.10
23.209.46.79
23.62.212.15
3.0.109.64
3.213.62.40
3.230.219.56
34.111.113.62
34.111.186.1
34.117.162.98
34.117.209.158
34.117.96.99
34.193.172.55
34.96.102.137
34.98.64.218
35.190.43.134
35.190.72.228
35.213.12.39
35.227.237.181
35.244.154.8
35.81.162.201
35.85.84.151
44.213.136.134
44.229.92.118
44.235.191.156
44.240.141.244
44.242.13.184
50.116.239.135
50.18.149.54
52.18.38.135
52.2.178.78
52.25.243.35
52.40.168.36
52.41.104.95
54.192.150.71
54.249.27.149
54.251.140.206
54.36.150.185
54.69.255.140
64.233.170.154
67.199.150.86
74.125.130.101
74.125.130.156
74.125.130.97
74.125.24.105
74.125.24.154
74.125.24.94
74.125.68.149
74.125.68.94
96.17.96.29
063246c58c78997fa59c4ca4b09e4151c14baeee6e2865e2e2363ded621a3e04
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09ee16c6f3b0151e3ebe54947c050b97409fa22acf9aac74334b4cf3a4504402
09f16e78ea0ea8f73670ef3f8fc0ae50d03756c2241f1b8a11bbfdba8f44d256
0bc354eed79a5fed73692a5866e0a848e9eaf7111ecfabb50e40aed343f502bb
0e3110d75d3617b90426d7f9adec14a43968f4fbb8063f25c10dacd80c7b4b39
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f0558ede1e4c3ec700e0c2220185ccc70931690ad1915f5774891cf587a5443
111f96ceeeb374dce4a178a719d2c1a18ee2d01921025345ed93a29a1f7af221
121c08aa32d56feaf1e2a15f735b9d20d34ff00ed6afa8b21839de50e0b3f233
12ee7f21bdcb2a3c6ce590fc7f253fb15ae3af0ac86ce5ed6896f6c89964268c
1356525a47387ae2facc8e15a0f3b4af9c88abeec954cdc01a0bf333a0e96349
149a8bc27efaf28b0d261ef6dcd079b4019f233404403aecdefd8bf2f8730423
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
192c4df056a2a86da1850775fa915d06b2ce2cd3e84a468d355209a615bb34d0
1b1e54380b8b8e45010115f3d0f7caad60ca0f34be8bee3e11e11727cc64d49f
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e3b8eb71a2c62b756a0fe39d6300910f8b48ed472d50a3cdaeefdcf62bac1bd
1ecf817dbcfacecb3235825e2058688365a7c42c9bea9489d402c382c456a8f7
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
20c0114a672ac0b5b31a1c0100543a2306bf389816ab20774b66e8f7b30fb60c
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
273002c60ff85b572781bf57fe5a16c2ed6c52973f745c3b821da1cd21dc61f1
2a3323e171be680f989a11abfc0b8a73618c6b66f58ea011c3bf8092d82f80c8
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dce3682d03e9ce280c04af0c75711ea19718cb7dcc5d8fe78fe0cee7164ed41
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f61f967f0f19fe63c743f330f862db14d88fcc7e09eae7d22998e87a4e97749
322375ccd30656b6c3b462fd5a594e5b81d19818e4f994e5a1f222bd2d201cb3
367bfe6624fd43bfc66ab68fe8ca0960120486b21adebd23b05ad85d05375af8
38c9c1413e17c7a5ee87095bdb4cad0da069451ee937cb801c8f37f2c734644f
394e68bb96ac874b1a9f9b39286a16349ab781c8513ce632ce5c7ba8bb2ba0ab
3cd854806809b430cf2a895390bfac5b1ff996643f6e9bb55abb7a36a1e33fc3
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4505833e7a3c374c74dfb3a5a829f62598032713b3521e1137f8e0fd7399e3aa
458ee255c6d13348f36f7ea70ae12bc6810e7ab5ae56f92fa4aabb4752ab32e1
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
465ecd3c27cf42a3309af6bda6e2b8c4b9cb7a78788908904e0d6761a2c3102a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
470fcaf54282eb95b042afde8ec10b0bc01d772f6a697815e53e146dadc0311a
480757989054b1d20e83c1da0e71993fec48492dd5bb6081885f0654e2552faa
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50bfd91bb65762023b74efba030d3212fef8f6261707ba8edb9e4b28d13bb5ed
53b492f729960ead9c5779dc772534e0f00e2dcdbd1687a0d236af95417549b5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
589021bd4abd0d6c7e0848edb41abe88e0da8f30b8346ce0946a98c1964fcc8a
5c3b7d893de324e949b760db1406424f87425597516760d0e6c46fc6dc190c15
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5fd02602839f10db9b16c0765cef41d103b484a1d639d0ed417d91e18cd27751
62c0466b6e78094d8bb9b9fb50f13f3eb39e3be88dce7663ecfbcabde18b64bc
64d852cd69b7e4bfc5e4e5a1b6f1bd47c0f74f1f8ed8c6bd162871a899ef5592
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
67907ba1c747d97bedea8f75096503111143004f8e369c46f55e36f8d73a7dc2
68077e8a64152d634eeccdf5cc41207956497ba2a093e4ae618ea89ea834f728
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6bfbae61daf6218548d35bd824d5299e6f0517f156050c302ddd83fa0e8abdc8
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
73772a71fac175a7d4e7b93f10b764d31e9d8bf0cc0350096c9b09052df599fa
73ef385046533349dbdb6264bfdb814819b44a3a7ddeedf7611db7d55f567c7c
74e2b289e3723bdbb00011d16216dece7e2143b8aee51c19e325dcf9be1133fd
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
799d9b1fabf5266a370ae99f608c90991a86caf7e6ccf3de05255f6874078f91
7c707b4d486575fcdf35497e30073fd70f0a9ea072e4ca1ca724da7fbab22a9b
7ecd7bbf65a77f015cdc970c9e228a709ac1cbf0e56512d6616b7c8a5c9333e3
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f2e256cb560023d729b4581ba94e88cedce352fc2cbcbb60e3232a5859d4793
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837d965f6a5dc4be06e74a50285fd304af0c8a70d857aab1f4595b0bbaa08071
8608c7129a24079dd332403d0aef583dcefdf0bfc02914d626a6559a3ac049ad
8672826b4bfe9c375e14db73384de562eb023c2b7ce6fb458142bbfb6093fe35
8c7cd7f2b28c9e2e3efdcc0efbf24c8a9e722464c9347a41f7663db3f412f8e7
90b232dae4b3477832ee21493d7558ace8cf6e9b8bc97f9c552f301da013f1da
922921392a5b02b2585b82ad1efba1600596b8a50f58b17d7d6e56a7c4a036e7
954410601a823f37e219f7930b7446f86afa15621326a7078d56fb9c910135cb
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
97880bcd7fcc199a008ea736ab008f7f92e9cf6c0addc2afb6c92b3e70d9c9a5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98c633b9dcc18c1f957191f2704f46525ab7c6be5c15f08c4e8dc3ba16488522
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b9c0898e129c8c18b79f176435c368cecfe30a903797c9feba7a82ee19902bd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a57a7d44b28768cc4e8a0491b150283b0524224c0177f117441c1da2ef840684
a6aea90164a685a02afe0e574bb4c668c83a4b6cdff9ab4b09b0ecbd53e4fd66
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce
af42292454173d092a79b1975e419d92f78fc827771cd9c145cf4def1fbde838
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b232b740e35e175a9a671a7695fc317efc0d86304efd2733f0f8d70105c744c9
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b3d12dd3994a7bc913d4101a9cb504ad628972234aabe749ee8c39f7ffb2d713
b5d2d26b6ad7e80a51b7ac6e808a6de3b09969a85918bf016f374cbde728e61d
b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7
ba2ecd1923f59d3c6fc4b0b0c14f145208d1bfef21d4cf226ff4d058e1188e0d
bd0f581c676be109e4886cdf44ce4f2ca6e24ff0cac5c706e0de4b0be59ec9c9
bdea39ff0aaefeb286939cb448721dd04ba163b068146c411304d5afd9238555
be381e4dd3d87fb47e23748de8a7701caf1da337d458fadbce7325e66c82a08b
c39cdceba8ffcac02a50091ccc8e8170850f1a138d5a2dfae311619dd632b76a
c63a5162d2cd0e76b4d04be3cf3f71bad58f6a4bc8b73d7dd72b647502213218
c66b7e03bcee850f749dbb96fcddad1f21bad2c8a7264537b88a102b4e275840
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cc0a16b9cc4dc240bcecf6d80b11432787e455e26e7463872da2c343b21976c0
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d941abaa1c3e1a6da66e5a4eb0ba6a5e52c910591fc656e5de987e6a96e3a9c4
d9d55e54f3e18867082c4f8d7751bdce6beebb8e77fcd84bd1719b4ae7fe2d45
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df27560e9b6c231480a8661b4c76e1b73d35f691528fbe3bdff3ba2cdc7e24ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f
e82a396725669578ed103cfd44c82ecf642c6bbf27ccc706671a3ac214398480
e9027cbc9f2efbff37e09740f41c16a1ffd89eae8f1555f6a5955d3198d9c31d
e9237b7cbf52841699a220eac1d5830b38b89740b3d5e64421610a480ffb8d50
e97405925dab56a870e5827a77ef6b38b3c5f5ae2d9532c5abf22c5bd553d431
eb7e68073ee5ed998d26671859e008697e757f3276759a8ec173e5a62d34a404
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19a35ad572d95f099949885daab3afd9f3d3f45cd9ad917ccdb60f953d767c9
f19cc290fd41fdec38c7716a5cba8c52d04bab97e1f2b0febee657eabdd23c16
f1b1f868f0cefc8cfc07aee8dabc332a9b75adde18bd2f93335116c0f5254836
f705ee532673bd6d4764f8b5ded7db656af52dad6c4d8483bc08d6728ee17b35
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
fd601ce33489ba6e895aa416ba26cac8ad54f92eea59e1037f7c08d86e4fc2b9
fd8226264cfd611c285f0ad0155bbfcaddc31b03ebdb8442431146379e4340b6

give.unrefugees.org Open in urlscan Pro 44.240.141.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

252 Requests

86 %HTTPS

0 %IPv6

67 Domains

97 Subdomains

83 IPs

8 Countries

3445 kBTransfer

8572 kBSize

91 Cookies

4 Outgoing links

Page URL History

Redirected requests

252 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

give.unrefugees.org Open in urlscan Pro
44.240.141.244 Public Scan

Screenshot
Live screenshot

Full Image

252
Requests

86 %
HTTPS

0 %
IPv6

67
Domains

97
Subdomains

83
IPs

8
Countries

3445 kB
Transfer

8572 kB
Size

91
Cookies

252 HTTP transactions
0 data transactions