give.unrefugees.org Open in urlscan Pro
50.112.255.85 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.e.unrefugees.org/?qs=dde8a3aaf931838f748f1b80ab91729e38942ea83f5b449a46716eee8d1463bbfc583e7886834ac93ba27c1a2c9b...
Effective URL:
https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_...
Submission: On September 30 via manual (September 30th 2023, 1:31:48 pm UTC) from US — Scanned from DE

Summary HTTP 243 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 81 IPs in 5 countries across 64 domains to perform 243 HTTP transactions. The main IP is 50.112.255.85, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is give.unrefugees.org.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 8th 2023. Valid for: 10 months.

This is the only time give.unrefugees.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.228.216 13.111.228.216	14340 (SALESFORCE) (SALESFORCE)
12	50.112.255.85 50.112.255.85	16509 (AMAZON-02) (AMAZON-02)
6	2a02:26f0:480... 2a02:26f0:480:f::213:7ece	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	18.238.243.61 18.238.243.61	16509 (AMAZON-02) (AMAZON-02)
1 3	184.72.142.242 184.72.142.242	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	2606:4700:21:... 2606:4700:21::681b:c258	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
11	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:400c:c02::5c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
7	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.192.87.248 54.192.87.248	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	34.252.16.51 34.252.16.51	16509 (AMAZON-02) (AMAZON-02)
1	35.190.72.228 35.190.72.228	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:7... 2600:1901:0:7d2::	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:8... 2600:1901:0:807d::	15169 (GOOGLE) (GOOGLE)
1	18.66.112.72 18.66.112.72	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:238... 2600:9000:238d:3200:1e:549f:95c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.117.162.98 34.117.162.98	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	44.209.137.118 44.209.137.118	14618 (AMAZON-AES) (AMAZON-AES)
2 2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2 4	52.44.225.134 52.44.225.134	14618 (AMAZON-AES) (AMAZON-AES)
3	52.204.83.105 52.204.83.105	14618 (AMAZON-AES) (AMAZON-AES)
1	35.227.237.181 35.227.237.181	15169 (GOOGLE) (GOOGLE)
1	44.210.179.130 44.210.179.130	14618 (AMAZON-AES) (AMAZON-AES)
1	44.194.80.38 44.194.80.38	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	34.232.205.165 34.232.205.165	14618 (AMAZON-AES) (AMAZON-AES)
2	34.111.186.1 34.111.186.1	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
9	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	52.22.50.55 52.22.50.55	14618 (AMAZON-AES) (AMAZON-AES)
1	52.25.243.35 52.25.243.35	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	23.96.124.68 23.96.124.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:20b... 2600:9000:20b4:9e00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
2	23.48.23.59 23.48.23.59	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
13 19	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1	2600:9000:223... 2600:9000:223c:2600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
12 12	18.239.83.23 18.239.83.23	16509 (AMAZON-02) (AMAZON-02)
9	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 3	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 5	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
3 6	99.80.170.99 99.80.170.99	16509 (AMAZON-02) (AMAZON-02)
3	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	3.121.27.153 3.121.27.153	16509 (AMAZON-02) (AMAZON-02)
3	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
3	44.194.131.144 44.194.131.144	14618 (AMAZON-AES) (AMAZON-AES)
1 4	2606:4700::68... 2606:4700::6812:1bc1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2600:1f18:612... 2600:1f18:612b:4264:76d7:ab8c:aa2f:d2d0	14618 (AMAZON-AES) (AMAZON-AES)
3	35.157.166.55 35.157.166.55	16509 (AMAZON-02) (AMAZON-02)
3	34.250.62.135 34.250.62.135	16509 (AMAZON-02) (AMAZON-02)
3	52.59.55.175 52.59.55.175	16509 (AMAZON-02) (AMAZON-02)
6 6	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2	52.37.218.4 52.37.218.4	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	3.76.141.3 3.76.141.3	16509 (AMAZON-02) (AMAZON-02)
1	34.212.4.35 34.212.4.35	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	54.246.176.32 54.246.176.32	16509 (AMAZON-02) (AMAZON-02)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
1	18.239.15.45 18.239.15.45	16509 (AMAZON-02) (AMAZON-02)
243	81

1 13.111.228.216 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.e.unrefugees.org

click.e.unrefugees.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 50.112.255.85 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-255-85.us-west-2.compute.amazonaws.com

give.unrefugees.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:480:f::213:7ece (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.243.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-61.ams58.r.cloudfront.net

cdn.unrefugees.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.72.142.242 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-142-242.compute-1.amazonaws.com

app.dafwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:21::681b:c258 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c02::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.87.248 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-87-248.ams50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.16.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-16-51.eu-west-1.compute.amazonaws.com

collector-3219.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.228 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 228.72.190.35.bc.googleusercontent.com

www.tp88trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:7d2:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

g1782759016.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:807d:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

geotargetly-api-1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-72.fra56.r.cloudfront.net

js.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:238d:3200:1e:549f:95c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.veritonic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.162.98 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.162.117.34.bc.googleusercontent.com

pixel.byspotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.209.137.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-137-118.compute-1.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.44.225.134 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-225-134.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.204.83.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-83-105.compute-1.amazonaws.com

ad.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.237.181 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 181.237.227.35.bc.googleusercontent.com

event.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.210.179.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-179-130.compute-1.amazonaws.com

data.adxcel-ec2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.194.80.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-80-38.compute-1.amazonaws.com

px.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.232.205.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-205-165.compute-1.amazonaws.com

atr.veritonicmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.186.1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 1.186.111.34.bc.googleusercontent.com

evnt.byspotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.50.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-50-55.compute-1.amazonaws.com

52.22.50.55	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.25.243.35 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-243-35.us-west-2.compute.amazonaws.com

lyibja.unrefugees.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.96.124.68 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

s.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20b4:9e00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

4647326.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.48.23.59 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-59.deploy.static.akamaitechnologies.com

storage.cloud.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 193.0.160.130 (United States) 13 redirects

ASN54312 (ROCKETFUEL, US)

20669309p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
20826429p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
20826430p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:2600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.239.83.23 (United States) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-23.ams58.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.46 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.80.170.99 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-170-99.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.194.131.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-131-144.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:1bc1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:612b:4264:76d7:ab8c:aa2f:d2d0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.166.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-166-55.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.250.62.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-62-135.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.59.55.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-55-175.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.194.49 (United States) 6 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.37.218.4 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-218-4.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.76.141.3 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-141-3.eu-central-1.compute.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.212.4.35 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-4-35.us-west-2.compute.amazonaws.com

gs.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.176.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-176-32.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

zrtzph91zwopvrgnnhg365cyucmymk4wzagwzm7e0063a51f4472f6e4am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.15.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-15-45.ams58.r.cloudfront.net

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 11 pay.google.com — Cisco Umbrella Rank: 3915 adservice.google.com — Cisco Umbrella Rank: 182 region1.analytics.google.com — Cisco Umbrella Rank: 2225 play.google.com — Cisco Umbrella Rank: 85	450 KB
19	rfihub.com 13 redirects 20669309p.rfihub.com 20826429p.rfihub.com 20826430p.rfihub.com p.rfihub.com — Cisco Umbrella Rank: 1417 a.rfihub.com — Cisco Umbrella Rank: 4633	28 KB
17	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 4731 zrtzph91zwopvrgnnhg365cyucmymk4wzagwzm7e0063a51f4472f6e4am1.e.aa.online-metrix.net	111 KB
15	unrefugees.org 1 redirects click.e.unrefugees.org give.unrefugees.org cdn.unrefugees.org lyibja.unrefugees.org	875 KB
13	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 ad.doubleclick.net — Cisco Umbrella Rank: 180 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 4647326.fls.doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 329	6 KB
12	rezync.com 12 redirects live.rezync.com — Cisco Umbrella Rank: 2356	9 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	723 KB
9	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 719	302 B
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96 region1.google-analytics.com — Cisco Umbrella Rank: 1878	71 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1290 s.clarity.ms — Cisco Umbrella Rank: 11027 c.clarity.ms — Cisco Umbrella Rank: 2092	27 KB
8	paypal.com www.paypal.com — Cisco Umbrella Rank: 2955 t.paypal.com — Cisco Umbrella Rank: 3796	85 KB
7	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5551	72 KB
7	typekit.net use.typekit.net — Cisco Umbrella Rank: 1059 p.typekit.net — Cisco Umbrella Rank: 1428	177 KB
6	everesttech.net 6 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1237	1 KB
6	demdex.net 3 redirects dpm.demdex.net — Cisco Umbrella Rank: 319	5 KB
6	google.de www.google.de — Cisco Umbrella Rank: 3974	991 B
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 955	971 B
5	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 360	4 KB
4	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026	2 KB
4	trkn.us 2 redirects trkn.us — Cisco Umbrella Rank: 3830	3 KB
4	mountain.com dx.mountain.com — Cisco Umbrella Rank: 8324 px.mountain.com — Cisco Umbrella Rank: 8868 gs.mountain.com — Cisco Umbrella Rank: 15037	9 KB
4	ipredictive.com js.ipredictive.com — Cisco Umbrella Rank: 31348 ad.ipredictive.com — Cisco Umbrella Rank: 8897	4 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 691 c.bing.com — Cisco Umbrella Rank: 481	16 KB
3	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2603	33 KB
3	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 614	436 B
3	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 1035	1012 B
3	agkn.com aa.agkn.com — Cisco Umbrella Rank: 936	1 KB
3	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 2071	523 B
3	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 2843	546 B
3	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 2888	325 B
3	media.net contextual.media.net — Cisco Umbrella Rank: 1062	2 KB
3	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1620	1 KB
3	openx.net us-u.openx.net — Cisco Umbrella Rank: 863	485 B
3	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 1547	972 B
3	kargo.com storage.cloud.kargo.com — Cisco Umbrella Rank: 8009 crb.kargo.com — Cisco Umbrella Rank: 2259 kds-pixel.kargo.com Failed	6 KB
3	byspotify.com pixel.byspotify.com — Cisco Umbrella Rank: 25552 evnt.byspotify.com — Cisco Umbrella Rank: 24382	6 KB
3	g1782759016.co g1782759016.co	514 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	200 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	288 KB
3	dafwidget.com 1 redirects app.dafwidget.com	4 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1803 pixel.quantserve.com — Cisco Umbrella Rank: 1594	10 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	216 B
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1943	710 B
2	veritonicmetrics.com atr.veritonicmetrics.com — Cisco Umbrella Rank: 20843	133 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 814	7 KB
1	cloudfront.net d6tizftlrpuof.cloudfront.net	2 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 460	619 B
1	usabilla.com w.usabilla.com — Cisco Umbrella Rank: 5367	11 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 969	15 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1617	1 KB
1	turn.com r.turn.com — Cisco Umbrella Rank: 6191	398 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 7912	6 KB
1	adentifi.com px.adentifi.com — Cisco Umbrella Rank: 14587	35 B
1	adxcel-ec2.com data.adxcel-ec2.com — Cisco Umbrella Rank: 6373	131 B
1	mrtnsvr.com event.mrtnsvr.com — Cisco Umbrella Rank: 84979
1	veritonic.com cdn.veritonic.com — Cisco Umbrella Rank: 70942	2 KB
1	geotargetly-api-1.com geotargetly-api-1.com — Cisco Umbrella Rank: 113531	631 B
1	tp88trk.com www.tp88trk.com — Cisco Umbrella Rank: 38431	19 KB
1	tvsquared.com collector-3219.tvsquared.com	190 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 178	2 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1100	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	900 B
1	plyr.io cdn.plyr.io — Cisco Umbrella Rank: 14878	32 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1243	30 KB
243	64

	Domain	Requested by
16	h.online-metrix.net	give.unrefugees.org h.online-metrix.net
12	play.google.com	www.gstatic.com
12	p.rfihub.com	9 redirects give.unrefugees.org
12	live.rezync.com	12 redirects
12	give.unrefugees.org	give.unrefugees.org
9	idsync.rlcdn.com	give.unrefugees.org
9	www.gstatic.com	www.google.com pay.google.com www.gstatic.com
9	www.google.com	1 redirects give.unrefugees.org www.gstatic.com www.google.com
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
7	dev.visualwebsiteoptimizer.com	give.unrefugees.org dev.visualwebsiteoptimizer.com
6	sync-tm.everesttech.net	6 redirects
6	dpm.demdex.net	3 redirects give.unrefugees.org
6	www.google.de	give.unrefugees.org
6	www.paypal.com	give.unrefugees.org www.paypal.com www.paypalobjects.com
6	use.typekit.net	give.unrefugees.org use.typekit.net
5	tr.snapchat.com	sc-static.net
5	ib.adnxs.com	2 redirects give.unrefugees.org
4	dsum-sec.casalemedia.com	1 redirects give.unrefugees.org
4	s.clarity.ms	www.clarity.ms
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
4	trkn.us	2 redirects give.unrefugees.org
4	pay.google.com	give.unrefugees.org pay.google.com www.gstatic.com
3	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
3	x.bidswitch.net	give.unrefugees.org
3	beacon.krxd.net	give.unrefugees.org
3	aa.agkn.com	give.unrefugees.org
3	partners.tremorhub.com	give.unrefugees.org
3	x.dlx.addthis.com	give.unrefugees.org
3	bpi.rtactivate.com	give.unrefugees.org
3	contextual.media.net	give.unrefugees.org
3	ps.eyeota.net	give.unrefugees.org
3	us-u.openx.net	give.unrefugees.org
3	image2.pubmatic.com	give.unrefugees.org
3	a.rfihub.com	3 redirects
3	cm.g.doubleclick.net	3 redirects
3	ad.ipredictive.com	give.unrefugees.org js.ipredictive.com
3	g1782759016.co	give.unrefugees.org
3	connect.facebook.net	give.unrefugees.org connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com give.unrefugees.org
3	www.googletagmanager.com	give.unrefugees.org www.googletagmanager.com
3	app.dafwidget.com	1 redirects give.unrefugees.org app.dafwidget.com
2	c.clarity.ms	1 redirects
2	t.paypal.com	give.unrefugees.org
2	px.mountain.com	dx.mountain.com give.unrefugees.org
2	20826429p.rfihub.com	c1.rfihub.net
2	storage.cloud.kargo.com	www.googletagmanager.com storage.cloud.kargo.com
2	4647326.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.facebook.com	give.unrefugees.org
2	sp.analytics.yahoo.com	give.unrefugees.org
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	evnt.byspotify.com	pixel.byspotify.com
2	atr.veritonicmetrics.com	cdn.veritonic.com
2	adservice.google.com	give.unrefugees.org 4647326.fls.doubleclick.net
2	ad.doubleclick.net	2 redirects
2	s.yimg.com	give.unrefugees.org s.yimg.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
1	d6tizftlrpuof.cloudfront.net	give.unrefugees.org
1	zrtzph91zwopvrgnnhg365cyucmymk4wzagwzm7e0063a51f4472f6e4am1.e.aa.online-metrix.net
1	bam.nr-data.net	js-agent.newrelic.com
1	w.usabilla.com	give.unrefugees.org
1	c.bing.com	1 redirects
1	js-agent.newrelic.com	give.unrefugees.org
1	gs.mountain.com	give.unrefugees.org
1	crb.kargo.com	storage.cloud.kargo.com
1	pixel.quantserve.com	give.unrefugees.org
1	rules.quantcount.com	secure.quantserve.com
1	20826430p.rfihub.com	c1.rfihub.net
1	r.turn.com	give.unrefugees.org
1	20669309p.rfihub.com	1 redirects
1	secure.quantserve.com	give.unrefugees.org
1	c1.rfihub.net	give.unrefugees.org
1	lyibja.unrefugees.org	connect.facebook.net
1	region1.analytics.google.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	px.adentifi.com	give.unrefugees.org
1	data.adxcel-ec2.com	give.unrefugees.org
1	event.mrtnsvr.com	give.unrefugees.org
1	dx.mountain.com	give.unrefugees.org
1	pixel.byspotify.com	give.unrefugees.org
1	cdn.veritonic.com	give.unrefugees.org
1	js.ipredictive.com	www.googletagmanager.com
1	geotargetly-api-1.com	give.unrefugees.org
1	www.tp88trk.com	www.googletagmanager.com
1	collector-3219.tvsquared.com	give.unrefugees.org
1	www.googleadservices.com	www.googletagmanager.com
1	sc-static.net	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	give.unrefugees.org
1	p.typekit.net	use.typekit.net
1	cdn.plyr.io	give.unrefugees.org
1	code.jquery.com	give.unrefugees.org
1	cdn.unrefugees.org	give.unrefugees.org
1	click.e.unrefugees.org	1 redirects
0	kds-pixel.kargo.com Failed	storage.cloud.kargo.com
243	94

This site contains links to these domains. Also see Links.

Domain
dafwidget.com
www.unrefugees.org

Subject Issuer	Validity	Valid
unrefugees.org Amazon RSA 2048 M01	`2023-02-08` - `2023-12-06`	10 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-01-09` - `2024-01-23`	a year	crt.sh
*.unrefugees.org Amazon RSA 2048 M01	`2023-04-06` - `2024-05-04`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
cdn.plyr.io Cloudflare Inc ECC CA-3	`2023-04-12` - `2024-04-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-08-19` - `2023-12-10`	4 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-09` - `2023-10-07`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-09-25` - `2023-11-15`	2 months	crt.sh
*.tvsquared.com Amazon RSA 2048 M02	`2023-07-02` - `2024-07-30`	a year	crt.sh
tp88trk.com Starfield Secure Certificate Authority - G2	`2022-12-17` - `2024-01-18`	a year	crt.sh
g1782759016.co GTS CA 1D4	`2023-08-13` - `2023-11-11`	3 months	crt.sh
geotargetly-api-1.com GTS CA 1D4	`2023-08-15` - `2023-11-13`	3 months	crt.sh
*.ipredictive.com Amazon RSA 2048 M02	`2023-03-14` - `2024-04-11`	a year	crt.sh
cdn.veritonic.com Amazon RSA 2048 M03	`2023-08-25` - `2024-09-22`	a year	crt.sh
pixel.byspotify.com GTS CA 1D4	`2023-09-10` - `2023-12-09`	3 months	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2023-06-12` - `2024-06-23`	a year	crt.sh
event.mrtnsvr.com GTS CA 1D4	`2023-09-19` - `2023-12-18`	3 months	crt.sh
adxcel-ec2.com Amazon RSA 2048 M01	`2023-09-18` - `2024-10-17`	a year	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.imarketsmart.com Amazon RSA 2048 M02	`2023-01-25` - `2024-02-23`	a year	crt.sh
*.veritonicmetrics.com Amazon RSA 2048 M01	`2023-04-20` - `2024-05-18`	a year	crt.sh
prfx.byspotify.com GTS CA 1D4	`2023-09-14` - `2023-12-13`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-30` - `2023-11-22`	6 months	crt.sh
52.22.50.55 Sectigo RSA Domain Validation Secure Server CA	`2023-02-14` - `2024-02-14`	a year	crt.sh
lyibja.unrefugees.org R3	`2023-08-25` - `2023-11-23`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.rfihub.net Amazon RSA 2048 M01	`2023-02-24` - `2023-12-29`	10 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
kargo.com R3	`2023-08-01` - `2023-10-30`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-27` - `2024-04-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.prod.euc1.green.ops.kargo.com Amazon RSA 2048 M01	`2022-11-13` - `2023-12-12`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
w.usabilla.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-09`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-06-14` - `2024-07-01`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Frame ID: 1DF8BA22F3BE61A2AE2A4AF08308F39A
Requests: 132 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgive.unrefugees.org&mid=
Frame ID: 23834541CB0DC3F4DD09C9630EB410CF
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=de&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=normal&cb=mhfj075piik0
Frame ID: F76B2C5EF02E46F52DF74910E6DB709D
Requests: 4 HTTP requests in this frame

Frame: https://ad.ipredictive.com/d/track/event?upid=101374&cache_buster=1696080698&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&val=undefined&tn=undefined&itms=undefined
Frame ID: E3A3FAB1BB4712A30C92F168528F0A68
Requests: 1 HTTP requests in this frame

Frame: https://4647326.fls.doubleclick.net/activityi;dc_pre=CKCH6fy40oEDFUHMsgodAfQKmg;src=4647326;type=unrefcms;cat=donfvis;ord=5107808394185;auiddc=814318793.1696080699;u3=undefined;u2=undefined;gtm=45He39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU
Frame ID: 92317CA5C5EE7233CDDAADAE07077004
Requests: 2 HTTP requests in this frame

Frame: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&pf=&ra=48672908358589684
Frame ID: 540D4179628EF40ADFFBCE8BCF152B16
Requests: 18 HTTP requests in this frame

Frame: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&pf=&ra=017298484225413135
Frame ID: BBCA89370F33610D4CAA0E47F280C6C5
Requests: 18 HTTP requests in this frame

Frame: https://20826430p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826430&_o=9587&_t=20826430&pe=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&pf=&ra=19752875454816254
Frame ID: 523F678833B86B3DE2E3C40F4756A318
Requests: 18 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=pxZcVU8Dk73FyvFvdCgp2MSG&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm
Frame ID: D2A3EB5C5B7B1C32FCEF5CE4F8BC2419
Requests: 3 HTTP requests in this frame

Frame: https://crb.kargo.com/api/v1/initsync/cd63b94d-2c93-482d-8d17-921e6d8d189f?partners=Tapad&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: 7801379D8FB4888D8CDC0B3AD78B450A
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 8E284EF2C055D40C86961FB1E1F89EDD
Requests: 3 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/check.js;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4&jb=35392e24687b6f753d556b6c666d7f73246a71673d5f696e6c6d777b273a3033322668716277354368706f6d6d24687b623d436a706d6f672d323231333f
Frame ID: 9159BF4BC5EC3AF089AAC03B43722759
Requests: 10 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=cda0845c-e241-4b98-8d4b-abdc76d31d9d&u_scsid=ba8237a3-6c4b-4ba3-93af-60c8b7ff6904&u_sclid=1482890d-875d-4b91-88a1-d9397494eab8
Frame ID: 1275D991386F241E62EA24C3D9838531
Requests: 1 HTTP requests in this frame

Frame: https://w.usabilla.com/fa5b33ed7c80.js?lv=1
Frame ID: C710DBC0D143C902BA2B28FBEB619044
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4
Frame ID: 8C057DB7E8E36F67BDAFA17886186F2C
Requests: 3 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4
Frame ID: 01FC52F6899DC8AAAF82214A6070A832
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/top_fp.html;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4
Frame ID: BBBF27F3752A955B67BF82068A3E26EC
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/unhcr-button-ca8fba580979f02c2694fa49ed8ef52a.png
Frame ID: 6975A567580E54E57C5B5868B0DE9427
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Help Refugees Today | USA for UNHCR

Page URL History Show full URLs

https://click.e.unrefugees.org/?qs=dde8a3aaf931838f748f1b80ab91729e38942ea83f5b449a46716eee8d1463bbfc583e78... HTTP 302
https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_so... Page URL

Detected technologies

Plyr (Video players) Expand

Overall confidence: 100%
Detected patterns

https://cdn\.plyr\.io/([0-9.]+)/.+\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

243
Requests

88 %
HTTPS

35 %
IPv6

64
Domains

94
Subdomains

81
IPs

5
Countries

3350 kB
Transfer

8384 kB
Size

76
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://dafwidget.com/terms-and-privacy-policy/?SF_monthly=701Rf000001uWrOIAU&SF_onetime=701Rf000001uv4nIAA&utm_medium=email&utm_source=u4u-appeal
Title: Terms of Service and Privacy Policy

Search URL Search Domain Scan URL

URL: https://dafwidget.com/add-a-new-fund-to-the-dafwidget/?SF_monthly=701Rf000001uWrOIAU&SF_onetime=701Rf000001uv4nIAA&utm_medium=email&utm_source=u4u-appeal
Title: Don't see your fund? Let us know.

Search URL Search Domain Scan URL

URL: https://www.unrefugees.org/privacy-policy/?SF_monthly=701Rf000001uWrOIAU&SF_onetime=701Rf000001uv4nIAA&utm_medium=email&utm_source=u4u-appeal
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.unrefugees.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.e.unrefugees.org/?qs=dde8a3aaf931838f748f1b80ab91729e38942ea83f5b449a46716eee8d1463bbfc583e7886834ac93ba27c1a2c9bcf590193df0511a361df HTTP 302
https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://app.dafwidget.com/api/js/source.js HTTP 301
https://app.dafwidget.com/public/embed.js

Request Chain 48

https://ad.doubleclick.net/ddm/activity/src=4269937;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=4269937;dc_pre=CLuUvvy40oEDFWRQHgId4g4MjA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=4269937;dc_pre=CLuUvvy40oEDFWRQHgId4g4MjA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 49

https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=866781582 HTTP 302
https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=866781582;ip=138.199.38.132;cuidchk=1

Request Chain 50

https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=730729297 HTTP 302
https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=730729297;ip=138.199.38.132;cuidchk=1

Request Chain 63

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10934040069/?random=2015809597&cv=11&fst=1696080698617&bg=ffffff&guid=ON&async=1&gtm=45He39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&tiba=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&value=0&auid=814318793.1696080699&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=OiMYZayCKIyT7_UPuqON4AM&sscte=1&crd=&eitems=ChEI8I7fqAYQ27C0-eD_3-2DARIdACkIFqAGBNQENRsbbbW8PS4Ev4chsuthaaW8a_Q&pscrd=Ek5DaEVJOEk3ZnFBWVFrZjNSZ3FfZXRaU2tBUklsQUl6TjFtXzhNbmZQNEZINzZteWdrbGwtdU5WUjVYRnQyTFdVMnpYOHFidTJlcUxzRWcaV0NoQUk4STdmcUFZUXVmNmh2YnVQN3VKa0VpMEF5REljb0dxaWs1dWpDOGc4cFU5MzdQbzdaY3RpX3ZwbHNhVkNPaU5Jd3Y5WkU3a21PTHJldWVsWFloUSITCKyHt_y40oEDFYzJuwgdulEDPA HTTP 302
https://www.google.com/pagead/1p-conversion/10934040069/?random=2015809597&cv=11&fst=1696080698617&bg=ffffff&guid=ON&async=1&gtm=45He39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&tiba=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&value=0&auid=814318793.1696080699&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEk3ZnFBWVFrZjNSZ3FfZXRaU2tBUklsQUl6TjFtXzhNbmZQNEZINzZteWdrbGwtdU5WUjVYRnQyTFdVMnpYOHFidTJlcUxzRWcaV0NoQUk4STdmcUFZUXVmNmh2YnVQN3VKa0VpMEF5REljb0dxaWs1dWpDOGc4cFU5MzdQbzdaY3RpX3ZwbHNhVkNPaU5Jd3Y5WkU3a21PTHJldWVsWFloUSITCKyHt_y40oEDFYzJuwgdulEDPA&is_vtc=1&ocp_id=OiMYZayCKIyT7_UPuqON4AM&cid=CAQSKQDICaaNpdKC7MLNWTMGxYhHCSzLFcl-BnvPNubrxVEdmYxvmByFoX-e&eitems=ChEI8I7fqAYQ27C0-eD_3-2DARIdACkIFqBwa0FV-aJ09XYXsKt1mMDz-SCih88JjUc&random=3505249891 HTTP 302
https://www.google.de/pagead/1p-conversion/10934040069/?random=2015809597&cv=11&fst=1696080698617&bg=ffffff&guid=ON&async=1&gtm=45He39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&tiba=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&value=0&auid=814318793.1696080699&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEk3ZnFBWVFrZjNSZ3FfZXRaU2tBUklsQUl6TjFtXzhNbmZQNEZINzZteWdrbGwtdU5WUjVYRnQyTFdVMnpYOHFidTJlcUxzRWcaV0NoQUk4STdmcUFZUXVmNmh2YnVQN3VKa0VpMEF5REljb0dxaWs1dWpDOGc4cFU5MzdQbzdaY3RpX3ZwbHNhVkNPaU5Jd3Y5WkU3a21PTHJldWVsWFloUSITCKyHt_y40oEDFYzJuwgdulEDPA&is_vtc=1&ocp_id=OiMYZayCKIyT7_UPuqON4AM&cid=CAQSKQDICaaNpdKC7MLNWTMGxYhHCSzLFcl-BnvPNubrxVEdmYxvmByFoX-e&eitems=ChEI8I7fqAYQ27C0-eD_3-2DARIdACkIFqBwa0FV-aJ09XYXsKt1mMDz-SCih88JjUc&random=3505249891&ipr=y&ezwbk=AZuM4hBQUUhxdzk3X0ryIEEXeO2LHcMHNYVtioqTX5vwM9gx1FCxPrC8RqdbYMVnCUvWGW6d-vsZyX0kSgpxm8TlzS14

Request Chain 103

https://4647326.fls.doubleclick.net/activityi;src=4647326;type=unrefcms;cat=donfvis;ord=5107808394185;auiddc=814318793.1696080699;u3=undefined;u2=undefined;gtm=45He39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU HTTP 302
https://4647326.fls.doubleclick.net/activityi;dc_pre=CKCH6fy40oEDFUHMsgodAfQKmg;src=4647326;type=unrefcms;cat=donfvis;ord=5107808394185;auiddc=814318793.1696080699;u3=undefined;u2=undefined;gtm=45He39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU

Request Chain 107

https://20669309p.rfihub.com/ca.gif?rb=9587&ca=20669309&ra=16453187 HTTP 302
https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=

Request Chain 119

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084927473441258&referrer=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=223d25ba-4aa0-4cfb-bf44-a0e6fec8e62f%3A1696080699.6841314&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D223d25ba-4aa0-4cfb-bf44-a0e6fec8e62f%253A1696080699.6841314%26_%3D1696080699.685452&cb=1696080699.6854794 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D223d25ba-4aa0-4cfb-bf44-a0e6fec8e62f%253A1696080699.6841314%26_%3D1696080699.685452 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=223d25ba-4aa0-4cfb-bf44-a0e6fec8e62f%3A1696080699.6841314&_=1696080699.685452

Request Chain 120

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyNzQ3MzQ0MTI1OA==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEIrlYTo1Nswg98qAKwI5sRs&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=f3f96dbb-ab4e-4a60-b682-4c237ebd7631%3A1696080699.7854662&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Df3f96dbb-ab4e-4a60-b682-4c237ebd7631%253A1696080699.7854662%26_%3D1696080699.7870264&cb=1696080699.7870564 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Df3f96dbb-ab4e-4a60-b682-4c237ebd7631%253A1696080699.7854662%26_%3D1696080699.7870264 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=f3f96dbb-ab4e-4a60-b682-4c237ebd7631%3A1696080699.7854662&_=1696080699.7870264

Request Chain 121

https://ib.adnxs.com/setuid?entity=18&code=5140084927473441258 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084927473441258

Request Chain 122

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084927473441258&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084927473441258&redir=

Request Chain 125

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5140084927473441269&bid=omt9pi0

Request Chain 128

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084927473441258&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084927473441258&forward=&C=1

Request Chain 135

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZRgjOwAUMmVg-AAN HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZRgjOwAUMmVg-AAN&_test=ZRgjOwAUMmVg-AAN

Request Chain 136

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5140084927473441269&bid=omt9pi0

Request Chain 137

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZRgjOwAUNNBf5gAN HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZRgjOwAUNNBf5gAN&_test=ZRgjOwAUNNBf5gAN

Request Chain 138

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685629925463776&referrer=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=d76768cb-d792-44c6-a642-82beca318c29%3A1696080699.684016&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd76768cb-d792-44c6-a642-82beca318c29%253A1696080699.684016%26_%3D1696080699.6853852&cb=1696080699.6854143 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd76768cb-d792-44c6-a642-82beca318c29%253A1696080699.684016%26_%3D1696080699.6853852 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=d76768cb-d792-44c6-a642-82beca318c29%3A1696080699.684016&_=1696080699.6853852

Request Chain 139

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyOTkyNTQ2Mzc3Ng==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEIrlYTo1Nswg98qAKwI5sRs&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=1280226a-d33e-4742-a623-31b1b8cd6c10%3A1696080699.9177032&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D1280226a-d33e-4742-a623-31b1b8cd6c10%253A1696080699.9177032%26_%3D1696080699.919941&cb=1696080699.9199708 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D1280226a-d33e-4742-a623-31b1b8cd6c10%253A1696080699.9177032%26_%3D1696080699.919941 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=1280226a-d33e-4742-a623-31b1b8cd6c10%3A1696080699.9177032&_=1696080699.919941

Request Chain 140

https://ib.adnxs.com/setuid?entity=18&code=5109685629925463776 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685629925463776

Request Chain 141

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5109685629925463776&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685629925463776&redir=

Request Chain 157

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5108559730055158212&bid=omt9pi0

Request Chain 158

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZRgjOwAUQiwzWABY HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZRgjOwAUQiwzWABY&_test=ZRgjOwAUQiwzWABY

Request Chain 159

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=fe83a7c8-feab-445a-90e0-8a874c6aa90f%3A1696080699.707538&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfe83a7c8-feab-445a-90e0-8a874c6aa90f%253A1696080699.707538%26_%3D1696080699.7098053&cb=1696080699.709835 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dfe83a7c8-feab-445a-90e0-8a874c6aa90f%253A1696080699.707538%26_%3D1696080699.7098053 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=fe83a7c8-feab-445a-90e0-8a874c6aa90f%3A1696080699.707538&_=1696080699.7098053

Request Chain 160

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTczMDA1NTE1ODIxMg==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEIrlYTo1Nswg98qAKwI5sRs&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=c2ba1014-a752-49ef-a531-255ba03977e7%3A1696080699.9175506&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc2ba1014-a752-49ef-a531-255ba03977e7%253A1696080699.9175506%26_%3D1696080699.9186225&cb=1696080699.9186504 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dc2ba1014-a752-49ef-a531-255ba03977e7%253A1696080699.9175506%26_%3D1696080699.9186225 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c2ba1014-a752-49ef-a531-255ba03977e7%3A1696080699.9175506&_=1696080699.9186225

Request Chain 162

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559730055158212&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559730055158212&redir=

Request Chain 209

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=217E690FC3894288A7B5180017D8544D&RedC=c.clarity.ms&MXFR=186B4AF2F5826D52134F596EF18263B7 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=217E690FC3894288A7B5180017D8544D&MUID=1695BD0FF2B86D3B13A1AE93F3146C64

243 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
give.unrefugees.org/180117core_mainpg_d_3000/
Redirect Chain

https://click.e.unrefugees.org/?qs=dde8a3aaf931838f748f1b80ab91729e38942ea83f5b449a46716eee8d1463bbfc583e7886834ac93ba27c1a2c9bcf590193df0511a361df
https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=70...

42 KB
17 KB

1098ms
672ms

Document
text/html

50.112.255.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.112.255.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-255-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

41573cd3a239011779ef9e3fa8a0dc2eea0b17272dcf56a269581f572a419b08

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 16941
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Sat, 30 Sep 2023 13:31:37 GMT
strict-transport-security: max-age=10886400
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 384
Content-Type: text/html; charset=utf-8
Date: Sat, 30 Sep 2023 13:31:35 GMT
Location: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU

GET
H2 200 index.css
give.unrefugees.org/css/ 192 KB
38 KB 507ms
503ms Stylesheet
text/css 50.112.255.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.unrefugees.org/css/index.css?v=9.7.3

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.112.255.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-255-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

fd8226264cfd611c285f0ad0155bbfcaddc31b03ebdb8442431146379e4340b6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
last-modified: Thu, 09 Mar 2023 22:58:48 GMT
content-security-policy: frame-ancestors 'self'
etag: "b3f07db5da52d91:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
accept-ranges: bytes
content-length: 38454
x-xss-protection: 1; mode=block

GET
H2 200 plyr.css
give.unrefugees.org/css/ 24 KB
6 KB 184ms
181ms Stylesheet
text/css 50.112.255.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.unrefugees.org/css/plyr.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.112.255.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-255-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

465ecd3c27cf42a3309af6bda6e2b8c4b9cb7a78788908904e0d6761a2c3102a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
last-modified: Sat, 23 Feb 2019 20:10:20 GMT
content-security-policy: frame-ancestors 'self'
etag: "09e7cdb3cbd41:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
accept-ranges: bytes
content-length: 5867
x-xss-protection: 1; mode=block

GET
H2 200 hrp3szy.css
use.typekit.net/ 7 KB
1 KB 464ms
413ms Stylesheet
text/css 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/hrp3szy.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

111f96ceeeb374dce4a178a719d2c1a18ee2d01921025345ed93a29a1f7af221

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Sat, 30 Sep 2023 13:31:38 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1032

GET
H/1.1 200
OK tags.js Show response
h.online-metrix.net/fp/ 95 KB
13 KB 60ms
16ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/tags.js?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

fa0fe3d39fadfcf9860fb5244c0a67281790bb1ebd69c8b5fa47d337ebf28d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 13:31:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 nudge_arrow.png
give.unrefugees.org/img/ 1 KB
2 KB 190ms
186ms Image
image/png 50.112.255.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.unrefugees.org/img/nudge_arrow.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.112.255.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-255-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

394e68bb96ac874b1a9f9b39286a16349ab781c8513ce632ce5c7ba8bb2ba0ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Thu, 08 Sep 2022 15:48:50 GMT
etag: "05d2e7d9ac3d81:0"
x-frame-options: sameorigin
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 1102
x-xss-protection: 1; mode=block

GET
H2 200 lock-secure-donation.png
give.unrefugees.org/img/ 8 KB
9 KB 192ms
188ms Image
image/png 50.112.255.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.unrefugees.org/img/lock-secure-donation.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.112.255.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-255-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

9b9c0898e129c8c18b79f176435c368cecfe30a903797c9feba7a82ee19902bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Thu, 08 Sep 2022 15:48:50 GMT
etag: "05d2e7d9ac3d81:0"
x-frame-options: sameorigin
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 8196
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 1x-main-rf1226634x530.jpg
cdn.unrefugees.org/u4uforms2020/media/fnsnlt5i/ 36 KB
37 KB 236ms
23ms Image
image/jpeg 18.238.243.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uforms2020/media/fnsnlt5i/1x-main-rf1226634x530.jpg
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-61.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8b643671a7baa56194fa4f07ab8f5f727612f7707d0daeab8d6509fc5163d2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 11:28:35 GMT
Via: 1.1 1bdf441282a54ae942606c92014c38d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS58-P1
Age: 7384
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-local-date-created: 133062670525540589
Content-Length: 37077
x-amz-meta-local-date-modified: 133062670525550606
Last-Modified: Mon, 29 Aug 2022 17:18:43 GMT
Server: AmazonS3
ETag: "c79d84211e527600fcd8ef48e213e019"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: 8tbbyuMWSN4jLDWmrIRSdWLi4--aJgyOVverYWTW1HkWJyMNjI-CEg==

GET
H2

200

embed.js Show response
app.dafwidget.com/public/
Redirect Chain

https://app.dafwidget.com/api/js/source.js
https://app.dafwidget.com/public/embed.js

7 KB
2 KB

97ms
96ms

Script
text/javascript

184.72.142.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.dafwidget.com/public/embed.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Server: 184.72.142.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-142-242.compute-1.amazonaws.com
Software: /
Resource Hash: a6aea90164a685a02afe0e574bb4c668c83a4b6cdff9ab4b09b0ecbd53e4fd66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: gzip
x-cache-hit: 1
last-modified: Thu, 03 Aug 2023 13:19:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

Redirect headers

location: https://app.dafwidget.com:443/public/embed.js
date: Sat, 30 Sep 2023 13:31:38 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 bbb-logo-173x87.png
give.unrefugees.org/media/1017/ 33 KB
34 KB 360ms
357ms Image
image/png 50.112.255.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.unrefugees.org/media/1017/bbb-logo-173x87.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.112.255.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-255-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

97880bcd7fcc199a008ea736ab008f7f92e9cf6c0addc2afb6c92b3e70d9c9a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Wed, 28 Mar 2018 18:24:27 GMT
etag: "a937c21c2c6d31:0"
x-frame-options: sameorigin
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 33886
x-xss-protection: 1; mode=block

GET
H2 200 guide-star-platinum.png
give.unrefugees.org/media/1005/ 16 KB
17 KB 195ms
192ms Image
image/png 50.112.255.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.unrefugees.org/media/1005/guide-star-platinum.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.112.255.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-255-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

53b492f729960ead9c5779dc772534e0f00e2dcdbd1687a0d236af95417549b5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Tue, 05 Dec 2017 18:17:59 GMT
etag: "af9bd561f56dd31:0"
x-frame-options: sameorigin
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 16468
x-xss-protection: 1; mode=block

GET
H2 200 unhcr-visibility-horizontal-white-cmyk-v2016.svg
give.unrefugees.org/img/ 12 KB
13 KB 359ms
356ms Image
image/svg+xml 50.112.255.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.unrefugees.org/img/unhcr-visibility-horizontal-white-cmyk-v2016.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.112.255.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-255-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

6bfbae61daf6218548d35bd824d5299e6f0517f156050c302ddd83fa0e8abdc8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Thu, 08 Sep 2022 15:48:50 GMT
etag: "05d2e7d9ac3d81:0"
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: no-cache
accept-ranges: bytes
content-length: 12265
x-xss-protection: 1; mode=block

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 39ms
7ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://give.unrefugees.org/
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1280097
x-cache: HIT, HIT
content-length: 30638
x-served-by: cache-lga21965-LGA, cache-fra-eddf8230060-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1696080698.481862,VS0,VE0
etag: W/"28feccc0-15851"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 454, 196332

GET
H2 200 plyr.js Show response
cdn.plyr.io/3.5.2/ 111 KB
32 KB 61ms
29ms Script
application/javascript 2606:4700:21::681b:c258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.5.2/plyr.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8608c7129a24079dd332403d0aef583dcefdf0bfc02914d626a6559a3ac049ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13990788
cf-polished: origSize=113855
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 20 Apr 2023 10:33:42 GMT
server: cloudflare
etag: W/"26d009457000af80d7306229fc132b15"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3D0XVP11GSKPViFPIvTJU7jE3CFwkX5XiYhkZwF%2BVDoKd6k66lSNRB7MlE1B7pLXCvusPwf8aWIydBEx7TlaK2%2BAPkVoSrnL5KeqlU4x2y4JTwR5Tu08Kaq5vzxQdG%2B0U%2F4KC1NoJuHU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 80ecd3cdcb402c16-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0d78aaa1f19559ffa4d51c47944c3e6a9c2104d971f1cc105fb92d4bca4501f6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 30 Sep 2023 13:31:38 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 273 KB
76 KB 559ms
527ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C82) /

Resource Hash

de0a79453d07d9a6783f7e4f2954b6be546f7677cf0e4b5e2c307a6a9d99fafb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-UTZWLFIVjCew7rt1Q5uF264mIMJ4WSju0fAcj+9cYL+g+GKt' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-UTZWLFIVjCew7rt1Q5uF264mIMJ4WSju0fAcj+9cYL+g+GKt' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-UTZWLFIVjCew7rt1Q5uF264mIMJ4WSju0fAcj+9cYL+g+GKt' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-UTZWLFIVjCew7rt1Q5uF264mIMJ4WSju0fAcj+9cYL+g+GKt' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 30 Sep 2023 13:31:38 GMT
disable-set-cookie: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: true
paypal-debug-id: 079074b5a234a
server-timing: traceparent;desc="00-0000000000000000000079074b5a234a-7136f9ae9745509c-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 76497
x-xss-protection: 1; mode=block
last-modified: Sat, 30 Sep 2023 01:34:34 GMT
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server: ECAcc (frc/4C82)
traceparent: 00-0000000000000000000079074b5a234a-5de65cdd435032c0-01
etag: W/"12ad1-89544ZFEVNkRUnMDcs9R9PY2PW4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 index.min.js Show response
give.unrefugees.org/scripts/lib/ 759 KB
671 KB 361ms
357ms Script
application/javascript 50.112.255.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.unrefugees.org/scripts/lib/index.min.js?v=9.7.3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.112.255.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-255-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

458ee255c6d13348f36f7ea70ae12bc6810e7ab5ae56f92fa4aabb4752ab32e1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
last-modified: Thu, 09 Mar 2023 21:50:48 GMT
content-security-policy: frame-ancestors 'self'
etag: "e4e6b735d152d91:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 commerce.min.js Show response
give.unrefugees.org/scripts/lib/ 52 KB
17 KB 188ms
184ms Script
application/javascript 50.112.255.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://give.unrefugees.org/scripts/lib/commerce.min.js?v=9.7.3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.112.255.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-255-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

5c3b7d893de324e949b760db1406424f87425597516760d0e6c46fc6dc190c15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=10886400
last-modified: Mon, 08 May 2023 14:47:28 GMT
content-security-policy: frame-ancestors 'self'
etag: "040812bc81d91:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
accept-ranges: bytes
content-length: 16863
x-xss-protection: 1; mode=block

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 117 KB
36 KB 121ms
73ms Script
application/javascript 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1cb146a6294f46b5d58de858134694c25c9bbd944c25ef47c259cddc7f4d60a8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A3TQnTps9HN7RoTd68J6-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-A3TQnTps9HN7RoTd68J6-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 30 Sep 2023 13:31:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 451 KB
117 KB 65ms
42ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

707f1d63a3d38bd0e47051ef4e5817e733e78f35c61419e1d7c3f929cce96330

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119018
x-xss-protection: 0
last-modified: Sat, 30 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 30 Sep 2023 13:31:38 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 41ms
6ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=hrp3szy&ht=tk&f=139.140.171.173.174.175.176.15701.15703.15705.15708&a=1630018&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 css
fonts.googleapis.com/ 2 KB
900 B 37ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Kalam|Lato&display=swap

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=9.7.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

589021bd4abd0d6c7e0848edb41abe88e0da8f30b8346ce0946a98c1964fcc8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 30 Sep 2023 13:31:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 30 Sep 2023 13:31:38 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 21 KB
6 KB 135ms
108ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=760031&u=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&vn=2
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: a0ccd2dd594580b384880e1a21d2a65979b10abf3af347913ffdfa93f707b6f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1696003666_EA"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 l
use.typekit.net/af/180254/00000000000000000001522c/27/ 45 KB
46 KB 29ms
7ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/180254/00000000000000000001522c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 38c9c1413e17c7a5ee87095bdb4cad0da069451ee937cb801c8f37f2c734644f

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
server: nginx
etag: "d8f0e75543cc417069e2148d573e1b3687264d73"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46404

GET
H2 200 l
use.typekit.net/af/925423/00000000000000003b9b038f/27/ 19 KB
20 KB 35ms
14ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/925423/00000000000000003b9b038f/27/l?subset_id=2&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7c707b4d486575fcdf35497e30073fd70f0a9ea072e4ca1ca724da7fbab22a9b

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
server: nginx
etag: "af967ea1356382090341795946181a15b4b5bcf0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19900

GET
H2 200 l
use.typekit.net/af/220823/000000000000000000015231/27/ 45 KB
45 KB 27ms
7ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/220823/000000000000000000015231/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 73ef385046533349dbdb6264bfdb814819b44a3a7ddeedf7611db7d55f567c7c

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
server: nginx
etag: "25d9000ed11ad93413dd9fab416a1870c8ae46cd"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46076

GET
H2 200 YA9dr0Wd4kDdMthROCc.woff2
fonts.gstatic.com/s/kalam/v16/ 22 KB
22 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kalam/v16/YA9dr0Wd4kDdMthROCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kalam|Lato&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

954410601a823f37e219f7930b7446f86afa15621326a7078d56fb9c910135cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 05:34:19 GMT
x-content-type-options: nosniff
age: 28639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22336
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:47:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 05:34:19 GMT

GET
H2 200 checkmark-icon.svg
give.unrefugees.org/img/ 899 B
1 KB 325ms
325ms Image
image/svg+xml 50.112.255.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.unrefugees.org/img/checkmark-icon.svg

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=9.7.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.112.255.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-255-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

2f61f967f0f19fe63c743f330f862db14d88fcc7e09eae7d22998e87a4e97749

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/css/index.css?v=9.7.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Thu, 08 Sep 2022 15:48:50 GMT
etag: "05d2e7d9ac3d81:0"
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: no-cache
accept-ranges: bytes
content-length: 899
x-xss-protection: 1; mode=block

GET
H2 200 l
use.typekit.net/af/6c7e72/000000000000000000015232/27/ 46 KB
46 KB 13ms
12ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6c7e72/000000000000000000015232/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3cd854806809b430cf2a895390bfac5b1ff996643f6e9bb55abb7a36a1e33fc3

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
server: nginx
etag: "e855751b4c412caa5b02bc2213270b96d80c67d9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47300

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
80 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EVDQTJ4LMY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

835eb6b703d234d6f689bef34bc83e05987ae6ef19886a83e57e4fba86805646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81944
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 30 Sep 2023 13:31:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 30 Sep 2023 11:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6115
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 30 Sep 2023 13:49:43 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 128 KB
50 KB 44ms
22ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-M6SN8J6

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b9d5069766237cccf6a072b1f35f0d5853503063c8facd0fd74f55e3f43c4c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50653
x-xss-protection: 0
last-modified: Sat, 30 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 30 Sep 2023 13:31:38 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957115417/ 3 KB
2 KB 77ms
50ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957115417/?random=1696080698609&cv=11&fst=1696080698609&bg=ffffff&guid=ON&async=1&gtm=45He39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&hn=www.googleadservices.com&frm=0&tiba=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&auid=814318793.1696080699&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15ebbc4ee1e269490d7cf6593e99674e0dc3ed1853eeec8c86178a5d30624be2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1484
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 69ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 30 Sep 2023 13:31:38 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CF42F6A713FC48E6BD37C2959EF3AD8A Ref B: FRA31EDGE0119 Ref C: 2023-09-30T13:31:38Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H2 200 scevent.min.js Show response
sc-static.net/ 38 KB
17 KB 88ms
41ms Script
application/javascript 54.192.87.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.87.248 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-87-248.ams50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 7f582da9956745e52c17b0163205f20c2022922efbc47c142c863b3457cb614c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: gzip
via: 1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS50-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 16806
x-amz-cf-id: wGk0P_QB7X3YqWt0MDT5s6OzzHKO8VOjFcIA--nJTpWGRpstF4CIjA==

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/10934040069/ 3 KB
2 KB 49ms
21ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10934040069/?random=1696080698617&cv=11&fst=1696080698617&bg=ffffff&guid=ON&async=1&gtm=45He39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&tiba=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&value=0&bttype=purchase&auid=814318793.1696080699&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1c5b1c65a556c2e92e1c23dedf209ec8ca537788a06c7797e6ce6c4ebde5cabf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1802
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

275a43b12f692b2930a431505a506f0ddff81d732b5cef0d30f4396abdb40637

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 30 Sep 2023 13:31:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53277
x-xss-protection: 0
pragma: public
x-fb-debug: zXlyXJy02Uioy9F39F5Q153eiyHRrdrxx1X6GH7lcVcru8bfntGQzqPhdB6apzo6Hw2KbxLq/5mcPrZsqiI+Nw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 62ms
19ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:11 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: HJWJ9568R75DHJH4
age: 28
x-amz-server-side-encryption: AES256
x-amz-id-2: xc73XXVfLUTv/FHPNw3xNb/ds7ytxj45jzwb1X2qJ8VaormAT1fxKuAvCKdqzXbKB5s9iWc94LM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H/1.1 200
OK tv2track.js Show response
collector-3219.tvsquared.com/ 0
190 B 183ms
32ms Script
application/javascript 34.252.16.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-3219.tvsquared.com/tv2track.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.16.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-16-51.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 13:31:38 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Content-Type: application/javascript, application/javascript

GET
H2 200 everflow.js Show response
www.tp88trk.com/scripts/sdk/ 60 KB
19 KB 147ms
112ms Script
text/javascript 35.190.72.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tp88trk.com/scripts/sdk/everflow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.72.228 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 228.72.190.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 11fa603ce72adba4dfc745fc81f365afe3d714fd117d4b515c64e1d57cf5af5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: 6d3bedad-0460-448b-aa5a-d867b2704baa
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gp Show response
g1782759016.co/ 26 B
174 B 61ms
22ms Script
application/javascript 2600:1901:0:7d2::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g1782759016.co/gp?id=-L_Ny2xXp1FWryzFl6qy&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&cw=1600&ch=1200
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7d2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: eb7e68073ee5ed998d26671859e008697e757f3276759a8ec173e5a62d34a404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
via: 1.1 google
server: Google Frontend
x-powered-by: Express
etag: W/"1a-7KeVhWk+843gX+8y2fD4wjI8a34"
content-type: application/javascript; charset=utf-8
x-cloud-trace-context: beea589d469a45a345df36d74f3846fd
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26

GET
H2 200 gp Show response
g1782759016.co/ 26 B
113 B 60ms
22ms Script
application/javascript 2600:1901:0:7d2::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g1782759016.co/gp?id=-LXPWq_CG-cVgJYLdmun&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&cw=1600&ch=1200
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7d2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: eb7e68073ee5ed998d26671859e008697e757f3276759a8ec173e5a62d34a404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
via: 1.1 google
server: Google Frontend
x-powered-by: Express
etag: W/"1a-7KeVhWk+843gX+8y2fD4wjI8a34"
content-type: application/javascript; charset=utf-8
x-cloud-trace-context: 985e959aa0386b47b89666dcc4edcc3f
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26

GET
H2 200 gp Show response
g1782759016.co/ 0
227 B 53ms
21ms Script
application/javascript 2600:1901:0:7d2::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g1782759016.co/gp?id=-LFI9dAMttdUZNQm4p8O&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&cw=1600&ch=1200
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7d2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
via: 1.1 google
server: Google Frontend
x-powered-by: Express
content-type: application/javascript
x-cloud-trace-context: e59215d9f7141ed26b3efd52dc039c88
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 gr Show response
geotargetly-api-1.com/ 352 B
631 B 45ms
19ms Script
application/javascript 2600:1901:0:807d::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://geotargetly-api-1.com/gr?id=-MSFZXw4dSXsp-ImEJD0&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:807d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 10433fa51a881104d27e6c1bfe8807ce6dea97266fc0810059b4478ffa50593d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
via: 1.1 google
server: Google Frontend
x-powered-by: Express
etag: W/"160-dy4k+8UTQKHOHq114JxY9hJPaHE"
content-type: application/javascript; charset=utf-8
x-cloud-trace-context: 7f015318113422fec81ad8baa554ec3e
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 352

GET
H2 200 adelphic_universal_pixel.js Show response
js.ipredictive.com/ 2 KB
2 KB 51ms
9ms Script
application/javascript 18.66.112.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ipredictive.com/adelphic_universal_pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-72.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:28:06 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
last-modified: Fri, 30 Sep 2022 15:42:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 213
etag: "83b469155694c51d4c5581028a6788bc"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2108
x-amz-cf-id: BQU2h2KDgIjAgIMvtyWppiQJVK-T6ynkSEeHtLSmTSjsW3YqCAIXdA==

GET
H2 200 vpr.min.js Show response
cdn.veritonic.com/static/ 4 KB
2 KB 82ms
12ms Script
application/javascript 2600:9000:238d:3200:1e:549f:95c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.veritonic.com/static/vpr.min.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:3200:1e:549f:95c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 121c08aa32d56feaf1e2a15f735b9d20d34ff00ed6afa8b21839de50e0b3f233

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: pDsvIAuyukwEAlDifEQFaPMRdc4vW31E
content-encoding: gzip
via: 1.1 de7a608ee8aa91b02488536faf8169a0.cloudfront.net (CloudFront)
date: Fri, 29 Sep 2023 21:58:28 GMT
last-modified: Thu, 24 Aug 2023 18:30:30 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 55993
x-amz-server-side-encryption: AES256
etag: W/"8cb8e115ba7a7e3d69fc12100ce233fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 4Gm_uEfhEU7jywPMi-vLO63ORsbzw5sKjEA_lkaSUaj54AhHCMwQfA==

GET
H2 200 ping.min.js Show response
pixel.byspotify.com/ 31 KB
6 KB 45ms
8ms Script
application/javascript 34.117.162.98
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.byspotify.com/ping.min.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.162.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 98.162.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c04e4a8ecebc7490c188a2306cd34cc1b7b5871fcaa919ee83529a22cde38a12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 12:54:44 GMT
content-encoding: gzip
via: 1.1 google
age: 2214
x-guploader-uploadid: ADPycdvgppuu8tSM3WDXoAG7XP1RB6JxS2q0IgujTfpCxHAPXbqVWhUaWcjitq-IH8IITNPHpDvYxqeDMxIwYIE9j1QfgvZHDzf9
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6010
last-modified: Tue, 13 Jun 2023 02:32:38 GMT
server: UploadServer
etag: "65b5910f0f14819a316515be25229473"
vary: Accept-Encoding
x-goog-generation: 1686623558315939
x-goog-hash: crc32c=MokMTA==, md5=ZbWRDw8UgZoxZRW+JSKUcw==
content-type: application/javascript;
cache-control: public, max-age=3600
x-goog-stored-content-length: 6010
accept-ranges: bytes
expires: Sat, 30 Sep 2023 13:54:44 GMT

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 19 KB
5 KB 414ms
100ms Script
application/javascript 44.209.137.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=35855&tdr=&plh=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&cb=9315807704784130term=value
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.137.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-137-118.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: f443a0833075588c428b168bd1197b68941431e3a6187ab6fbb3d55099aba58d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
x-envoy-upstream-service-time: 3
be: spx-prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P9YZZV758Y&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3e13faa8b32311033fdb1308e0ae2845635d419a6f6e83ea3c0cf05fd13cf36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93271
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 30 Sep 2023 13:31:38 GMT

GET
H2

200

src=4269937;dc_pre=CLuUvvy40oEDFWRQHgId4g4MjA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=4269937;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=4269937;dc_pre=CLuUvvy40oEDFWRQHgId4g4MjA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=4269937;dc_pre=CLuUvvy40oEDFWRQHgId4g4MjA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
401 B

79ms
51ms

Image
image/gif

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=4269937;dc_pre=CLuUvvy40oEDFWRQHgId4g4MjA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=4269937;dc_pre=CLuUvvy40oEDFWRQHgId4g4MjA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=866781582
https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=866781582;ip=138.199.38.132;cuidchk=1

42 B
780 B

102ms
102ms

Image
image/gif

52.44.225.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=866781582;ip=138.199.38.132;cuidchk=1

Requested by

Protocol

HTTP/1.1

Server

52.44.225.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-225-134.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Sep 2023 13:31:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Sat, 30 Sep 2023 13:31:39 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=UTF-8
Location: /pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=866781582;ip=138.199.38.132;cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ppt=18676;g=sitewide;gid=43404;ord=undefined
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=730729297
https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=730729297;ip=138.199.38.132;cuidchk=1

42 B
780 B

98ms
98ms

Image
image/gif

52.44.225.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=730729297;ip=138.199.38.132;cuidchk=1

Requested by

Protocol

HTTP/1.1

Server

52.44.225.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-225-134.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Sep 2023 13:31:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Sat, 30 Sep 2023 13:31:39 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=UTF-8
Location: /pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=730729297;ip=138.199.38.132;cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK pixel
ad.ipredictive.com/d/rt/ 631 B
787 B 394ms
92ms Image
image/jpeg 52.204.83.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.ipredictive.com/d/rt/pixel?rtsite_id=60700&uuid=d5534c09-ec00-4f6f-9451-54fa79df98bb&rr=CACHE_BUSTER&gtmcb=251771694
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.83.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-83-105.compute-1.amazonaws.com
Software: /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 13:31:39 GMT
Content-Encoding: gzip
Connection: keep-alive
X-CI-RTID: 9dc18b42-567a-434f-89b5-06161e998f81
Content-Length: 479
Content-Type: image/jpeg

GET
H/1.1 200
OK pixel
ad.ipredictive.com/d/track/cvt/ 631 B
858 B 402ms
96ms Image
image/jpeg 52.204.83.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.ipredictive.com/d/track/cvt/pixel?acct_id=58684&cache_buster=[timestamp]&gtmcb=1518750204
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.83.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-83-105.compute-1.amazonaws.com
Software: /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 13:31:39 GMT
Content-Encoding: gzip
Connection: keep-alive
X-CI-RTID: ab3f9ef2-5da4-4b32-a33d-78906cf808b2
Content-Length: 479
Content-Type: image/jpeg

GET
H2 502 /
event.mrtnsvr.com/ 0
0 144ms
94ms Image
text/html 35.227.237.181
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.mrtnsvr.com/?adv=17114&cb=1008996051&ref=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&gtmcb=376288481
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.237.181 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 181.237.227.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H/1.1 200
OK /
data.adxcel-ec2.com/pixel/ 43 B
131 B 392ms
91ms Image
image/gif 44.210.179.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=content&pixid=f2fb3240-c0e1-432f-91c7-686941e6de69
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.210.179.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-179-130.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 Pixels
px.adentifi.com/ 0
35 B 322ms
95ms Image
text/plain 44.194.80.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adentifi.com/Pixels?a_id=10893;rev=undefined;cv_1=undefined;cv_2=undefined;p_url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU;uq=1117495729338.8955
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.80.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-80-38.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT

GET
H3 200 va_gq-7a1f9d3c4ad6e57d9173ffccf06bb9c4.js Show response
dev.visualwebsiteoptimizer.com/edrv/ 235 KB
61 KB 33ms
8ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-7a1f9d3c4ad6e57d9173ffccf06bb9c4.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=760031&u=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&vn=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 92d02af9ef616f3a6d025d4633e40b2239d3189e0da4f9b28a03503901bfdb75

Request headers

Referer: https://give.unrefugees.org/
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 29 Sep 2023 13:33:49 GMT
server: gfra1
etag: "6516d23d-f52d"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62765

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
284 B 99ms
95ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=760031&d=give.unrefugees.org&u=D9DC611CF54F63D30CC7C04640FDDF077&h=1cd811bd81f86256dbdd04deb22c77b2&t=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: public, max-age=43200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
BLOB 200
OK d88f595e-ee00-4de8-9de2-ed30398c8e14
https://give.unrefugees.org/ 1 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://give.unrefugees.org/d88f595e-ee00-4de8-9de2-ed30398c8e14
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e2cba21d9fa0c7878e6feedbf6aa57323a6444ce6df48981b39121c7bc2fb95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Length: 1302
Content-Type: application/javascript

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 39ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EVDQTJ4LMY&gtm=45je39r0&_p=572740244&cid=1545826543.1696080699&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1696080698&sct=1&seg=0&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&dt=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&en=page_view&_fv=1&_nsi=1&_ss=1&ep.local_country=USA&ep.cs_container_id_version=GTM-N9KWLLF_91&ep.cs_container_id=GTM-N9KWLLF&ep.application_type=Website%20-%20ecom&ep.custom_event_id=e0a7d898-abf6-4024-93bc-9cfd308abc1d&ep.custom_event_timestamp=2023-09-30T15%3A31%3A38.620%2B02%3A00
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EVDQTJ4LMY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
184 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=572740244&t=pageview&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&ul=en-us&de=UTF-8&dt=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChAiAABRAAAAC~&jid=1871374020&gjid=411719669&cid=1545826543.1696080699&tid=UA-3754388-9&_gid=1581537739.1696080699&_slc=1&gtm=45He39r0n81N9KWLLF&cd1=701Rf000001uv4nIAA&cd2=701Rf000001uWrOIAU&z=997193512

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 51ms
18ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3754388-9&cid=1545826543.1696080699&jid=1871374020&gjid=411719669&_gid=1581537739.1696080699&_u=YChAiAABRAAAAG~&z=1432351300

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 30 Sep 2023 13:31:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 363860773806760 Show response
connect.facebook.net/signals/config/ 362 KB
113 KB 466ms
465ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/363860773806760?v=2.9.131&r=stable&domain=give.unrefugees.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

990619475d4a6e88843f180c86e78aa5c1907479629b8db92a78c2c8c103bca4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 30 Sep 2023 13:31:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Z8j6mv2Fh1aolr3uTKiYvF2cApbZrGMMT/fruQhk5lmhl9o8a/4t6I5Rjg43dT7J0s1F2Oap23XIPM1QR/x1qw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/10934040069/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10934040069/?random=2015809597&cv=11&fst=1696080698617&bg=ffffff&guid=ON&async=1&gtm=45He39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgi...
https://www.google.com/pagead/1p-conversion/10934040069/?random=2015809597&cv=11&fst=1696080698617&bg=ffffff&guid=ON&async=1&gtm=45He39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F1...
https://www.google.de/pagead/1p-conversion/10934040069/?random=2015809597&cv=11&fst=1696080698617&bg=ffffff&guid=ON&async=1&gtm=45He39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F18...

42 B
455 B

43ms
22ms

Image
image/gif

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/10934040069/?random=2015809597&cv=11&fst=1696080698617&bg=ffffff&guid=ON&async=1&gtm=45He39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&tiba=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&value=0&auid=814318793.1696080699&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEk3ZnFBWVFrZjNSZ3FfZXRaU2tBUklsQUl6TjFtXzhNbmZQNEZINzZteWdrbGwtdU5WUjVYRnQyTFdVMnpYOHFidTJlcUxzRWcaV0NoQUk4STdmcUFZUXVmNmh2YnVQN3VKa0VpMEF5REljb0dxaWs1dWpDOGc4cFU5MzdQbzdaY3RpX3ZwbHNhVkNPaU5Jd3Y5WkU3a21PTHJldWVsWFloUSITCKyHt_y40oEDFYzJuwgdulEDPA&is_vtc=1&ocp_id=OiMYZayCKIyT7_UPuqON4AM&cid=CAQSKQDICaaNpdKC7MLNWTMGxYhHCSzLFcl-BnvPNubrxVEdmYxvmByFoX-e&eitems=ChEI8I7fqAYQ27C0-eD_3-2DARIdACkIFqBwa0FV-aJ09XYXsKt1mMDz-SCih88JjUc&random=3505249891&ipr=y&ezwbk=AZuM4hBQUUhxdzk3X0ryIEEXeO2LHcMHNYVtioqTX5vwM9gx1FCxPrC8RqdbYMVnCUvWGW6d-vsZyX0kSgpxm8TlzS14

Requested by

Protocol

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/10934040069/?random=2015809597&cv=11&fst=1696080698617&bg=ffffff&guid=ON&async=1&gtm=45He39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&tiba=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&value=0&auid=814318793.1696080699&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEk3ZnFBWVFrZjNSZ3FfZXRaU2tBUklsQUl6TjFtXzhNbmZQNEZINzZteWdrbGwtdU5WUjVYRnQyTFdVMnpYOHFidTJlcUxzRWcaV0NoQUk4STdmcUFZUXVmNmh2YnVQN3VKa0VpMEF5REljb0dxaWs1dWpDOGc4cFU5MzdQbzdaY3RpX3ZwbHNhVkNPaU5Jd3Y5WkU3a21PTHJldWVsWFloUSITCKyHt_y40oEDFYzJuwgdulEDPA&is_vtc=1&ocp_id=OiMYZayCKIyT7_UPuqON4AM&cid=CAQSKQDICaaNpdKC7MLNWTMGxYhHCSzLFcl-BnvPNubrxVEdmYxvmByFoX-e&eitems=ChEI8I7fqAYQ27C0-eD_3-2DARIdACkIFqBwa0FV-aJ09XYXsKt1mMDz-SCih88JjUc&random=3505249891&ipr=y&ezwbk=AZuM4hBQUUhxdzk3X0ryIEEXeO2LHcMHNYVtioqTX5vwM9gx1FCxPrC8RqdbYMVnCUvWGW6d-vsZyX0kSgpxm8TlzS14
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=572740244&t=pageview&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&ul=en-us&de=UTF-8&dt=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjAiEABRAAAAGAAI~&jid=2001843241&gjid=1572685700&cid=1545826543.1696080699&tid=UA-1473340-18&_gid=1581537739.1696080699&_slc=1&gtm=45He39r0n81N9KWLLF&cd3=USA&cd5=GTM-N9KWLLF_91&cd6=GTM-N9KWLLF&z=279497172

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 27ms
18ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1473340-18&cid=1545826543.1696080699&jid=2001843241&gjid=1572685700&_gid=1581537739.1696080699&_u=aCjAiEABRAAAAGAAI~&z=1572943854

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 30 Sep 2023 13:31:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P9YZZV758Y&gtm=45je39r0&_p=572740244&_gaz=1&cid=1545826543.1696080699&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696080698&sct=1&seg=0&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&dt=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P9YZZV758Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 18ms
17ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P9YZZV758Y&cid=1545826543.1696080699&gtm=45je39r0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P9YZZV758Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 36ms
35ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P9YZZV758Y&cid=1545826543.1696080699&gtm=45je39r0&aip=1&z=351194619

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 100ms
99ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=760031&u=D9DC611CF54F63D30CC7C04640FDDF077&s=1696080698&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22en-us%22%2C%22r%22%3A%22%22%2C%22lt%22%3A1696080698794%2C%22tO%22%3A-2%2C%22tz%22%3A%22Europe%2FBerlin%22%7D&cu=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&r=0&p=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1696080698812&v=e88d50c57

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:38 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 35ms
35ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3754388-9&cid=1545826543.1696080699&jid=1871374020&_u=YChAiAABRAAAAG~&z=919122934

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 34ms
34ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3754388-9&cid=1545826543.1696080699&jid=1871374020&_u=YChAiAABRAAAAG~&z=919122934

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/957115417/ 42 B
327 B 25ms
25ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/957115417/?random=1696080698609&cv=11&fst=1696078800000&bg=ffffff&guid=ON&async=1&gtm=45He39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&frm=0&tiba=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&fmt=3&is_vtc=1&random=705570182&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/957115417/ 42 B
108 B 21ms
21ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/957115417/?random=1696080698609&cv=11&fst=1696078800000&bg=ffffff&guid=ON&async=1&gtm=45He39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&frm=0&tiba=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&fmt=3&is_vtc=1&random=705570182&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10095779.json Show response
s.yimg.com/wi/config/ 46 B
678 B 52ms
18ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10095779.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

81f701abbdb3dcd7318338357add41af96a3b776549dc928c4703cf1cf9f2ffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 11:35:48 GMT
x-amz-version-id: AO6OvHycU6oPxWJjvTRCjyjUvfXH8wEk
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 1SZ0YPJRP01GEWFT
age: 6951
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: kF/l7/dhXEmhcbNI/WMnkR0cnogjUqtIBcMlm95CliOA5CqKWe4h2rBdB5Rf/LtoFNHmTX69HuA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 20 Oct 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 14 Sep 2022 20:58:25 GMT
server: ATS
etag: "ca96ec3516187adbafe0fb0d4f2e4932"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H3 200 apmLib-7a1f9d3c4ad6e57d9173ffccf06bb9c4.js Show response
dev.visualwebsiteoptimizer.com/ 4 KB
1 KB 9ms
8ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/apmLib-7a1f9d3c4ad6e57d9173ffccf06bb9c4.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-7a1f9d3c4ad6e57d9173ffccf06bb9c4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 9c0f6b6fbd753d81123113ba2fc9570f56caa522a45923fe6d994c397f165934

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:37 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 29 Sep 2023 13:33:49 GMT
server: gfra1
etag: "6516d23d-579"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1401

GET
H2 200 button.css
app.dafwidget.com/public/ 3 KB
1 KB 96ms
96ms Stylesheet
text/css 184.72.142.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.dafwidget.com/public/button.css
Requested by: Host: app.dafwidget.com
URL: https://app.dafwidget.com/api/js/source.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.142.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-142-242.compute-1.amazonaws.com
Software: /
Resource Hash: d941abaa1c3e1a6da66e5a4eb0ba6a5e52c910591fc656e5de987e6a96e3a9c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: gzip
last-modified: Thu, 03 Aug 2023 13:19:28 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
x-cache-hit: 1
accept-ranges: bytes
content-length: 905

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 34ms
34ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1473340-18&cid=1545826543.1696080699&jid=2001843241&_u=aCjAiEABRAAAAGAAI~&z=119842319

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 34ms
33ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1473340-18&cid=1545826543.1696080699&jid=2001843241&_u=aCjAiEABRAAAAGAAI~&z=119842319

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5612726.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 31ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5612726.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ba2ecd1923f59d3c6fc4b0b0c14f145208d1bfef21d4cf226ff4d058e1188e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sat, 30 Sep 2023 13:31:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C386FA9C20074BAA80F002CDD38514CD Ref B: FRA31EDGE0119 Ref C: 2023-09-30T13:31:38Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

POST
H2 200 / Show response
atr.veritonicmetrics.com/ 13 B
133 B 145ms
145ms XHR
application/json 34.232.205.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://atr.veritonicmetrics.com/
Requested by: Host: cdn.veritonic.com
URL: https://cdn.veritonic.com/static/vpr.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.205.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-205-165.compute-1.amazonaws.com
Software: /
Resource Hash: b232b740e35e175a9a671a7695fc317efc0d86304efd2733f0f8d70105c744c9

Request headers

Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sat, 30 Sep 2023 13:31:39 GMT
content-length: 13
apigw-requestid: MEpxThAWIAMEJYA=
content-type: application/json

OPTIONS
H2 200 /
atr.veritonicmetrics.com/ Frame 0
0 358ms
111ms Preflight
image/gif 34.232.205.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://atr.veritonicmetrics.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.205.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-205-165.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.unrefugees.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS,POST
access-control-allow-origin: *
access-control-max-age: 0
apigw-requestid: MEpxShDlIAMEJtg=
cache-control: no-cache
content-length: 43
content-type: image/gif
date: Sat, 30 Sep 2023 13:31:39 GMT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 6 KB
2 KB 92ms
92ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=760031&settings_type=1&vn=&eventArch=1&uuid=&ec=256808&exc=61|62|63
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-7a1f9d3c4ad6e57d9173ffccf06bb9c4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 38b4fb19c16a3f7d953d7c8c1fc4663add2e692e22d454bc78767c9226c21929

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1696003666_EA"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 / Show response
evnt.byspotify.com/ 2 B
106 B 134ms
134ms Fetch
application/json 34.111.186.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://evnt.byspotify.com/
Requested by: Host: pixel.byspotify.com
URL: https://pixel.byspotify.com/ping.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.186.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.186.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json
Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
via: 1.1 google
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Accept
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 /
evnt.byspotify.com/ Frame 0
0 147ms
118ms Preflight 34.111.186.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://evnt.byspotify.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.186.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.186.111.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.unrefugees.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://give.unrefugees.org
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 30 Sep 2023 13:31:38 GMT
via: 1.1 google

GET
H2 200 5612726 Show response
www.clarity.ms/tag/uet/ 827 B
1 KB 149ms
99ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5612726
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5612726.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b399e228567d9893e2a6c879c2c60a9607b69fd64bc3816c1a319625d9eb436e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: -1
date: Sat, 30 Sep 2023 13:31:39 GMT
x-azure-ref: 20230930T133138Z-ymy7pp6krp0q574hn1ttd20f2400000001mg00000000wft5
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 827
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 136ms
39ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sat%2C%2030%20Sep%202023%2013%3A31%3A38%20GMT&n=-2d&b=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&.yp=10095779&f=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sat, 30 Sep 2023 13:31:39 GMT

POST
H3 200 apm
dev.visualwebsiteoptimizer.com/ 0
33 B 97ms
97ms Ping
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/apm
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/apmLib-7a1f9d3c4ad6e57d9173ffccf06bb9c4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gnv1c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
content-encoding: gzip
via: 1.1 google
server: gnv1c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/javascript; charset=UTF-8

GET
H2 200 unhcr-visibility-horizontal-blue.svg
give.unrefugees.org/img/ 12 KB
13 KB 238ms
236ms Image
image/svg+xml 50.112.255.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.unrefugees.org/img/unhcr-visibility-horizontal-blue.svg

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=9.7.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.112.255.85 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-255-85.us-west-2.compute.amazonaws.com

Software

Resource Hash

e9027cbc9f2efbff37e09740f41c16a1ffd89eae8f1555f6a5955d3198d9c31d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/css/index.css?v=9.7.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
strict-transport-security: max-age=10886400
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Tue, 31 Oct 2017 17:19:01 GMT
etag: "4aa739586c52d31:0"
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: no-cache
accept-ranges: bytes
content-length: 12267
x-xss-protection: 1; mode=block

GET
H2 200 l
use.typekit.net/af/219c30/00000000000000003b9b0389/27/ 19 KB
19 KB 8ms
7ms Font
application/font-woff2 2a02:26f0:480:f::213:7ece
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/219c30/00000000000000003b9b0389/27/l?subset_id=2&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 50bfd91bb65762023b74efba030d3212fef8f6261707ba8edb9e4b28d13bb5ed

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:38 GMT
server: nginx
etag: "7c243ed5f8437a6687e49316f96967fcfd3feb05"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19160

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/ 461 KB
185 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e001f660a1c1ebf12cde6a74dc3e6d90a1115c3e3378193e3b7c0d9d357d82ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 10:49:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 188760
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 04:03:44 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Sep 2024 10:49:05 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
5 KB 824ms
824ms Script
application/x-javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=give.unrefugees.org&t=xo&v=5.0.397&source=payments_sdk&client_id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&disableSetCookie=true&vault=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC5) /

Resource Hash

e33af907f276fbb4fcf721de5aaf11eaafe1fbfe00b3220f17de00e725a6c465

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-TrZTYsxELXeCuHRRXcJkNWXRcIDaOy3QIQ95e/97bWsylb4D' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-TrZTYsxELXeCuHRRXcJkNWXRcIDaOy3QIQ95e/97bWsylb4D' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 30 Sep 2023 13:31:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 0a080335b39a1
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server: ECAcc (frc/4CC5)
traceparent: 00-00000000000000000000a080335b39a1-f00b2c6c3aa7959a-01
etag: W/"3668-pVZ4gu0gNIIg2vtbF0McowoZGuE"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin: *

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.10/ 57 KB
24 KB 13ms
12ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.10/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5612726
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
content-encoding: br
last-modified: Wed, 27 Sep 2023 20:20:13 GMT
etag: W/"0x8DBBF9727BF049D"
vary: Accept-Encoding
x-azure-ref: 20230930T133139Z-ymy7pp6krp0q574hn1ttd20f2400000001mg00000000wftv
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: db999e3f-701e-002e-1e84-f17ccc000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H/1.1 200
OK is Show response
52.22.50.55/ 32 B
437 B 372ms
95ms Fetch
text/plain 52.22.50.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://52.22.50.55/is
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=35855&tdr=&plh=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&cb=9315807704784130term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.22.50.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-50-55.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 989c31b0c41ab0fa5b319184a3223c2346dc8e9c2b3ffb8266b33276355c514d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 32
x-application-context: application:prod:8080

GET
H3 200 2587217788243604 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 232ms
232ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2587217788243604?v=2.9.131&r=stable&domain=give.unrefugees.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

88925942779bad5dae45ec4f99442a307cbcdb0849b00ca92a70596757b844a7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 30 Sep 2023 13:31:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: GWk9+pLlvQ9uaXj25DffVm0KYxSCNwBBwnLry76v8WbDzXr78Bu0STVo2FJSnIGtFIo6f8V2kxMh2IEaaM4RLg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 8c05b4348610338c51bc4e47bbb97a3b23b0f2cc4c16de44f36a8705349963a3 Show response
lyibja.unrefugees.org/events/ 0
166 B 600ms
174ms XHR
text/plain 52.25.243.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lyibja.unrefugees.org/events/8c05b4348610338c51bc4e47bbb97a3b23b0f2cc4c16de44f36a8705349963a3

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/363860773806760?v=2.9.131&r=stable&domain=give.unrefugees.org

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.25.243.35 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-243-35.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://give.unrefugees.org
date: Sat, 30 Sep 2023 13:31:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 22ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=363860773806760&ev=PageView&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&rl=&if=false&ts=1696080699279&sw=1600&sh=1200&v=2.9.131&r=stable&ec=0&o=30&fbp=fb.1.1696080699275.2113233986&eid=ob3_plugin-set_f5dc84f6c178f0f68f285cbb22d1bdf5ac6e89941d211a984775cd0a65c0c8c5&ler=empty&it=1696080698710&coo=false&exp=a0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 30 Sep 2023 13:31:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 2383 18 KB
8 KB 231ms
230ms Document
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgive.unrefugees.org&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4aed96a0934b554f2bdde1428a61e809b185486331ee607499aecaa78b35887f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bT8jBUCsMke7GWd2RLga7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bT8jBUCsMke7GWd2RLga7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sat, 30 Sep 2023 13:31:39 GMT
expires: Sat, 30 Sep 2023 13:31:39 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F76B 53 KB
29 KB 31ms
31ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=de&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=normal&cb=mhfj075piik0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cb88dc5cb6387265a8aa14b3197b9fd38148212684ae78dc59607f5a81ef07f5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8lSbjlI-a2_UDk-CIwAfOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8lSbjlI-a2_UDk-CIwAfOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 13:31:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 0
bat.bing.com/action/ 0
287 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5612726&tm=gtm002&Ver=2&mid=e0daf49c-53dd-460d-af84-f8e350c4e2eb&sid=af71ad505f9511ee92915714f04c27a6&vid=af71e1e05f9511ee90c5abfef83d572e&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&kw=refugee,refugee%20agency,Children,shelter&p=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&r=&lt=3407&evt=pageLoad&sv=1&rn=17618

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 30 Sep 2023 13:31:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 13C3A7B14B144D609A61E375D0A6E1E1 Ref B: FRA31EDGE0119 Ref C: 2023-09-30T13:31:39Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
299 B 402ms
201ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://give.unrefugees.org
Date: Sat, 30 Sep 2023 13:31:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 64ms
13ms Script
application/x-javascript 2600:9000:20b4:9e00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20b4:9e00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:03:39 GMT
content-encoding: gzip
via: 1.1 8a7f46625ae5030a73c5c8ce2b546002.cloudfront.net (CloudFront)
last-modified: Sat, 30 Sep 2023 13:03:29 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: AMS58-P4
age: 1680
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: iSS0VjTTkdpL7FbeZ62WSCJKQf9XO_vjsf25rf4QcDNIXLSPt-R8ug==
expires: Sat, 30 Sep 2023 14:03:39 GMT

GET
H/1.1 200
OK event Show response
ad.ipredictive.com/d/track/ Frame E3A3 0
327 B 96ms
96ms Document
text/plain 52.204.83.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ipredictive.com/d/track/event?upid=101374&cache_buster=1696080698&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&val=undefined&tn=undefined&itms=undefined
Requested by: Host: js.ipredictive.com
URL: https://js.ipredictive.com/adelphic_universal_pixel.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.83.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-83-105.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 30 Sep 2023 13:31:39 GMT
X-CI-RTID: 9865bfdf-7e6d-4b81-94cc-21853e6bb99a

GET
H2

200

activityi;dc_pre=CKCH6fy40oEDFUHMsgodAfQKmg;src=4647326;type=unrefcms;cat=donfvis;ord=5107808394185;auiddc=814318793.1696080699;u3=undefined;u2=undefined;gtm=45He39r0;uaa=;uab=;uafvl=;uamb=0;uam=;u... Show response
4647326.fls.doubleclick.net/ Frame 9231
Redirect Chain

https://4647326.fls.doubleclick.net/activityi;src=4647326;type=unrefcms;cat=donfvis;ord=5107808394185;auiddc=814318793.1696080699;u3=undefined;u2=undefined;gtm=45He39r0;uaa=;uab=;uafvl=;uamb=0;uam=...
https://4647326.fls.doubleclick.net/activityi;dc_pre=CKCH6fy40oEDFUHMsgodAfQKmg;src=4647326;type=unrefcms;cat=donfvis;ord=5107808394185;auiddc=814318793.1696080699;u3=undefined;u2=undefined;gtm=45H...

725 B
547 B

56ms
56ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4647326.fls.doubleclick.net/activityi;dc_pre=CKCH6fy40oEDFUHMsgodAfQKmg;src=4647326;type=unrefcms;cat=donfvis;ord=5107808394185;auiddc=814318793.1696080699;u3=undefined;u2=undefined;gtm=45He39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

fa4cd84b85b5e8a5cb80df48e101665c6de57a9c7db1d0f6c9b33a9e5da4cead

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 13:31:39 GMT
expires: Sat, 30 Sep 2023 13:31:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 13:31:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://4647326.fls.doubleclick.net/activityi;dc_pre=CKCH6fy40oEDFUHMsgodAfQKmg;src=4647326;type=unrefcms;cat=donfvis;ord=5107808394185;auiddc=814318793.1696080699;u3=undefined;u2=undefined;gtm=45He39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 kds-events-gtm.min.js Show response
storage.cloud.kargo.com/kds/ 16 KB
5 KB 47ms
10ms Script
application/javascript 23.48.23.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.cloud.kargo.com/kds/kds-events-gtm.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-59.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6539068a1c1c6a17c0aa235272a3a91bad898ae2366ab93b95aad3aa4c836e43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: jb9SQjcfDObwPYIYARschNorn404dZbK
content-encoding: gzip
date: Sat, 30 Sep 2023 13:31:39 GMT
x-amz-request-id: W09WPZSPF7RWNWQY
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
content-length: 4601
x-amz-id-2: kQPGKdM9j4x3N2rVfKMZtyAarQLiZmcxB/6S/tNctA2AAYf02/uOpU5waKe6l8dA1k9Xl7tQjAE=
last-modified: Fri, 25 Aug 2023 13:43:32 GMT
server: AmazonS3
etag: "c96eb00d93d2622f596cf3c089f1cc8c"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1800
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 31ms
7ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
content-encoding: gzip
etag: "6ioqmyHWSWLYz5hkRjy8Uw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 07 Oct 2023 13:31:39 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
78 B 42ms
42ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&.yp=10095779&f=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&enc=UTF-8&yv=1.15.1&et=custom&ec=pageview&ea=donation_form_visit&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sat, 30 Sep 2023 13:31:39 GMT

GET
H2

200

beacon
r.turn.com/r/
Redirect Chain

https://20669309p.rfihub.com/ca.gif?rb=9587&ca=20669309&ra=16453187
https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=

43 B
398 B

385ms
52ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

Location: https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=
Date: Sat, 30 Sep 2023 13:31:39 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/ Frame F76B 55 KB
24 KB 21ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=de&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=normal&cb=mhfj075piik0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 04:03:44 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Sep 2024 13:06:47 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/ Frame F76B 461 KB
184 KB 24ms
10ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e001f660a1c1ebf12cde6a74dc3e6d90a1115c3e3378193e3b7c0d9d357d82ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 10:49:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 188760
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 04:03:44 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Sep 2024 10:49:05 GMT

GET
H/1.1 200
OK ca.html Show response
20826429p.rfihub.com/ Frame 540D 3 KB
3 KB 91ms
17ms Document
text/html 193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&pf=&ra=48672908358589684
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: a14b0a3bc6be77d74257cd817dfe5b688f39dcffa00dc277c9cc5be9fb5dca9b

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2790
Content-Type: text/html;charset=utf-8
Date: Sat, 30 Sep 2023 13:31:39 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1 200
OK ca.html Show response
20826429p.rfihub.com/ Frame BBCA 3 KB
3 KB 91ms
20ms Document
text/html 193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&pf=&ra=017298484225413135
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 942bd845d4236425c1d10ef12f10ac1e2f2e6136c7bb1f7d6c89d5b0b39f1dc6

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2790
Content-Type: text/html;charset=utf-8
Date: Sat, 30 Sep 2023 13:31:39 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1 200
OK ca.html Show response
20826430p.rfihub.com/ Frame 523F 3 KB
3 KB 172ms
19ms Document
text/html 193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20826430p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826430&_o=9587&_t=20826430&pe=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&pf=&ra=19752875454816254
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 06a434b0cc6b27ebdbfcabee6848b7a1297230dc394084594cc1c285b61bae87

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2790
Content-Type: text/html;charset=utf-8
Date: Sat, 30 Sep 2023 13:31:39 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 rules-p-SLcBYqRUU3yLq.js Show response
rules.quantcount.com/ 2 KB
1 KB 42ms
10ms Script
application/javascript 2600:9000:223c:2600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-SLcBYqRUU3yLq.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f2e256cb560023d729b4581ba94e88cedce352fc2cbcbb60e3232a5859d4793

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
content-encoding: gzip
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 591
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:22:26 GMT
server: AmazonS3
etag: W/"291bda9609975bc4fbca3a725bc18ab7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: 8nnTCv_Og8AKV1Y2yjnYhR7akNz8mdkUaUiqCQTjvEJr_cZQbiaqjg==

GET
H2 403 Kargo.json Show response
storage.cloud.kargo.com/kds/configs/ 243 B
570 B 465ms
442ms Fetch
application/xml 23.48.23.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.cloud.kargo.com/kds/configs/Kargo.json
Requested by: Host: storage.cloud.kargo.com
URL: https://storage.cloud.kargo.com/kds/kds-events-gtm.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-59.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7e0a06052c3027d042c46a30437954a969701893509ef117af0c06bdcc43a057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
server: AmazonS3
x-amz-request-id: T1HEASPT2PKG86W5
access-control-max-age: 3000
access-control-allow-methods: GET,POST
content-type: application/xml
access-control-allow-origin: https://give.unrefugees.org
cache-control: max-age=1800
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 243
x-amz-id-2: I9VwbTlpwkqkACp35oLA/NAnHeuUKWcwTUCRSGnw9RclK+/xocyJWKv4Vi6iZJ5qm/kmhh+Mkrg=

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame F76B 102 B
135 B 16ms
15ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=pxZcVU8Dk73FyvFvdCgp2MSG

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3d2a2a3365c7801c59a8f328d7396d3d56d6a0d41ec9e2e78d681f54dad176fe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=de&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=normal&cb=mhfj075piik0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 30 Sep 2023 13:31:39 GMT

GET
H2 200 pixel;r=777006894;labels=_fp.event.Donation%20Landing%20Page%2C_fp.customer.undefined;rf=0;a=p-SLcBYqRUU3yLq;url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail...
pixel.quantserve.com/ 35 B
372 B 13ms
13ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=777006894;labels=_fp.event.Donation%20Landing%20Page%2C_fp.customer.undefined;rf=0;a=p-SLcBYqRUU3yLq;url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU;uht=2;fpan=1;fpa=P0-1619002422-1696080699442;pbc=;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=unrefugees.org;dst=1;et=1696080699517;tzo=-120;ogl=title.Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR%2Ctype.website%2Curl.https%3A%2F%2Fgive%252Eunrefugees%252Eorg%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0%2Cimage.https%3A%2F%2Fcdn%252Eunrefugees%252Eorg%2Fu4uforms2020%2Fmedia%2Fwh1aiwhk%2F1x-og-rf1226634x1200%252Ejpg%2Cdescription.More%20than%20100%20million%20people%20worldwide%20have%20been%20forced%20from%20their%20homes%20to%20esca;ses=974ac8e1-7c39-4653-8180-b4abc81dda4b;mdl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 2383 2 KB
2 KB 138ms
137ms Other
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgive.unrefugees.org&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.T5kGDJ8WaGw.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 2383 156 KB
55 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.T5kGDJ8WaGw.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg6G1brI71lUa9MFj6BGR5h3V6hmQ/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgive.unrefugees.org&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da23be30e4673b4fc9678a42a28ed211669e5150e5316984e831a1e3994a7dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 17:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56337
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 03:29:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Sep 2024 17:05:25 GMT

GET
H2

451

501709.gif
idsync.rlcdn.com/ Frame 540D
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084927473441258&referrer=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D00...
https://p.rfihub.com/cm?pub=39342&in=0&userid=223d25ba-4aa0-4cfb-bf44-a0e6fec8e62f%3A1696080699.6841314&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D223d25ba-4aa0-4cfb-bf44-a0e6fec...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D223d25ba-4aa0-4cfb-bf...
https://idsync.rlcdn.com/501709.gif?partner_uid=223d25ba-4aa0-4cfb-bf44-a0e6fec8e62f%3A1696080699.6841314&_=1696080699.685452

0
42 B

18ms
18ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=223d25ba-4aa0-4cfb-bf44-a0e6fec8e62f%3A1696080699.6841314&_=1696080699.685452
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Sat, 30 Sep 2023 13:31:39 GMT
via: 1.1 c0f1616474eb5ab66a150ca4467bd724.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: AMS58-P5
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=223d25ba-4aa0-4cfb-bf44-a0e6fec8e62f%3A1696080699.6841314&_=1696080699.685452
content-length: 445
x-amz-cf-id: RBwGsGCDDwCq3NbFA9F2zwWKq3TmlYaZaA83RIbeUr_WKJ4Nt3H24A==

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame 540D
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyNzQ3MzQ0MTI1OA==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEIrlYTo1Nswg98qAKwI5sRs&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=f3f96dbb-ab4e-4a60-b682-4c237ebd7631%3A1696080699.7854662&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Df3f96dbb-ab4e-4a60-b682-4c237eb...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Df3f96dbb-ab4e-4a60-b6...
https://idsync.rlcdn.com/501709.gif?partner_uid=f3f96dbb-ab4e-4a60-b682-4c237ebd7631%3A1696080699.7854662&_=1696080699.7870264

0
9 B

16ms
16ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=f3f96dbb-ab4e-4a60-b682-4c237ebd7631%3A1696080699.7854662&_=1696080699.7870264
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Sat, 30 Sep 2023 13:31:40 GMT
via: 1.1 c0f1616474eb5ab66a150ca4467bd724.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: AMS58-P5
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=f3f96dbb-ab4e-4a60-b682-4c237ebd7631%3A1696080699.7854662&_=1696080699.7870264
content-length: 447
x-amz-cf-id: aWdlhxgHQaxyYEkk4ZZjVsp9qCfx6bi9gp99-ZCp5Ol0STNSlaqqbQ==

GET
H2

200

bounce
ib.adnxs.com/ Frame 540D
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5140084927473441258
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084927473441258

43 B
883 B

23ms
14ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084927473441258

Requested by

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
an-x-request-uuid: d69a55a5-e50b-496d-9e55-00be985f7524
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.132; 138.199.38.132; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
an-x-request-uuid: aeb74c3f-4595-478b-996f-f5588871a22c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084927473441258
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 540D
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084927473441258&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084927473441258&redir=

42 B
942 B

33ms
33ms

Image
image/gif

99.80.170.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084927473441258&redir=

Requested by

Protocol

HTTP/1.1

Server

99.80.170.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-170-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-0ec6ca8b8.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: iTagiqwpTFs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v050-02e2ff31f.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: W2vBYamBRak=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084927473441258&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 540D 42 B
274 B 69ms
14ms Image
image/gif 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5140084927473441258&r=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 30 Sep 2023 13:31:39 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame 540D 43 B
273 B 62ms
22ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5140084927473441258&r=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 540D
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5140084927473441269&bid=omt9pi0

0
344 B

48ms
9ms

Image
text/plain

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5140084927473441269&bid=omt9pi0
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: HTTP/1.1
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 13:31:39 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5140084927473441269&bid=omt9pi0
Date: Sat, 30 Sep 2023 13:31:39 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame 540D 53 B
615 B 287ms
68ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5140084927473441258

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 30 Sep 2023 13:31:39 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Sat, 30 Sep 2023 13:31:39 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 540D 43 B
108 B 408ms
154ms Image
image/gif 44.194.131.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5140084927473441258
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.131.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-131-144.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 540D
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084927473441258&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084927473441258&forward=&C=1

43 B
355 B

35ms
20ms

Image
image/gif

2606:4700::6812:1bc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084927473441258&forward=&C=1
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Server: 2606:4700::6812:1bc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WehTQvwY%2BRelWAqVnuqvRhfZq159xHkzIpM%2FWKs5a0vdJd1WzXyDM171OZuIFIDgQdbReCdRweSRPlb6FnpK4kV47QLVnVtqUhnuKQRUphX%2FN5Xwk8Fu%2FmhzDuRZwf01eLhpfyzOiq%2FK37%2Fef6qnbA0MbPBe7A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80ecd3d4b9d63a96-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nI4ikv9q5aHaAmNqCfNi4bb97WAL4rr8xWfl4jXDLVFDsfWdczBxho9n5gXcg8kyAzV%2F9C3n217V4%2BKy8HB90Ml3ogueuij06Pn7U%2FOotat6SApipyHK5%2FOoEQu23Whd5aeK9KKinAgNxMm2BhhFBEpheD34qg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=57&external_user_id=5140084927473441258&forward=&C=1
cache-control: no-cache
cf-ray: 80ecd3d479993a96-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame 540D 0
42 B 64ms
17ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5140084927473441258
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 540D 43 B
182 B 242ms
195ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5140084927473441258

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-160-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Sat, 30 Sep 2023 13:31:39 GMT
pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H2 200 sync
partners.tremorhub.com/ Frame 540D 43 B
174 B 360ms
128ms Image
image/gif 2600:1f18:612b:4264:76d7:ab8c:aa2f:d2d0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5140084927473441258&r=VZYa3Vo0vTpA
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:76d7:ab8c:aa2f:d2d0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 30 Sep 2023 13:31:39 GMT
server: nginx
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 540D 43 B
376 B 34ms
7ms Image
image/gif 35.157.166.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5140084927473441258
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.166.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-166-55.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 540D 0
338 B 49ms
29ms Image
text/plain 34.250.62.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5140084927473441258
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.62.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-62-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-served-by: beacon-n023-dub-prod.krxd.net
date: Sat, 30 Sep 2023 13:31:39 GMT
cache-control: private, no-cache, no-store
x-request-time: D=44 t=1696080699
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
x.bidswitch.net/ Frame 540D 43 B
145 B 13ms
8ms Image
image/gif 52.59.55.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084927473441258&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.55.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-55-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 540D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZRgjOwAUMmVg-AAN
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZRgjOwAUMmVg-AAN&_test=ZRgjOwAUMmVg-AAN

42 B
1 KB

14ms
14ms

Image
image/gif

193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZRgjOwAUMmVg-AAN&_test=ZRgjOwAUMmVg-AAN
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: HTTP/1.1
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 30 Sep 2023 13:31:39 GMT
Cache-Control: no-cache
Server: Jetty(9.4.51.v20230217)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-fra-eddf8230065-FRA
pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1696080700.800299,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZRgjOwAUMmVg-AAN&_test=ZRgjOwAUMmVg-AAN
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame BBCA
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5140084927473441269&bid=omt9pi0

0
344 B

48ms
9ms

Image
text/plain

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5140084927473441269&bid=omt9pi0
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: HTTP/1.1
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 13:31:39 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5140084927473441269&bid=omt9pi0
Date: Sat, 30 Sep 2023 13:31:39 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame BBCA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZRgjOwAUNNBf5gAN
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZRgjOwAUNNBf5gAN&_test=ZRgjOwAUNNBf5gAN

42 B
1 KB

14ms
14ms

Image
image/gif

193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZRgjOwAUNNBf5gAN&_test=ZRgjOwAUNNBf5gAN
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: HTTP/1.1
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 30 Sep 2023 13:31:39 GMT
Cache-Control: no-cache
Server: Jetty(9.4.51.v20230217)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-fra-eddf8230065-FRA
pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1696080700.714700,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZRgjOwAUNNBf5gAN&_test=ZRgjOwAUNNBf5gAN
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

451

501709.gif
idsync.rlcdn.com/ Frame BBCA
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685629925463776&referrer=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D00...
https://p.rfihub.com/cm?pub=39342&in=0&userid=d76768cb-d792-44c6-a642-82beca318c29%3A1696080699.684016&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd76768cb-d792-44c6-a642-82beca31...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd76768cb-d792-44c6-a6...
https://idsync.rlcdn.com/501709.gif?partner_uid=d76768cb-d792-44c6-a642-82beca318c29%3A1696080699.684016&_=1696080699.6853852

0
42 B

17ms
16ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=d76768cb-d792-44c6-a642-82beca318c29%3A1696080699.684016&_=1696080699.6853852
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Sat, 30 Sep 2023 13:31:39 GMT
via: 1.1 c0f1616474eb5ab66a150ca4467bd724.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: AMS58-P5
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=d76768cb-d792-44c6-a642-82beca318c29%3A1696080699.684016&_=1696080699.6853852
content-length: 445
x-amz-cf-id: CgIxR_BIdU7D3KN0h6fwAofrsnLGA86yZeP1lglORtMMb3B7Pwo04g==

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame BBCA
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYyOTkyNTQ2Mzc3Ng==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEIrlYTo1Nswg98qAKwI5sRs&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=1280226a-d33e-4742-a623-31b1b8cd6c10%3A1696080699.9177032&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D1280226a-d33e-4742-a623-31b1b8c...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D1280226a-d33e-4742-a6...
https://idsync.rlcdn.com/501709.gif?partner_uid=1280226a-d33e-4742-a623-31b1b8cd6c10%3A1696080699.9177032&_=1696080699.919941

0
9 B

16ms
16ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=1280226a-d33e-4742-a623-31b1b8cd6c10%3A1696080699.9177032&_=1696080699.919941
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Sat, 30 Sep 2023 13:31:40 GMT
via: 1.1 c0f1616474eb5ab66a150ca4467bd724.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: AMS58-P5
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=1280226a-d33e-4742-a623-31b1b8cd6c10%3A1696080699.9177032&_=1696080699.919941
content-length: 445
x-amz-cf-id: TDXWHYTVq8obGMnxdoCvefXfyGP4nfYvXlCjN9cr8Mtdp9Pk3McjvA==

GET
H2

200

bounce
ib.adnxs.com/ Frame BBCA
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5109685629925463776
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685629925463776

43 B
885 B

17ms
13ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685629925463776

Requested by

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
an-x-request-uuid: 2a4637b2-e069-44c2-a137-645085717cd3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.132; 138.199.38.132; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
an-x-request-uuid: 0eb01e7d-0707-432b-8ff9-d485cb5d3b19
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685629925463776
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame BBCA
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5109685629925463776&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685629925463776&redir=

42 B
942 B

36ms
36ms

Image
image/gif

99.80.170.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685629925463776&redir=

Requested by

Protocol

HTTP/1.1

Server

99.80.170.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-170-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-078f26fe1.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: esg6NZ8TRhI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v050-04729d04e.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: VWGky1CwTRo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685629925463776&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame BBCA 42 B
425 B 61ms
13ms Image
image/gif 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5109685629925463776&r=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 30 Sep 2023 13:31:37 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame BBCA 43 B
106 B 155ms
123ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5109685629925463776&r=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame BBCA 53 B
615 B 280ms
68ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5109685629925463776

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 30 Sep 2023 13:31:39 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Sat, 30 Sep 2023 13:31:39 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame BBCA 43 B
108 B 389ms
141ms Image
image/gif 44.194.131.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5109685629925463776
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.131.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-131-144.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H3 200 rum
dsum-sec.casalemedia.com/ Frame BBCA 43 B
786 B 23ms
21ms Image
image/gif 2606:4700::6812:1bc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685629925463776&forward=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1bc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2Q9VKYYj2bW1xmhl%2BWJMFyM4OsWN%2FddM1Zu6m3AX7G2kNxzZ%2BsceNyyA3LXgpozBqEr0JJHqHUCd0W48SXuMuFQD2xGEdWIqEZNX8LAuZxUKqb%2BgzE9LQsVfg7ckHEggTmTi4uI1Cl%2FrYLJsSnRddV1KnIUJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80ecd3d4b85a1da0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame BBCA 0
42 B 64ms
17ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5109685629925463776
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame BBCA 43 B
182 B 239ms
209ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5109685629925463776

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-160-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Sat, 30 Sep 2023 13:31:39 GMT
pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H2 200 sync
partners.tremorhub.com/ Frame BBCA 43 B
174 B 316ms
131ms Image
image/gif 2600:1f18:612b:4264:76d7:ab8c:aa2f:d2d0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5109685629925463776&r=SrYoFRCVt0ky
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:76d7:ab8c:aa2f:d2d0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 30 Sep 2023 13:31:39 GMT
server: nginx
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame BBCA 43 B
376 B 8ms
6ms Image
image/gif 35.157.166.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5109685629925463776
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.166.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-166-55.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame BBCA 0
337 B 31ms
29ms Image
text/plain 34.250.62.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5109685629925463776
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.62.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-62-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-served-by: beacon-n016-dub-prod.krxd.net
date: Sat, 30 Sep 2023 13:31:39 GMT
cache-control: private, no-cache, no-store
x-request-time: D=39 t=1696080699
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
x.bidswitch.net/ Frame BBCA 43 B
145 B 8ms
7ms Image
image/gif 52.59.55.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685629925463776&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.55.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-55-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 dc_pre=CKCH6fy40oEDFUHMsgodAfQKmg;src=4647326;type=unrefcms;cat=donfvis;ord=5107808394185;auiddc=*;u3=undefined;u2=undefined;gtm=45He39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref...
adservice.google.com/ddm/fls/z/ Frame 9231 42 B
107 B 50ms
49ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKCH6fy40oEDFUHMsgodAfQKmg;src=4647326;type=unrefcms;cat=donfvis;ord=5107808394185;auiddc=*;u3=undefined;u2=undefined;gtm=45He39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU

Requested by

Host: 4647326.fls.doubleclick.net
URL: https://4647326.fls.doubleclick.net/activityi;dc_pre=CKCH6fy40oEDFUHMsgodAfQKmg;src=4647326;type=unrefcms;cat=donfvis;ord=5107808394185;auiddc=814318793.1696080699;u3=undefined;u2=undefined;gtm=45He39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4647326.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 9ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2587217788243604&ev=PageView&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&rl=&if=false&ts=1696080699579&sw=1600&sh=1200&v=2.9.131&r=stable&ec=0&o=30&fbp=fb.1.1696080699275.2113233986&ler=empty&it=1696080698710&coo=false&exp=a0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 30 Sep 2023 13:31:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK st Show response
px.mountain.com/ 3 KB
2 KB 709ms
174ms Script
application/javascript 52.37.218.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=UA-3754388-9%3BUA-1473340-18%3BG-P9YZZV758Y%3BG-EVDQTJ4LMY&ga_client_id=1545826543.1696080699&shpt=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-3754388-9%3BUA-1473340-18%3BG-P9YZZV758Y%3BG-EVDQTJ4LMY%22%2C%22ga_client_id%22%3A%221545826543.1696080699%22%2C%22shpt%22%3A%22Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR%22%2C%22dcm_cid%22%3A%221696080698.1%22%2C%22dcm_gid%22%3A%221581537739.1696080699%22%2C%22ga_utm_campaign%22%3A%22US_PS_EN_CORE_APPEAL___230928%22%2C%22ga_utm_source%22%3A%22u4u-appeal%22%2C%22ga_utm_medium%22%3A%22email%22%2C%22mntnis%22%3A%22HHhHhZJm0j2mjY6%2FJ%2FKmP27xrZs5RANf%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A4%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1696080698.1&dcm_gid=1581537739.1696080699&available_ga=%5B%7B%22id%22%3A%22UA-3754388-9%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22UA-1473340-18%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22G-P9YZZV758Y%22%2C%22sess_id%22%3A%221696080698%22%7D%2C%7B%22id%22%3A%22G-EVDQTJ4LMY%22%2C%22sess_id%22%3A%221696080698%22%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=35855&plh=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&cb=9315807704784130term%3Dvalue
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=35855&tdr=&plh=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&cb=9315807704784130term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.37.218.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-218-4.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 5b4bb19d01e1568ad4890a78b719d3743c1f73d4982ea1ea2bc632541a44f975

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:40 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 1
connection: close

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.T5kGDJ8WaGw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.i0ZbBA... Frame 2383 72 KB
26 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.T5kGDJ8WaGw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.i0ZbBAUavxo.L.B1.O/am=AMAY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjQ2KJjWbXISqWks1yYzREefAx9Sg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.T5kGDJ8WaGw.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg6G1brI71lUa9MFj6BGR5h3V6hmQ/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f10bd03f4690135c70abf63c9191d804eb7f4416e5309a7d0cf99a70b126563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 17:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26932
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 20:26:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Sep 2024 17:50:52 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 523F
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5108559730055158212&bid=omt9pi0

0
344 B

48ms
9ms

Image
text/plain

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5108559730055158212&bid=omt9pi0
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: HTTP/1.1
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 13:31:39 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5108559730055158212&bid=omt9pi0
Date: Sat, 30 Sep 2023 13:31:39 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 523F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZRgjOwAUQiwzWABY
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZRgjOwAUQiwzWABY&_test=ZRgjOwAUQiwzWABY

42 B
1 KB

14ms
14ms

Image
image/gif

193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZRgjOwAUQiwzWABY&_test=ZRgjOwAUQiwzWABY
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: HTTP/1.1
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 30 Sep 2023 13:31:39 GMT
Cache-Control: no-cache
Server: Jetty(9.4.51.v20230217)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-fra-eddf8230065-FRA
pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1696080700.816252,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZRgjOwAUQiwzWABY&_test=ZRgjOwAUQiwzWABY
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame 523F
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D00...
https://p.rfihub.com/cm?pub=39342&in=0&userid=fe83a7c8-feab-445a-90e0-8a874c6aa90f%3A1696080699.707538&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfe83a7c8-feab-445a-90e0-8a874c6a...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dfe83a7c8-feab-445a-90...
https://idsync.rlcdn.com/501709.gif?partner_uid=fe83a7c8-feab-445a-90e0-8a874c6aa90f%3A1696080699.707538&_=1696080699.7098053

0
9 B

18ms
17ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=fe83a7c8-feab-445a-90e0-8a874c6aa90f%3A1696080699.707538&_=1696080699.7098053
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Sat, 30 Sep 2023 13:31:40 GMT
via: 1.1 c0f1616474eb5ab66a150ca4467bd724.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: AMS58-P5
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=fe83a7c8-feab-445a-90e0-8a874c6aa90f%3A1696080699.707538&_=1696080699.7098053
content-length: 445
x-amz-cf-id: pqRfDI2E52mc9tcwwh6JB0zq5-4aXtlBw7uL2_y1s86nnAhAjprNEA==

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame 523F
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTczMDA1NTE1ODIxMg==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEIrlYTo1Nswg98qAKwI5sRs&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=c2ba1014-a752-49ef-a531-255ba03977e7%3A1696080699.9175506&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc2ba1014-a752-49ef-a531-255ba03...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730055158212&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dc2ba1014-a752-49ef-a5...
https://idsync.rlcdn.com/501709.gif?partner_uid=c2ba1014-a752-49ef-a531-255ba03977e7%3A1696080699.9175506&_=1696080699.9186225

0
9 B

16ms
16ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=c2ba1014-a752-49ef-a531-255ba03977e7%3A1696080699.9175506&_=1696080699.9186225
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Sat, 30 Sep 2023 13:31:40 GMT
via: 1.1 c0f1616474eb5ab66a150ca4467bd724.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: AMS58-P5
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=c2ba1014-a752-49ef-a531-255ba03977e7%3A1696080699.9175506&_=1696080699.9186225
content-length: 447
x-amz-cf-id: luRDR3igrD0vE-MHsGYrS8A69rxW14lJDJKQRcVNvMffLZwjjZI77w==

GET
H2 200 setuid
ib.adnxs.com/ Frame 523F 43 B
834 B 27ms
12ms Image
image/gif 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=18&code=5108559730055158212

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
an-x-request-uuid: 7aa09511-ed2c-4bb6-8845-49c9577c4f25
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 523F
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559730055158212&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559730055158212&redir=

42 B
942 B

31ms
30ms

Image
image/gif

99.80.170.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559730055158212&redir=

Requested by

Protocol

HTTP/1.1

Server

99.80.170.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-170-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-0ae28a8cd.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 0MhLQB1QSXs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v050-06ae758f2.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Cs9+mFxmSMU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559730055158212&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 523F 42 B
273 B 25ms
11ms Image
image/gif 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5108559730055158212&r=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 30 Sep 2023 13:31:38 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame 523F 43 B
106 B 34ms
20ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5108559730055158212&r=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 523F 53 B
615 B 234ms
73ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5108559730055158212

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 30 Sep 2023 13:31:39 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Sat, 30 Sep 2023 13:31:39 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 523F 43 B
109 B 313ms
116ms Image
image/gif 44.194.131.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5108559730055158212
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.131.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-131-144.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2 200 rum
dsum-sec.casalemedia.com/ Frame 523F 43 B
341 B 37ms
24ms Image
image/gif 2606:4700::6812:1bc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559730055158212&forward=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1bc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9tJn8TN3k0xBbypMr0BPweXp%2BapkP86TFOmq5dQsTf3JqQufTxBShWCENPoIFnnpMUWZ8j9HZXT96dz2ImG6TL%2FyuSNmJc6WQfrB9%2B5grr2ntKs3%2B5jCHmnoPniRzluPNQaGtJS1wv1vAseEWE3tmN1tyVH%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80ecd3d4b9db3a96-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame 523F 0
98 B 75ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5108559730055158212
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 523F 43 B
182 B 269ms
210ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5108559730055158212

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-160-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Sat, 30 Sep 2023 13:31:39 GMT
pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H2 200 sync
partners.tremorhub.com/ Frame 523F 43 B
175 B 389ms
127ms Image
image/gif 2600:1f18:612b:4264:76d7:ab8c:aa2f:d2d0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5108559730055158212&r=U9-HxGW78SR4
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:76d7:ab8c:aa2f:d2d0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 30 Sep 2023 13:31:39 GMT
server: nginx
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 523F 43 B
377 B 65ms
6ms Image
image/gif 35.157.166.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5108559730055158212
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.166.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-166-55.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:39 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 523F 0
337 B 116ms
29ms Image
text/plain 34.250.62.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5108559730055158212
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.62.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-62-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-served-by: beacon-n006-dub-prod.krxd.net
date: Sat, 30 Sep 2023 13:31:39 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1696080699
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
x.bidswitch.net/ Frame 523F 43 B
146 B 38ms
8ms Image
image/gif 52.59.55.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559730055158212&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.55.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-55-175.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826430p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 2383 1 MB
369 KB 90ms
89ms XHR
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3b212359ac477b4c4858dd3be07abe90e2f1aae1e262eed823407ce2629411e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Pr6CEjM2o36OH6chBI6GNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Pr6CEjM2o36OH6chBI6GNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 30 Sep 2023 13:31:39 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.T5kGDJ8WaGw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.i0ZbBA... Frame 2383 9 KB
4 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.T5kGDJ8WaGw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.i0ZbBAUavxo.L.B1.O/am=AMAY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjQ2KJjWbXISqWks1yYzREefAx9Sg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be993442ec9d825133109ef3e6c5a338a2662146cbbdbf60098494855909bbb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 17:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3927
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 20:26:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Sep 2024 17:50:52 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.T5kGDJ8WaGw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.i0ZbBA... Frame 2383 36 KB
14 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.T5kGDJ8WaGw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.i0ZbBAUavxo.L.B1.O/am=AMAY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjQ2KJjWbXISqWks1yYzREefAx9Sg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

368128edb33b77d483f40ffe2497f6d9071a6ba7384c9785f9fe8d851b6d9138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 17:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13835
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 20:26:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Sep 2024 17:50:52 GMT

POST
H3 200 log Show response
play.google.com/ Frame 2383 131 B
155 B 54ms
37ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 30 Sep 2023 13:31:39 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 36ms
13ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 30 Sep 2023 13:31:39 GMT
expires: Sat, 30 Sep 2023 13:31:39 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2383 131 B
155 B 54ms
41ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 30 Sep 2023 13:31:39 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 35ms
15ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 30 Sep 2023 13:31:39 GMT
expires: Sat, 30 Sep 2023 13:31:39 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2383 131 B
155 B 50ms
35ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 30 Sep 2023 13:31:39 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 33ms
16ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 30 Sep 2023 13:31:39 GMT
expires: Sat, 30 Sep 2023 13:31:39 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2383 131 B
155 B 52ms
38ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 30 Sep 2023 13:31:39 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 27ms
15ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 30 Sep 2023 13:31:39 GMT
expires: Sat, 30 Sep 2023 13:31:39 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 28ms
17ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 30 Sep 2023 13:31:39 GMT
expires: Sat, 30 Sep 2023 13:31:39 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2383 131 B
155 B 50ms
38ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 30 Sep 2023 13:31:39 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 32ms
22ms Preflight
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 30 Sep 2023 13:31:39 GMT
expires: Sat, 30 Sep 2023 13:31:39 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2383 131 B
155 B 47ms
38ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 30 Sep 2023 13:31:39 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame D2A3 7 KB
1 KB 18ms
17ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=pxZcVU8Dk73FyvFvdCgp2MSG&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7772527f996f56f7d9ece1b07a44f3693c569cd19f2581474bd4d0f90af30b1f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_hiwbwRcwsmE6Fujz_nLTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_hiwbwRcwsmE6Fujz_nLTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 30 Sep 2023 13:31:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/ Frame D2A3 55 KB
24 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=pxZcVU8Dk73FyvFvdCgp2MSG&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 04:03:44 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Sep 2024 13:06:47 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/ Frame D2A3 461 KB
184 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=pxZcVU8Dk73FyvFvdCgp2MSG&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e001f660a1c1ebf12cde6a74dc3e6d90a1115c3e3378193e3b7c0d9d357d82ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 10:49:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 188760
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 04:03:44 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Sep 2024 10:49:05 GMT

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 14ms
7ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=give.unrefugees.org&t=xo&v=5.0.397&source=payments_sdk&client_id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&disableSetCookie=true&vault=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 0815bc671ce52
dc: ccg11-origin-www-1.paypal.com
content-length: 16488
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
server: ECAcc (frc/4CA9)
traceparent: 00-00000000000000000000815bc671ce52-242761548d788a81-01
etag: "64f25363-daa8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 30 Sep 2023 14:31:39 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
294 B 197ms
181ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AZXYADENKNJPZE-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AZXYADENKNJPZE-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3f710125-e254-44cc-ba7e-5d8abc3fb13d&fltp=analytics&mrid=ZXYADENKNJPZE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1696080699911&g=-120&completeurl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4D0B) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: ac6c8bc308e32
server: ECAcc (frc/4D0B)
traceparent: 00-0000000000000000000ac6c8bc308e32-9fb8b7c0bfc2405e-01
vary: Accept-Encoding
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: ac6c8bc308e32
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
expires: Sat, 30 Sep 2023 13:31:40 GMT

GET
H2 451 cd63b94d-2c93-482d-8d17-921e6d8d189f Show response
crb.kargo.com/api/v1/initsync/ Frame 7801 0
292 B 39ms
7ms Document
text/plain 3.76.141.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://crb.kargo.com/api/v1/initsync/cd63b94d-2c93-482d-8d17-921e6d8d189f?partners=Tapad&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by: Host: storage.cloud.kargo.com
URL: https://storage.cloud.kargo.com/kds/kds-events-gtm.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.76.141.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-76-141-3.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Sat, 30 Sep 2023 13:31:39 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
vary: Origin
x-accel-expires: 0

POST v1
kds-pixel.kargo.com/api/ 0
0

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 8E28 55 KB
17 KB 8ms
8ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBF) /

Resource Hash

7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16892
content-type: text/html
date: Sat, 30 Sep 2023 13:31:39 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "64f25363-dacc"
expires: Sat, 30 Sep 2023 14:31:39 GMT
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id: 1f024bf0ea553
server: ECAcc (frc/4CBF)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000001f024bf0ea553-10d8c0a9f7fd67b9-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame 8E28 18 B
234 B 163ms
163ms Fetch
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (daa/7D25) /

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
paypal-debug-id: 7cfec0450ebea
dc: ccg11-origin-www-1.paypal.com
content-length: 18
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
server: ECAcc (daa/7D25)
traceparent: 00-00000000000000000007cfec0450ebea-b37869226655d48a-01
etag: "60271cd0-12"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 30 Sep 2023 13:31:39 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
258 B 184ms
184ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AZXYADENKNJPZE-1&page=muse%3Aoffer%3A%3A%3AZXYADENKNJPZE-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3f710125-e254-44cc-ba7e-5d8abc3fb13d&es=visitorInfoFlowStarted&mrid=ZXYADENKNJPZE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1696080699980&g=-120&completeurl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CDF) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 9178fc146a96a
server: ECAcc (frc/4CDF)
traceparent: 00-00000000000000000009178fc146a96a-da326a7c0a92cfe9-01
vary: Accept-Encoding
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 9178fc146a96a
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
expires: Sat, 30 Sep 2023 13:31:40 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 8E28 435 B
2 KB 290ms
290ms Fetch
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE9) /

Resource Hash

7a10b911f2c2e0d8991fe722fa5ecb9e8d72fc19c74e89ac75382b036cc4687d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-hlzc1tWEiPOBCxrEnaCct238mj1seU89ewKK5HZ8ZoMi/CuC' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
disable-set-cookie: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-hlzc1tWEiPOBCxrEnaCct238mj1seU89ewKK5HZ8ZoMi/CuC' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: gzip
date: Sat, 30 Sep 2023 13:31:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 0a10106b9535a
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server: ECAcc (frc/4CE9)
traceparent: 00-00000000000000000000a10106b9535a-65739b3343515a3f-01
etag: W/"1b3-NWCOsqDE8I11hXJTvvwj21fgxPw"
vary: Accept-Encoding, Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin: *

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 226ms
207ms Preflight 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C94) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,disable-set-cookie
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-allow-credentials: true
access-control-allow-headers: content-type,disable-set-cookie
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Sat, 30 Sep 2023 13:31:40 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: 04b4a80102712
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server: ECAcc (frc/4C94)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000004b4a80102712-98590ee26b7a12b1-01
vary: Accept-Encoding Origin, Access-Control-Request-Headers

GET
H/1.1 200
OK gs Show response
gs.mountain.com/ 144 B
733 B 695ms
172ms Script
application/javascript 34.212.4.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.mountain.com/gs
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.212.4.35 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-212-4-35.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 8c8aad5b6e9e153fe43485b14af9b38d910cc6c78018accdb613fee0e20ed45a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:40 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 0
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
299 B 100ms
99ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://give.unrefugees.org
Date: Sat, 30 Sep 2023 13:31:40 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
1 KB 564ms
213ms Script
application/javascript 52.37.218.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=UA-3754388-9%3BUA-1473340-18%3BG-P9YZZV758Y%3BG-EVDQTJ4LMY&ga_client_id=1545826543.1696080699&shpt=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-3754388-9%3BUA-1473340-18%3BG-P9YZZV758Y%3BG-EVDQTJ4LMY%22%2C%22ga_client_id%22%3A%221545826543.1696080699%22%2C%22shpt%22%3A%22Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR%22%2C%22dcm_cid%22%3A%221696080698.1%22%2C%22dcm_gid%22%3A%221581537739.1696080699%22%2C%22ga_utm_campaign%22%3A%22US_PS_EN_CORE_APPEAL___230928%22%2C%22ga_utm_source%22%3A%22u4u-appeal%22%2C%22ga_utm_medium%22%3A%22email%22%2C%22mntnis%22%3A%22HHhHhZJm0j2mjY6%2FJ%2FKmP27xrZs5RANf%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A4%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1696080698.1&dcm_gid=1581537739.1696080699&available_ga=%5B%7B%22id%22%3A%22UA-3754388-9%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22UA-1473340-18%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22G-P9YZZV758Y%22%2C%22sess_id%22%3A%221696080698%22%7D%2C%7B%22id%22%3A%22G-EVDQTJ4LMY%22%2C%22sess_id%22%3A%221696080698%22%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=35855&plh=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&cb=1696080700212852&shguid=17213d60-391a-3906-829a-aacde7353b76&shgts=1696080700909
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.37.218.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-218-4.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:41 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 33
connection: close

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
15 KB 35ms
6ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-1216.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: br
via: 1.1 varnish
date: Sat, 30 Sep 2023 13:31:41 GMT
strict-transport-security: max-age=300
x-amz-request-id: CYHGSSK6RXPNQ64E
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15095
x-amz-id-2: v/eH2x5uHJgumu45FZoLzRZk7iR4uxlFVFoepeCcAsVVY+NS4fb/GGbsH6lDOwfMX37ymIXsy5c=
x-served-by: cache-fra-etou8220050-FRA
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1696080702.597775,VS0,VE0
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 34

GET
H/1.1 200
OK check.js;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42 Show response
h.online-metrix.net/fp/ Frame 9159 290 KB
50 KB 47ms
22ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/check.js;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4&jb=35392e24687b6f753d556b6c666d7f73246a71673d5f696e6c6d777b273a3033322668716277354368706f6d6d24687b623d436a706d6f672d323231333f

Requested by

Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/tags.js?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

2e65ba60aa68b4086881a782a29aa06482d88e6befe696c81fec35e2b83a6104

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 13:31:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 0063a51f4472f6e4
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
h.online-metrix.net/fp/ Frame 9159 81 B
475 B 36ms
12ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Sep 2023 13:31:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
h.online-metrix.net/fp/ Frame 9159 81 B
475 B 38ms
12ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Sep 2023 13:31:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=217E690FC3894288A7B5180017D8544D&RedC=c.clarity.ms&MXFR=186B4AF2F5826D52134F596EF18263B7
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=217E690FC3894288A7B5180017D8544D&MUID=1695BD0FF2B86D3B13A1AE93F3146C64

42 B
443 B

29ms
28ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=217E690FC3894288A7B5180017D8544D&MUID=1695BD0FF2B86D3B13A1AE93F3146C64
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:40 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F937A667DD8240ECA417213BBA2BE817 Ref B: FRA31EDGE0119 Ref C: 2023-09-30T13:31:41Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=217E690FC3894288A7B5180017D8544D&MUID=1695BD0FF2B86D3B13A1AE93F3146C64
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 cda0845c-e241-4b98-8d4b-abdc76d31d9d.js Show response
tr.snapchat.com/config/org/ 167 B
447 B 55ms
17ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/org/cda0845c-e241-4b98-8d4b-abdc76d31d9d.js

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

8f05a1b069c4b1192969da3791dad0bda8ee6fcf1c79a86bf566c23b8eb3eab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://give.unrefugees.org/
Origin: https://give.unrefugees.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://give.unrefugees.org
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 1275 0
201 B 52ms
16ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=cda0845c-e241-4b98-8d4b-abdc76d31d9d&u_scsid=ba8237a3-6c4b-4ba3-93af-60c8b7ff6904&u_sclid=1482890d-875d-4b91-88a1-d9397494eab8

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 30 Sep 2023 13:31:41 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=572740244&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&ul=en-us&de=UTF-8&dt=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F180117core_mainpg_d_3000%2F&el=25%25&_u=aDnACEABRAAAAGAAI~&jid=1539540481&gjid=258682817&cid=1545826543.1696080699&tid=UA-3754388-9&_gid=1581537739.1696080699&_r=1&gtm=45He39r0n81N9KWLLF&z=763649848

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=572740244&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&ul=en-us&de=UTF-8&dt=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F180117core_mainpg_d_3000%2F&el=50%25&_u=aDnACEABRAAAAGAAI~&jid=&gjid=&cid=1545826543.1696080699&tid=UA-3754388-9&_gid=1581537739.1696080699&gtm=45He39r0n81N9KWLLF&z=1498532770

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 22:49:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52937
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=572740244&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&ul=en-us&de=UTF-8&dt=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F180117core_mainpg_d_3000%2F&el=75%25&_u=aDnACEABRAAAAGAAI~&jid=&gjid=&cid=1545826543.1696080699&tid=UA-3754388-9&_gid=1581537739.1696080699&gtm=45He39r0n81N9KWLLF&z=1269553624

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 22:49:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52937
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
8ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=572740244&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&ul=en-us&de=UTF-8&dt=Help%20Refugees%20Today%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F180117core_mainpg_d_3000%2F&el=100%25&_u=aDnACEABRAAAAGAAI~&jid=&gjid=&cid=1545826543.1696080699&tid=UA-3754388-9&_gid=1581537739.1696080699&gtm=45He39r0n81N9KWLLF&z=1898801376

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 22:49:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52937
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fa5b33ed7c80.js Show response
w.usabilla.com/ Frame C710 37 KB
11 KB 134ms
35ms Script
text/javascript 54.246.176.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/fa5b33ed7c80.js?lv=1
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.176.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-176-32.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 07a632db11ea18f3d3ce0ae4e74aa4bbbb8cf86bf79c8afa8722bc23e6fc5c72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:41 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "3405d853c9cdb4cdabab46e828ab58e1"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 11278

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 27ms
26ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3754388-9&cid=1545826543.1696080699&jid=1539540481&gjid=258682817&_gid=1581537739.1696080699&_u=aDnACEABRAAAAGAAI~&z=761093364

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 30 Sep 2023 13:31:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cf888b8b66 Show response
bam.nr-data.net/1/ 56 B
619 B 334ms
245ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/cf888b8b66?a=357730915&v=1216.487a282&to=ZFNSZUsADUJYWxFRC10ZfWd6TjFUV1wASilFVXNeVxURXlVUAEpLfllURFUEM1BeXQ%3D%3D&rst=5714&ck=1&ref=https://give.unrefugees.org/180117core_mainpg_d_3000/&ap=322&be=1885&fe=5644&dc=3389&perf=%7B%22timing%22:%7B%22of%22:1696080695921,%22n%22:0,%22f%22:731,%22dn%22:733,%22dne%22:806,%22c%22:806,%22s%22:978,%22ce%22:1158,%22rq%22:1158,%22rp%22:1830,%22rpe%22:1833,%22dl%22:1839,%22di%22:3389,%22ds%22:3389,%22de%22:3407,%22dc%22:5642,%22l%22:5644,%22le%22:5664%7D,%22navigation%22:%7B%7D%7D&fp=2969&fcp=2969&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b1e54380b8b8e45010115f3d0f7caad60ca0f34be8bee3e11e11727cc64d49f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 13:31:41 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 80ecd3e1c846994b-FRA

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1005 B
751 B 204ms
203ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CDE) /

Resource Hash

040e07ab0106f42690d1f50e2843d9605b0d5f6cb9d27a69150cad86d2b0faf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type: application/json

Response headers

date: Sat, 30 Sep 2023 13:31:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 0062667b93152
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 598
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server: ECAcc (frc/4CDE)
traceparent: 00-00000000000000000000062667b93152-07b517c0aff8bbec-01
etag: W/"3ed-JezfeQQ41nFKzGEP/tiDNBLCsfA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://give.unrefugees.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin: *

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 235ms
235ms Preflight 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CDE) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.unrefugees.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://give.unrefugees.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Sat, 30 Sep 2023 13:31:41 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: 0a9777375243a
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server: ECAcc (frc/4CDE)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000a9777375243a-118ff20240e0322e-01
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 p
tr.snapchat.com/ 68 B
308 B 20ms
19ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=cda0845c-e241-4b98-8d4b-abdc76d31d9d&ev=PAGE_VIEW&intg=gtm&pids=cda0845c-e241-4b98-8d4b-abdc76d31d9d&u_c1=4cbc09d0-f29b-4bf5-88bb-1c57ff007eb8&u_sclid=1482890d-875d-4b91-88a1-d9397494eab8&u_scsid=ba8237a3-6c4b-4ba3-93af-60c8b7ff6904&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=3406&m_fcps=2969&m_pi=3388&m_pl=5663&m_pv=2&m_rd=5727&m_sh=1200&m_sl=2934&m_sw=1600&pl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&trackId=0f713748-4ef8-405c-9acb-26e1ffc00b7b&ts=1696080701648&v=3.4.5-2309300442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:31:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H/1.1 200
OK clear.png Show response
h.online-metrix.net/fp/ Frame 9159 81 B
535 B 37ms
12ms XHR
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png

Requested by

Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/check.js;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4&jb=35392e24687b6f753d556b6c666d7f73246a71673d5f696e6c6d777b273a3033322668716277354368706f6d6d24687b623d436a706d6f672d323231333f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, zrtzph91/0063a51f4472f6e4e1873-54162632-4653-484a-b097-03b1fb4b9dd3
Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 13:31:41 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Sat, 30 Sep 2023 13:31:41 GMT
Server: Apache
Etag: a88c0787415c48ddb894589f31aa3fa1
Content-Type: image/png
Access-Control-Allow-Origin: https://give.unrefugees.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Thu, 28 Sep 2028 13:31:41 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42 Show response
h.online-metrix.net/fp/ Frame 8C05 92 KB
14 KB 16ms
15ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

cf9f00e8c7970537117339bef7e7ac9e4fc380b85f4c85c03908b4d8d5b9c95f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sat, 30 Sep 2023 13:31:41 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
h.online-metrix.net/fp/ Frame 9159 0
387 B 13ms
13ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4&jb=33362e6e71693d666466333b33666c386065323c313f37613b61376b673a39333132636464643b

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Sep 2023 13:31:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK es.js Show response
h.online-metrix.net/fp/ Frame 9159 134 B
655 B 14ms
14ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/es.js?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

5393bea6f52daf889ef4d0024c855941f468cae330d02969538353e8010ce9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Sep 2023 13:31:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42 Show response
h.online-metrix.net/fp/ Frame 01FC 103 KB
15 KB 30ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

b3bdd519b499adfa18e819aff3cfd8c00aca8d1b0508f37703754997cad73af6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sat, 30 Sep 2023 13:31:41 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42 Show response
h.online-metrix.net/fp/ Frame BBBF 90 KB
13 KB 21ms
15ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/top_fp.html;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

f24a74446bd94016b520542c6e5fa8ff0b6401c238a41404ef4e3fecec077b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sat, 30 Sep 2023 13:31:41 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
h.online-metrix.net/fp/ Frame 9159 0
218 B 18ms
13ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4&ja=32323134242e633d363224783f343826643d333e303878313a32302e636e3d333430327a313038302671787935327a38266470703f332e333e30322c333a30382c313e323024333a30322e313432302e393230322c313e323224313230322e322e322e6d763d6330383a61626b66633f356c646466663b67613a3c31313637303e603b693761266f6c3f36247b63663d303c2664683d60767478712d33432732442732446f6976672e756670676e75676567712c6d706f2530463330303931376b6d726d5d65616b6c70655d645d3b30303225324e27314e75746d5d6f67666b7d6d2733466d6d69696c2d30367d76655f616b64273144323833314930303832314264634d40534358273a3677746f57736775726b67253b467d34772f6172726563642532347574655d61696d70616b656c27314c55515f525b5f4d4e5f4b4d524d5d49505247414e5d5f5d3a33303b32382d30347d746d5f616d6c766766742733466e75646c66616e652d303e53445d6f6c67746b6565253144373833506e30303032323377743c6e4b41432d323e5346576f6f6676606c7b2733463530335a66303230303833775f724f49435724726e353324706a35373066323063613e606b66606731333162353b38376365306c31606c62326436246a6a3f693261646030656936656e316330666b30313b62316163643c33353036653a362462736f3d556b6c666d7f7327323239302e6a736a3f436070676d672732323331352e6a736d753d5f6b6c6c6f7773246871607735436a726d65652e6e686b3f342e6c6c6d3f3a266c6f7472353026767a643547777a6f706527304440677a6c6b6e2465617c687235363038316c31613062676130306d366361353638323a3a61643137373632336e6436353a30313c31643e676169303c64613b34636462663f32333333313134632e64723d6a767672712d334325304e253a46676174652677667267647565676571266f726525324e333a38313137616d70675d65616b6e726f5f6c5f333832302d304e25314475766f5f6f6d6469776d253b46676561696c2730347776655f6169662d334c30303b334b38323830314864614f4253495a253036757c6f5d7b6f757261672731467d34772d6378706d616c2d30367d76655f61636d7263696566253346555357525157454e5f414d50475d4950524543445f575f323b32393a3a2d323477746f5d636d6674656c74253b46647d6c6c666b6e6727303e53445f6d66657c696d6d27334c35383150643032323032397576366e494943273a3653465d6f6d6c76606c7b25314c373831526e3230383238317755724d4b41572e703d726c756f6b6c57666c61716a2737476e616e73672970647567616c5f7f6b66646d75735d6f656661615f726c617167702d354566636e716723786c77676b665f69646f6a675f69617a6f60637427374564696c73672170647765616e5f71776b616976616d6725374d66696c736d237064776f696c5d736a6d63697f61766725354d646364736521726e77656b665f70656364706461796d70253d476e616e716523726c776f696e5d766c6b5d72646179657027374764696c716523786c7d6769665d646d74696c7470253747666364736523706c7d656b665f7376655d746b677f657025374d66696c736d237064776f696c5d6a637461273d4566636c736d2465645f633d756760656e5f6560474e2d3238312e382732382a4770676c474e2732324d53253030322632273a304368706d6f6b7765295565604f4c2d32304f4e5344273a304751253032312c38253232284f78676c4f4c2532324751273038474e534e2d323845532d3030392c38253032436a706f6f61756d2b57656a496b7c576562496b7627303857676245444146474c4d5d6966717c616c6165665d61707a61797125334a2730384558545d606e676c6c5f6f696c65617025334a2732384750545d616f6e6d725d6a7566646572576a6364665f666e6d6376273b422732324d585c5f66646d617c5d6a6c676c64273142273a30455a545f6e70636f5f646572766a27314a2530304750545773686966657a5d7c657a767570675f6e6764253142253a324750545f74677a7677706d5f616f6f78726d7373616d6e57607874612733402732324d58545d74657076777a655f636d6f7270677b736b6f6c57726f74632d31422d3038455a565f766778767d72655d66696476677a5f616e6b716d767067706b63273b422d32304d5a5457715a47402733402732324745535d656c6d6f6766745f696c66677a5d7d696c74273b422d323047475357646a6f5d70656c666570576d69726d617827314a2532304d47515d717c616c64637a645764657a6b766976617667712531402530384f45515f746d7a767d72655f646e6d63762d33402530384f4d535f7c67787c777a655d646c6d63745d64696e6761722d31402d32304f47515d766770747772675768696c6657646c67637c2531402530324f475b5f746778747d70675768616c645d646e6d69745d6c6b66656972253b40253a324745515d7667707467705f61707261715d6d6a6a656376273140273a305545404f4c57636f646d7257607d666467725d646c6d6974253142253a32554d42474c5d616d6f727a657173676c5f7c65787c77726d5d69737661253140253038574540474c57616d65707265717167665d7c657a74777a655765746b27334a273a30554742454e5f61676d707065737b676657746578767770675d6d746131273b422d32305f47424f4e57636d6f70706773716d645f7665787c77706d5f733376612731402d323257474a47445f63676f707a677b7367665f766778767d72655d73337c615d7b72676227314027303857474245445f6c65627d655f7a676664677065705d696c6e6f253142253a32554d42474c5d66677276605f76657a7c757a65253b40253a325f4540454c5d6672637f5f627766666d70712d33422530325547404f4c5d6c6d7b6557636f66766570762d33402732325545404f4c5f6f756c7c6b5d6c726177333424656e57683f33646e356c66663c353438666c63363237673432606d30653534643a37373c3631303666363037312675676e7e3d416e746d6e253a32416e612c2675656c7035496e76656c2d3032417269732730324d726d6e454c273a304d6e67616c652e616b643f33&jb=31353d246e793d4d6f786b6e6e632d3244352c38253a30285f6b6e6c6d7f732730304c5625303831302c30253b40273a3057696c343627314a2530307a3e34212532384370786e6d5767604b6b7625304e3533352e333e273038284b48564f4e27304b2530306e616b6d25323845656b696729273030416a726d65652530463139352c382e3539313a2c33313a2530305169666972692d30463d313f2e3134

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 13:31:41 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
zrtzph91zwopvrgnnhg365cyucmymk4wzagwzm7e0063a51f4472f6e4am1.e.aa.online-metrix.net/fp/ Frame 9159 81 B
438 B 184ms
12ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zrtzph91zwopvrgnnhg365cyucmymk4wzagwzm7e0063a51f4472f6e4am1.e.aa.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Sep 2023 13:31:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 36ms
34ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3754388-9&cid=1545826543.1696080699&jid=1539540481&_u=aDnACEABRAAAAGAAI~&z=1525825521

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 34ms
31ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3754388-9&cid=1545826543.1696080699&jid=1539540481&_u=aDnACEABRAAAAGAAI~&z=1525825521

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Sep 2023 13:31:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
h.online-metrix.net/fp/ Frame 8C05 0
387 B 13ms
12ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4&jf=33362e6e716a3d62643436353b636c666666373c316d33626b37396c633f63343a356630303239

Requested by

Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Sep 2023 13:31:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK es.js Show response
h.online-metrix.net/fp/ Frame 8C05 134 B
654 B 14ms
14ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/es.js?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4&fr

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

811fadca2fdcd78574fd71d39f43203c24f36e6138e76dc690c231faccce4009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Sep 2023 13:31:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 p
tr.snapchat.com/ 0
15 B 18ms
18ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 30 Sep 2023 13:31:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://give.unrefugees.org
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 200 p
tr.snapchat.com/ Frame 0
0 18ms
16ms Preflight 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.snapchat.com/p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.43.190.35.bc.googleusercontent.com
Software: API Gateway /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.unrefugees.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: https://give.unrefugees.org
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 30 Sep 2023 13:31:41 GMT
server: API Gateway
via: 1.1 google

GET
H/1.1 200
OK unhcr-button-ca8fba580979f02c2694fa49ed8ef52a.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame 6975 2 KB
2 KB 57ms
13ms Image
image/png 18.239.15.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d6tizftlrpuof.cloudfront.net/themes/production/unhcr-button-ca8fba580979f02c2694fa49ed8ef52a.png
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_d_3000/?utm_medium=email&utm_cid=0031K00003JdcMBQAZ&utm_source=u4u-appeal&utm_campaign=US_PS_EN_CORE_APPEAL___230928&utm_content=fullfile&SF_onetime=701Rf000001uv4nIAA&SF_monthly=701Rf000001uWrOIAU
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.15.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-15-45.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90b232dae4b3477832ee21493d7558ace8cf6e9b8bc97f9c552f301da013f1da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Wed, 26 Jul 2023 07:59:57 GMT
x-amz-version-id: .SrcatzoiMfoqGSBwRAbfAVYaagZkb9i
Via: 1.1 ed8a64af6e81621f0f4bbf3ca72f2da4.cloudfront.net (CloudFront)
Last-Modified: Tue, 05 Feb 2019 19:50:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS58-P6
Age: 5722306
ETag: "ca8fba580979f02c2694fa49ed8ef52a"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=315360000, no-transform, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1768
X-Amz-Cf-Id: oVkr4_8C_0NIRoKb3hCG5EfqB1HBJCEBuTaZFiqY71FBoTwR1LgUxw==

GET
H/1.1 204
204 clear1.png;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42
h.online-metrix.net/fp/ Frame 9159 0
400 B 18ms
17ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4&jf=34313e247161645f726c663f76667a5f4b7a30316f3e596d7c725a7c3a4a524624736b665f666974653f3136313432303037303324716b6657747b706735776d623a6d61647b632e736b665f6967793f3b30353b33303931323e303732633a34363a6b653164323a30393036383a32693a3e343a6165316630313831303530333c3032383034363b303563373c393b66646e616e32333e37666d343f39646136646037663162616630393132336a32326564613a33606c636034666a353130633933633f366e63673232306032323d37383532316d3164316631633b643733303f653b36313b326933346964613e333d30373766373765303b64656337653c3435693766353624716b6657736b673f3b303c35303a30303a613066356765663232666e37643535643b60326a343834603a3661303b636435616b373f6339693a33313438623031623b6764356d39383735393832353c34303230333232616b6363373b31633f36656c673438326a62326136363437336e3966373232393a646b326565613b3633336e643762376c313c663238323139373f636060386024736b6e723d32

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Sep 2023 13:31:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42
h.online-metrix.net/fp/ Frame 01FC 0
400 B 16ms
16ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4&jf=34313e247161645f726c663f76667a5f57326f30794e56614661446071714d5b24736b665f666974653f3136313432303037303324716b6657747b706735776d623a6d61647b632e736b665f6967793f3b30353b33303931323e303732633a34363a6b653164323a30393036383a32693a3e343a6165316630313831303530333c303238303465643263306769333b35363a323f38663131626c3b6a61313062353063336963343a64343d32633a35383266343135353f386164316c353863303e3633693a3c63336061363338333162323638643b3a353830356135673264343a386434363e656a36343f64646e376a66333666343561323a323133306330303b6a3733383a24716b6657736b673f3b303c35303a3031383269613a3337363a34643c66643762386963603163613931313b323430353334643a356c35393167303c603838363336306338343c36623134386c63313f306266323030323138343338323b633130383c363539643b393064373b6135313f37643033626e67346b643163613a363b3569363231613c376c38643b3b3130346b386163623024736b6e723d33

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=CE4E13EBCA92B9359F8E3C97E0EC8B42?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Sep 2023 13:31:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
h.online-metrix.net/fp/ Frame 9159 0
387 B 13ms
12ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-54162632-4653-484a-b097-03b1fb4b9dd3&nonce=0063a51f4472f6e4&jac=1&je=323531242462666e3d312468646a35393b36333f316e62663135333f673b36356061353734606a33396063343a613a2e6a66746c3f32383339343833247f65613d313b3a2e393b312e313a2e33313224786d3d6c6f266a63767b743d253540273030646574656e2d323a253349332e38322d32412732307174637c75732732322d31432d3232636a6370656b66672732302d374c26617d666835616937603b653467363a3963636363366e30633f633139303b3134313c366035613b313f39366a366430666c343a3430323138646d34663233666b663a3c353926677a313f64396567353b6b616e37353936373f343d64303639313437373a34653b32666e6160303131336363

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Sep 2023 13:31:42 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
299 B 131ms
131ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://give.unrefugees.org
Date: Sat, 30 Sep 2023 13:31:43 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
299 B 115ms
115ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://give.unrefugees.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://give.unrefugees.org
Date: Sat, 30 Sep 2023 13:31:46 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kds-pixel.kargo.com
URL: https://kds-pixel.kargo.com/api/v1?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=

Domain: kds-pixel.kargo.com
URL: https://kds-pixel.kargo.com/api/v1?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

76 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
give.unrefugees.org/180117core_mainpg_d_3000	1969-12-31 23:59:59	Name: trcksesh Value: a29380a6-1ef5-4b60-8b76-06778f8bc752
sc-static.net/scevent.min.js	1970-01-20 15:09:27	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
h.online-metrix.net/	1970-01-21 00:44:00	Name: thx_guid Value: a26b4beb7a29c1f5fe0079ab54710406
h.online-metrix.net/	1970-01-21 00:44:00	Name: tmx_guid Value: AAz7uvi6FvW4a9Zpm3JZ8LApocYIImQKoFZcpGz9RIe1v7k_XFlda1bEoowm7fViaoPCxrPYPfnrN0jsLQLkG9JEonFd6g
.unrefugees.org/	1970-01-20 17:17:36	Name: _gcl_au Value: 1.1.814318793.1696080699
.google.com/	1970-01-20 19:31:31	Name: NID Value: 511=DSi-Latj0_BRkph8EoRbFp4Pm5g_QAD5vg9m6zUGuVKN7aq_FyDGVBCg-9y-A1HdoE4qiShSt9eCSkNquc3jESXVwUv4BGMByAZCLhX_qHDABv5P14I36ru-2j2YDW8CrTLRBZsNQYIZt8a3oKaTRVWLQjmDAj6H3xN9JmZB6mc
dev.visualwebsiteoptimizer.com/	1970-01-20 17:32:00	Name: uuid Value: DAF5FA314EE234641AD49A64743942B88
.give.unrefugees.org/	1970-01-20 23:55:03	Name: _vwo_uuid_v2 Value: D9DC611CF54F63D30CC7C04640FDDF077\|1cd811bd81f86256dbdd04deb22c77b2
.unrefugees.org/	1970-01-21 00:44:00	Name: _rup_ga_EVDQTJ4LMY Value: GS1.1.1696080698.1.0.1696080698.0.0.0
.unrefugees.org/	1970-01-21 00:44:00	Name: _rup_ga Value: GA1.1.1545826543.1696080699
.give.unrefugees.org/	1970-01-21 00:44:00	Name: _ga Value: GA1.3.1545826543.1696080699
.give.unrefugees.org/	1970-01-20 15:09:27	Name: _gid Value: GA1.3.1581537739.1696080699
.give.unrefugees.org/	1970-01-20 15:08:00	Name: _dc_gtm_UA-3754388-9 Value: 1
.unrefugees.org/	1970-01-20 15:09:27	Name: _gid Value: GA1.2.1581537739.1696080699
.unrefugees.org/	1970-01-20 15:08:00	Name: _dc_gtm_UA-1473340-18 Value: 1
dev.visualwebsiteoptimizer.com/	1970-01-21 00:44:00	Name: _vwo_ssm Value: 1
.doubleclick.net/	1970-01-21 00:29:36	Name: IDE Value: AHWqTUn2LQkaEynB4cS1yWMKFBt4_U0QgIlqny0u1YJ4RsCKgIjfcEymtTsOVs1D
.unrefugees.org/	1970-01-21 00:44:00	Name: _ga_P9YZZV758Y Value: GS1.1.1696080698.1.0.1696080698.60.0.0
.unrefugees.org/	1970-01-21 00:44:00	Name: _vwo_uuid Value: D9DC611CF54F63D30CC7C04640FDDF077
.unrefugees.org/	1970-01-20 17:17:36	Name: _vwo_ds Value: 3%241696080698%3A47.78783621%3A%3A
.unrefugees.org/	1970-01-20 15:08:02	Name: _vwo_sn Value: 0%3A1%3A%3A%3A1
.unrefugees.org/	1970-01-20 17:32:00	Name: _vis_opt_s Value: 1%7C
.unrefugees.org/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.unrefugees.org/	1970-01-21 00:37:47	Name: _scid Value: 4cbc09d0-f29b-4bf5-88bb-1c57ff007eb8
.unrefugees.org/	1970-01-21 00:37:47	Name: _scid_r Value: 4cbc09d0-f29b-4bf5-88bb-1c57ff007eb8
give.unrefugees.org/	1970-01-20 23:53:36	Name: __spdt Value: 80b3b3e8268343e2b349022038e3948c
www.clarity.ms/	1970-01-20 23:53:36	Name: CLID Value: 0b7858d21f114c058846ffe4f51c4a64.20230930.20240929
.yahoo.com/	1970-01-20 23:53:58	Name: A3 Value: d=AQABBDsjGGUCEC2dOfZ2cw5LThh9h2Oc0y0FEgEBAQF0GWUiZeANyiMA_eMAAA&S=AQAAAisrYbLfbIyHZU_TWratUZ4
.trkn.us/	1970-01-20 23:53:36	Name: barometric[cuid] Value: cuid_26ea7a1b-7d73-44ca-b0b5-f03957e79dfe
.ipredictive.com/	1970-01-20 16:34:24	Name: ci_rtc Value: _uts=1696080699
.ipredictive.com/	1970-01-20 23:53:36	Name: cu Value: d47a9fd2-6729-43c5-804a-f531749258c0\|1696080699106
give.unrefugees.org/	1970-01-20 15:18:05	Name: AWSALB Value: 0NimsaB+Bqm1P7CLxGu7dw95CDk4W68rRkHiYWXCVdUSE8xBbwMnqVounnAYRqY5z+WzQI13HCiACRYWksX83zmCc25IwzK8V10Nq6Ru/LfZcXZgg0RbZD6g9NSP
give.unrefugees.org/	1970-01-20 15:18:05	Name: AWSALBCORS Value: 0NimsaB+Bqm1P7CLxGu7dw95CDk4W68rRkHiYWXCVdUSE8xBbwMnqVounnAYRqY5z+WzQI13HCiACRYWksX83zmCc25IwzK8V10Nq6Ru/LfZcXZgg0RbZD6g9NSP
.unrefugees.org/	1970-01-20 23:53:36	Name: _clck Value: uj3hby\|2\|ffg\|0\|1368
.unrefugees.org/	1970-01-20 17:17:36	Name: _fbp Value: fb.1.1696080699275.2113233986
.unrefugees.org/	1970-01-20 15:09:27	Name: _uetsid Value: af71ad505f9511ee92915714f04c27a6
.unrefugees.org/	1970-01-21 00:29:36	Name: _uetvid Value: af71e1e05f9511ee90c5abfef83d572e
.bing.com/	1970-01-21 00:29:36	Name: MUID Value: 1695BD0FF2B86D3B13A1AE93F3146C64
give.unrefugees.org/	1970-01-20 23:53:36	Name: U4UUser Value: {%22firstName%22:%22Jesse%22%2C%22lastName%22:%22Whitt%22%2C%22email%22:%22jesse_whitt@oxy.com%22}
.quantserve.com/	1970-01-21 00:38:15	Name: mc Value: 6518233b-80788-bbc5e-41924
.unrefugees.org/	1970-01-21 00:32:29	Name: __qca Value: P0-1619002422-1696080699442
.casalemedia.com/	1970-01-20 23:53:36	Name: CMID Value: ZRgjO-exomDYQ6A4lWD1MwAA
.casalemedia.com/	1970-01-20 17:17:36	Name: CMPS Value: 1125
.casalemedia.com/	1970-01-20 17:17:36	Name: CMPRO Value: 1125
.adnxs.com/	1970-01-20 17:17:36	Name: uuid2 Value: 4497689378622754134
.pubmatic.com/	1970-01-20 17:17:36	Name: KRTBCOOKIE_18 Value: 22947-5108559730055158212
.pubmatic.com/	1970-01-20 15:51:12	Name: PugT Value: 1696080698
.adnxs.com/	1970-01-20 17:17:36	Name: anj Value: dTM7k!M4/YErk#WF']wIg2ImTpQWhQ!@wnfH8KAM.xpH^Gmi[rCxrHTFp5-oHN[hpFSpo%^q!*-)q7Op!AXTO:4=sB!)w.M!ww@%
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjAwNTU0tTAyNBLiM9TNivKJcDXwztYtt0gDAPiuec8lAAAA
.rfihub.com/	1970-01-21 00:29:36	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjAwNTU0tTAyNBLiM9TNivKJcDXwztYtt0gDAPiuec8lAAAA
.eyeota.net/	1970-01-20 15:08:01	Name: SERVERID Value: 22997~DM
.unrefugees.org/	1970-01-20 15:09:27	Name: _clsk Value: gjur8m\|1696080699745\|1\|1\|s.clarity.ms/collect
.krxd.net/	1970-01-20 19:27:12	Name: _kuid_ Value: P07kSMpZ
.dpm.demdex.net/	1970-01-20 19:27:12	Name: dpm Value: 30581394342077595503499966676472360126
.demdex.net/	1970-01-20 19:27:12	Name: demdex Value: 30581394342077595503499966676472360126
.everesttech.net/	1970-01-20 23:53:36	Name: everest_g_v2 Value: g_surferid~ZRgjOwAUQiwzWABY
.media.net/	1970-01-20 23:53:36	Name: visitor-id Value: 3390822990733205000V10
.media.net/	1970-01-20 23:52:10	Name: data-rk Value: 5108559730055158212~~3
.turn.com/	1970-01-20 19:27:12	Name: uid Value: 2802455371849989151
.kargo.com/	1970-01-20 23:53:36	Name: ktcid Value: ec3f487f-0d87-000c-56b0-2e6ba9456724
.rfihub.com/	1970-01-21 00:29:36	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129SzKiQzJN_QrLk-3tCh09C73NC0OKg7iNTSzNDOwMDCztDQ3MJjFiMQ3tTDchMbfhcY_hcZ_hcb_hcafxITKX4TGX4XG34TG34WungWVfwuZb2ZmtIhVICooPcu_3DE0MLO8KtzRKXIVK5ISCyOLTaxoVnCjOVnYPNkoKdHQwNBEN9Hc1EjXxDI1TTfR1NhQ18jUNCnRwNjS3DzV3AqhSc_S0NzU1MBsljDMJGDIGhgYL0LlmzwSRrUJAGBaKlWqAQAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129SzKiQzJN_QrLk-3tCh09C73NC0OKl7FKBAVlJ7lX-4YGphZXhXu6BTZxGKebJSUaGhgaKKbaG5qpGtimZqmm2hqbKhrZGqalGhgbGlunmpuZWhmaWZgYWBmaalnaWhuampgBgAVrXdzawAAAA
.rezync.com/	1970-01-20 19:27:12	Name: zync-uuid Value: c2ba1014-a752-49ef-a531-255ba03977e7:1696080699.9175506
live.rezync.com/	1970-01-20 19:27:12	Name: sd-session-id Value: .eJwNylEOgyAMANC79FuWFiylXMag6xKyyRZxPzPefX6-5B0wfWxbS7O2Q963rw2wvOqlDvmAXn-rPSEDEyZmlYDITJw8eTgH6NZ7fbep3q-z-LkQ0uiKsHej2sMVDuQ881wwqIhJpqgRE0bVm5IwY4TzD6HWJTY.ZRgjPA.uJM4R83KPOibrlZ_XCRTRbZ5BH0
.mountain.com/	1970-01-21 00:44:00	Name: guid Value: aff85fcb-5f95-11ee-85d0-cf5108ad3c81
.px.mountain.com/	1970-01-21 00:44:00	Name: tt Value: H4sIAAAAAAAAAKtWKlOyMqoFAP609q8HAAAA
.unrefugees.org/	1970-01-21 00:44:00	Name: _ga Value: GA1.2.1545826543.1696080699
.unrefugees.org/	1970-01-20 15:08:00	Name: _gat_UA-3754388-9 Value: 1
.snapchat.com/	1970-01-21 00:29:36	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIAgDsItIMEyY56jIFRxvWwy4XUiapQCErFMQ+ss7uYunuocvV2roaP0bZaMzMgAAAA==
.c.bing.com/	1970-01-20 15:18:05	Name: MR Value: 0
.c.bing.com/	1970-01-21 00:29:36	Name: SRM_B Value: 1695BD0FF2B86D3B13A1AE93F3146C64
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 00:29:36	Name: MUID Value: 1695BD0FF2B86D3B13A1AE93F3146C64
.c.clarity.ms/	1970-01-20 15:18:05	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 15:08:01	Name: ANONCHK Value: 0
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 8bef22397991275a

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://event.mrtnsvr.com/?adv=17114&cb=1008996051&ref=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_d_3000%2F%3Futm_medium%3Demail%26utm_cid%3D0031K00003JdcMBQAZ%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_CORE_APPEAL___230928%26utm_content%3Dfullfile%26SF_onetime%3D701Rf000001uv4nIAA%26SF_monthly%3D701Rf000001uWrOIAU&gtmcb=376288481 Message: Failed to load resource: the server responded with a status of 502 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5108559730055158212 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5140084927473441258 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5109685629925463776 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://storage.cloud.kargo.com/kds/configs/Kargo.json Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://crb.kargo.com/api/v1/initsync/cd63b94d-2c93-482d-8d17-921e6d8d189f?partners=Tapad&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=d76768cb-d792-44c6-a642-82beca318c29%3A1696080699.684016&_=1696080699.6853852 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=223d25ba-4aa0-4cfb-bf44-a0e6fec8e62f%3A1696080699.6841314&_=1696080699.685452 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=fe83a7c8-feab-445a-90e0-8a874c6aa90f%3A1696080699.707538&_=1696080699.7098053 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=f3f96dbb-ab4e-4a60-b682-4c237ebd7631%3A1696080699.7854662&_=1696080699.7870264 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=c2ba1014-a752-49ef-a531-255ba03977e7%3A1696080699.9175506&_=1696080699.9186225 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=1280226a-d33e-4742-a623-31b1b8cd6c10%3A1696080699.9177032&_=1696080699.919941 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20669309p.rfihub.com
20826429p.rfihub.com
20826430p.rfihub.com
4647326.fls.doubleclick.net
a.rfihub.com
aa.agkn.com
ad.doubleclick.net
ad.ipredictive.com
adservice.google.com
app.dafwidget.com
atr.veritonicmetrics.com
bam.nr-data.net
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
c.bing.com
c.clarity.ms
c1.rfihub.net
cdn.plyr.io
cdn.unrefugees.org
cdn.veritonic.com
click.e.unrefugees.org
cm.g.doubleclick.net
code.jquery.com
collector-3219.tvsquared.com
connect.facebook.net
contextual.media.net
crb.kargo.com
d6tizftlrpuof.cloudfront.net
data.adxcel-ec2.com
dev.visualwebsiteoptimizer.com
dpm.demdex.net
dsum-sec.casalemedia.com
dx.mountain.com
event.mrtnsvr.com
evnt.byspotify.com
fonts.googleapis.com
fonts.gstatic.com
g1782759016.co
geotargetly-api-1.com
give.unrefugees.org
googleads.g.doubleclick.net
gs.mountain.com
h.online-metrix.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
js-agent.newrelic.com
js.ipredictive.com
kds-pixel.kargo.com
live.rezync.com
lyibja.unrefugees.org
p.rfihub.com
p.typekit.net
partners.tremorhub.com
pay.google.com
pixel.byspotify.com
pixel.quantserve.com
play.google.com
ps.eyeota.net
px.adentifi.com
px.mountain.com
r.turn.com
region1.analytics.google.com
region1.google-analytics.com
rules.quantcount.com
s.clarity.ms
s.yimg.com
sc-static.net
secure.quantserve.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
storage.cloud.kargo.com
sync-tm.everesttech.net
t.paypal.com
tr.snapchat.com
trkn.us
us-u.openx.net
use.typekit.net
w.usabilla.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.tp88trk.com
x.bidswitch.net
x.dlx.addthis.com
zrtzph91zwopvrgnnhg365cyucmymk4wzagwzm7e0063a51f4472f6e4am1.e.aa.online-metrix.net
kds-pixel.kargo.com
13.111.228.216
142.250.184.226
142.250.185.134
142.250.185.70
142.250.185.98
151.101.194.49
151.101.2.137
162.247.241.14
18.238.243.61
18.239.15.45
18.239.83.23
18.66.112.72
184.30.20.22
184.72.142.242
185.89.210.46
192.229.221.25
193.0.160.130
198.47.127.205
2001:4860:4802:32::36
212.82.100.181
23.48.23.59
23.96.124.68
2600:1901:0:7d2::
2600:1901:0:807d::
2600:1f18:612b:4264:76d7:ab8c:aa2f:d2d0
2600:9000:20b4:9e00:1:76cf:fe80:93a1
2600:9000:223c:2600:6:44e3:f8c0:93a1
2600:9000:238d:3200:1e:549f:95c0:93a1
2606:4700:21::681b:c258
2606:4700::6812:1bc1
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:46::45
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:801::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c02::5c
2a00:1450:400c:c07::9c
2a02:26f0:3500:16::215:148b
2a02:26f0:480:f::213:7ece
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::649
3.121.27.153
3.76.141.3
34.111.186.1
34.117.162.98
34.212.4.35
34.232.205.165
34.250.62.135
34.252.16.51
34.96.102.137
34.98.64.218
35.157.166.55
35.190.43.134
35.190.72.228
35.227.237.181
35.244.174.68
44.194.131.144
44.194.80.38
44.209.137.118
44.210.179.130
46.228.164.11
50.112.255.85
52.204.83.105
52.22.50.55
52.25.243.35
52.37.218.4
52.44.225.134
52.59.55.175
54.192.87.248
54.246.176.32
68.219.88.97
69.192.160.219
91.235.132.130
91.235.134.131
99.80.170.99
040e07ab0106f42690d1f50e2843d9605b0d5f6cb9d27a69150cad86d2b0faf4
06a434b0cc6b27ebdbfcabee6848b7a1297230dc394084594cc1c285b61bae87
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
07a632db11ea18f3d3ce0ae4e74aa4bbbb8cf86bf79c8afa8722bc23e6fc5c72
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0d78aaa1f19559ffa4d51c47944c3e6a9c2104d971f1cc105fb92d4bca4501f6
0e2cba21d9fa0c7878e6feedbf6aa57323a6444ce6df48981b39121c7bc2fb95
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f10bd03f4690135c70abf63c9191d804eb7f4416e5309a7d0cf99a70b126563
10433fa51a881104d27e6c1bfe8807ce6dea97266fc0810059b4478ffa50593d
111f96ceeeb374dce4a178a719d2c1a18ee2d01921025345ed93a29a1f7af221
11fa603ce72adba4dfc745fc81f365afe3d714fd117d4b515c64e1d57cf5af5b
121c08aa32d56feaf1e2a15f735b9d20d34ff00ed6afa8b21839de50e0b3f233
15ebbc4ee1e269490d7cf6593e99674e0dc3ed1853eeec8c86178a5d30624be2
1b1e54380b8b8e45010115f3d0f7caad60ca0f34be8bee3e11e11727cc64d49f
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c5b1c65a556c2e92e1c23dedf209ec8ca537788a06c7797e6ce6c4ebde5cabf
1cb146a6294f46b5d58de858134694c25c9bbd944c25ef47c259cddc7f4d60a8
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
275a43b12f692b2930a431505a506f0ddff81d732b5cef0d30f4396abdb40637
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e65ba60aa68b4086881a782a29aa06482d88e6befe696c81fec35e2b83a6104
2f61f967f0f19fe63c743f330f862db14d88fcc7e09eae7d22998e87a4e97749
368128edb33b77d483f40ffe2497f6d9071a6ba7384c9785f9fe8d851b6d9138
38b4fb19c16a3f7d953d7c8c1fc4663add2e692e22d454bc78767c9226c21929
38c9c1413e17c7a5ee87095bdb4cad0da069451ee937cb801c8f37f2c734644f
394e68bb96ac874b1a9f9b39286a16349ab781c8513ce632ce5c7ba8bb2ba0ab
3cd854806809b430cf2a895390bfac5b1ff996643f6e9bb55abb7a36a1e33fc3
3d2a2a3365c7801c59a8f328d7396d3d56d6a0d41ec9e2e78d681f54dad176fe
41573cd3a239011779ef9e3fa8a0dc2eea0b17272dcf56a269581f572a419b08
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09
458ee255c6d13348f36f7ea70ae12bc6810e7ab5ae56f92fa4aabb4752ab32e1
465ecd3c27cf42a3309af6bda6e2b8c4b9cb7a78788908904e0d6761a2c3102a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4aed96a0934b554f2bdde1428a61e809b185486331ee607499aecaa78b35887f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50bfd91bb65762023b74efba030d3212fef8f6261707ba8edb9e4b28d13bb5ed
5393bea6f52daf889ef4d0024c855941f468cae330d02969538353e8010ce9bc
53b492f729960ead9c5779dc772534e0f00e2dcdbd1687a0d236af95417549b5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
589021bd4abd0d6c7e0848edb41abe88e0da8f30b8346ce0946a98c1964fcc8a
5b4bb19d01e1568ad4890a78b719d3743c1f73d4982ea1ea2bc632541a44f975
5c3b7d893de324e949b760db1406424f87425597516760d0e6c46fc6dc190c15
6539068a1c1c6a17c0aa235272a3a91bad898ae2366ab93b95aad3aa4c836e43
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6bfbae61daf6218548d35bd824d5299e6f0517f156050c302ddd83fa0e8abdc8
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
707f1d63a3d38bd0e47051ef4e5817e733e78f35c61419e1d7c3f929cce96330
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
73ef385046533349dbdb6264bfdb814819b44a3a7ddeedf7611db7d55f567c7c
7772527f996f56f7d9ece1b07a44f3693c569cd19f2581474bd4d0f90af30b1f
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a10b911f2c2e0d8991fe722fa5ecb9e8d72fc19c74e89ac75382b036cc4687d
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7c707b4d486575fcdf35497e30073fd70f0a9ea072e4ca1ca724da7fbab22a9b
7e0a06052c3027d042c46a30437954a969701893509ef117af0c06bdcc43a057
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f2e256cb560023d729b4581ba94e88cedce352fc2cbcbb60e3232a5859d4793
7f582da9956745e52c17b0163205f20c2022922efbc47c142c863b3457cb614c
811fadca2fdcd78574fd71d39f43203c24f36e6138e76dc690c231faccce4009
81f701abbdb3dcd7318338357add41af96a3b776549dc928c4703cf1cf9f2ffe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835eb6b703d234d6f689bef34bc83e05987ae6ef19886a83e57e4fba86805646
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8608c7129a24079dd332403d0aef583dcefdf0bfc02914d626a6559a3ac049ad
88925942779bad5dae45ec4f99442a307cbcdb0849b00ca92a70596757b844a7
8c8aad5b6e9e153fe43485b14af9b38d910cc6c78018accdb613fee0e20ed45a
8f05a1b069c4b1192969da3791dad0bda8ee6fcf1c79a86bf566c23b8eb3eab6
90b232dae4b3477832ee21493d7558ace8cf6e9b8bc97f9c552f301da013f1da
92d02af9ef616f3a6d025d4633e40b2239d3189e0da4f9b28a03503901bfdb75
942bd845d4236425c1d10ef12f10ac1e2f2e6136c7bb1f7d6c89d5b0b39f1dc6
954410601a823f37e219f7930b7446f86afa15621326a7078d56fb9c910135cb
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
97880bcd7fcc199a008ea736ab008f7f92e9cf6c0addc2afb6c92b3e70d9c9a5
989c31b0c41ab0fa5b319184a3223c2346dc8e9c2b3ffb8266b33276355c514d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
990619475d4a6e88843f180c86e78aa5c1907479629b8db92a78c2c8c103bca4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b9c0898e129c8c18b79f176435c368cecfe30a903797c9feba7a82ee19902bd
9c0f6b6fbd753d81123113ba2fc9570f56caa522a45923fe6d994c397f165934
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ccd2dd594580b384880e1a21d2a65979b10abf3af347913ffdfa93f707b6f7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a14b0a3bc6be77d74257cd817dfe5b688f39dcffa00dc277c9cc5be9fb5dca9b
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a3b212359ac477b4c4858dd3be07abe90e2f1aae1e262eed823407ce2629411e
a6aea90164a685a02afe0e574bb4c668c83a4b6cdff9ab4b09b0ecbd53e4fd66
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b232b740e35e175a9a671a7695fc317efc0d86304efd2733f0f8d70105c744c9
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b399e228567d9893e2a6c879c2c60a9607b69fd64bc3816c1a319625d9eb436e
b3bdd519b499adfa18e819aff3cfd8c00aca8d1b0508f37703754997cad73af6
b9d5069766237cccf6a072b1f35f0d5853503063c8facd0fd74f55e3f43c4c93
ba2ecd1923f59d3c6fc4b0b0c14f145208d1bfef21d4cf226ff4d058e1188e0d
be993442ec9d825133109ef3e6c5a338a2662146cbbdbf60098494855909bbb9
c04e4a8ecebc7490c188a2306cd34cc1b7b5871fcaa919ee83529a22cde38a12
cb88dc5cb6387265a8aa14b3197b9fd38148212684ae78dc59607f5a81ef07f5
cf9f00e8c7970537117339bef7e7ac9e4fc380b85f4c85c03908b4d8d5b9c95f
d3e13faa8b32311033fdb1308e0ae2845635d419a6f6e83ea3c0cf05fd13cf36
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d8b643671a7baa56194fa4f07ab8f5f727612f7707d0daeab8d6509fc5163d2c
d941abaa1c3e1a6da66e5a4eb0ba6a5e52c910591fc656e5de987e6a96e3a9c4
da23be30e4673b4fc9678a42a28ed211669e5150e5316984e831a1e3994a7dd1
de0a79453d07d9a6783f7e4f2954b6be546f7677cf0e4b5e2c307a6a9d99fafb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e001f660a1c1ebf12cde6a74dc3e6d90a1115c3e3378193e3b7c0d9d357d82ad
e33af907f276fbb4fcf721de5aaf11eaafe1fbfe00b3220f17de00e725a6c465
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9027cbc9f2efbff37e09740f41c16a1ffd89eae8f1555f6a5955d3198d9c31d
eb7e68073ee5ed998d26671859e008697e757f3276759a8ec173e5a62d34a404
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24a74446bd94016b520542c6e5fa8ff0b6401c238a41404ef4e3fecec077b02
f443a0833075588c428b168bd1197b68941431e3a6187ab6fbb3d55099aba58d
fa0fe3d39fadfcf9860fb5244c0a67281790bb1ebd69c8b5fa47d337ebf28d25
fa4cd84b85b5e8a5cb80df48e101665c6de57a9c7db1d0f6c9b33a9e5da4cead
fd8226264cfd611c285f0ad0155bbfcaddc31b03ebdb8442431146379e4340b6

give.unrefugees.org Open in urlscan Pro 50.112.255.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

243 Requests

88 %HTTPS

35 %IPv6

64 Domains

94 Subdomains

81 IPs

5 Countries

3350 kBTransfer

8384 kBSize

76 Cookies

4 Outgoing links

Page URL History

Redirected requests

243 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

give.unrefugees.org Open in urlscan Pro
50.112.255.85 Public Scan

Screenshot
Live screenshot

Full Image

243
Requests

88 %
HTTPS

35 %
IPv6

64
Domains

94
Subdomains

81
IPs

5
Countries

3350 kB
Transfer

8384 kB
Size

76
Cookies

243 HTTP transactions
0 data transactions