urlscan.io logo urlscan.io
SecurityTrails logo

give.unrefugees.org Open in urlscan Pro
54.69.68.103  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.e.unrefugees.org/?qs=39ea6f921bd5a896281633df565eccfcd62beb9901e573a2f1f931e1bf119cb737e558ec0f910ffca4bcee462bf6...
Effective URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_...
Submission: On December 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 70 IPs in 7 countries across 58 domains to perform 223 HTTP transactions. The main IP is 54.69.68.103, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is give.unrefugees.org.
TLS certificate: Issued by Amazon on November 7th 2022. Valid for: a year.
This is the only time give.unrefugees.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.228.216 22606 (EXACT-7)
14 54.69.68.103 16509 (AMAZON-02)
7 2a02:26f0:480... 20940 (AKAMAI-ASN1)
18 91.235.132.130 30286 (THM)
3 3.229.86.20 14618 (AMAZON-AES)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2606:4700:21:... 13335 (CLOUDFLAR...)
1 9 2a00:1450:400... 15169 (GOOGLE)
6 151.101.1.21 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:780... 20940 (AKAMAI-ASN1)
8 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 13.225.77.245 16509 (AMAZON-02)
1 142.250.185.162 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
2 18.116.227.154 16509 (AMAZON-02)
1 35.190.72.228 15169 (GOOGLE)
3 2600:1901:0:7... 15169 (GOOGLE)
1 13.224.189.110 16509 (AMAZON-02)
2 2 142.250.186.102 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 34.204.208.160 14618 (AMAZON-AES)
3 54.82.95.207 14618 (AMAZON-AES)
1 1 35.227.237.181 15169 (GOOGLE)
1 2 35.227.248.159 15169 (GOOGLE)
1 34.204.227.63 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 212.82.100.181 34010 (YAHOO-IRD)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.25.243.35 16509 (AMAZON-02)
2 2a03:2880:f14... 32934 (FACEBOOK)
12 2a00:1450:400... 15169 (GOOGLE)
2 151.101.2.133 54113 (FASTLY)
2 192.229.221.25 15133 (EDGECAST)
1 2600:9000:223... 16509 (AMAZON-02)
1 2 142.250.185.102 15169 (GOOGLE)
1 2.19.126.72 20940 (AKAMAI-ASN1)
2 2620:116:800d... 16509 (AMAZON-02)
7 15 193.0.160.128 54312 (ROCKETFUEL)
1 2001:678:cb4:... 56396 (AMOBEE)
1 2600:9000:20e... 16509 (AMAZON-02)
1 18.194.0.5 16509 (AMAZON-02)
3 3 142.250.184.226 15169 (GOOGLE)
3 6 185.89.211.132 29990 (ASN-APPNEX)
3 6 3.248.138.237 16509 (AMAZON-02)
3 34.98.64.218 396982 (GOOGLE-CL...)
3 18.184.216.10 16509 (AMAZON-02)
3 3.71.169.66 16509 (AMAZON-02)
3 184.30.20.22 16625 (AKAMAI-AS)
3 3 13.225.78.26 16509 (AMAZON-02)
6 35.244.174.68 15169 (GOOGLE)
3 54.158.235.239 14618 (AMAZON-AES)
3 6 185.80.39.216 27381 (CASALE-MEDIA)
3 184.30.24.201 16625 (AKAMAI-AS)
3 6 185.94.180.126 35220 (SPOTX-AMS)
3 2600:1f18:612... 14618 (AMAZON-AES)
3 3.127.6.114 16509 (AMAZON-02)
3 52.48.181.25 16509 (AMAZON-02)
3 6 52.58.214.36 16509 (AMAZON-02)
5 6 151.101.194.49 54113 (FASTLY)
13 2a00:1450:400... 15169 (GOOGLE)
3 35.190.43.134 15169 (GOOGLE)
1 151.101.194.137 54113 (FASTLY)
1 52.211.50.179 16509 (AMAZON-02)
1 162.247.241.14 23467 (NEWRELIC-...)
1 91.235.134.131 30286 (THM)
1 13.225.84.53 16509 (AMAZON-02)
223 70
1    13.111.228.216 (United States)

ASN22606 (EXACT-7, US)
PTR: click.e.unrefugees.org
click.e.unrefugees.org
14    54.69.68.103 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-68-103.us-west-2.compute.amazonaws.com
give.unrefugees.org
7    2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
18    91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net
h.online-metrix.net
3    3.229.86.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-86-20.compute-1.amazonaws.com
app.dafwidget.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2606:4700:21::681b:c358 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.plyr.io
9    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    151.101.1.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
4    2a00:1450:400c:c1b::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a02:26f0:780::5f65:3681 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
8    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    13.225.77.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-245.fra2.r.cloudfront.net
sc-static.net
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googleadservices.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
2    18.116.227.154 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-227-154.us-east-2.compute.amazonaws.com
collector-3219.tvsquared.com
1    35.190.72.228 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 228.72.190.35.bc.googleusercontent.com
www.tp88trk.com
3    2600:1901:0:7d2:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
g1782759016.co
1    13.224.189.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-110.fra2.r.cloudfront.net
js.ipredictive.com
2    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
ad.doubleclick.net
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    34.204.208.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-208-160.compute-1.amazonaws.com
trkn.us
3    54.82.95.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-95-207.compute-1.amazonaws.com
ad.ipredictive.com
1    35.227.237.181 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 181.237.227.35.bc.googleusercontent.com
event.mrtnsvr.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    34.204.227.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-227-63.compute-1.amazonaws.com
data.adxcel-ec2.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.25.243.35 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-243-35.us-west-2.compute.amazonaws.com
lyibja.unrefugees.org
2    2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.facebook.com
12    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
2    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
t.paypal.com
1    2600:9000:223c:1a00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)
c1.rfihub.net
2    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
4647326.fls.doubleclick.net
1    2.19.126.72 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-72.deploy.static.akamaitechnologies.com
storage.cloud.kargo.com
2    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
15    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
20669309p.rfihub.com
20826429p.rfihub.com
20826430p.rfihub.com
a.rfihub.com
p.rfihub.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
r.turn.com
1    2600:9000:20eb:e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    18.194.0.5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-0-5.eu-central-1.compute.amazonaws.com
crb.kargo.com
3    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
6    185.89.211.132 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
6    3.248.138.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-138-237.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
3    18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
ps.eyeota.net
3    3.71.169.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
3    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
3    13.225.78.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-26.fra2.r.cloudfront.net
live.rezync.com
6    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
3    54.158.235.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-235-239.compute-1.amazonaws.com
bpi.rtactivate.com
6    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
3    184.30.24.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-201.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
6    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
3    2600:1f18:612b:4200:4bad:ae69:ceac:6044 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
3    3.127.6.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-6-114.eu-central-1.compute.amazonaws.com
aa.agkn.com
3    52.48.181.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-181-25.eu-west-1.compute.amazonaws.com
beacon.krxd.net
6    52.58.214.36 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-214-36.eu-central-1.compute.amazonaws.com
x.bidswitch.net
6    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
13    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
3    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    52.211.50.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-50-179.eu-west-1.compute.amazonaws.com
w.usabilla.com
1    162.247.241.14 (Lake Oswego, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    91.235.134.131 (United States)

ASN30286 (THM, US)
zrtzph91v7qgvkwalztt7lf52udeva56d2unnrdq6c54e3a4b5e30c03am1.e.aa.online-metrix.net
1    13.225.84.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-53.fra2.r.cloudfront.net
d6tizftlrpuof.cloudfront.net
Apex Domain
Subdomains		 Transfer
30 google.com
www.google.com — Cisco Umbrella Rank: 2
pay.google.com — Cisco Umbrella Rank: 2546
adservice.google.com — Cisco Umbrella Rank: 72
region1.analytics.google.com — Cisco Umbrella Rank: 6986
play.google.com — Cisco Umbrella Rank: 16
425 KB
19 online-metrix.net
h.online-metrix.net — Cisco Umbrella Rank: 3285
zrtzph91v7qgvkwalztt7lf52udeva56d2unnrdq6c54e3a4b5e30c03am1.e.aa.online-metrix.net
119 KB
16 unrefugees.org
click.e.unrefugees.org
give.unrefugees.org
lyibja.unrefugees.org
2 MB
15 rfihub.com
20669309p.rfihub.com
20826429p.rfihub.com
20826430p.rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 2751
p.rfihub.com — Cisco Umbrella Rank: 713
22 KB
14 gstatic.com
fonts.gstatic.com
www.gstatic.com
689 KB
13 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
ad.doubleclick.net — Cisco Umbrella Rank: 164
stats.g.doubleclick.net — Cisco Umbrella Rank: 81
4647326.fls.doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
5 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
63 KB
8 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2255
t.paypal.com — Cisco Umbrella Rank: 2947
106 KB
8 typekit.net
use.typekit.net — Cisco Umbrella Rank: 446
p.typekit.net — Cisco Umbrella Rank: 601
197 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 572
1 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
3 KB
6 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 592
3 KB
6 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 507
5 KB
6 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 335
209 B
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 206
5 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 218
6 KB
6 google.de
www.google.de — Cisco Umbrella Rank: 7952
864 B
4 trkn.us
trkn.us — Cisco Umbrella Rank: 1919
3 KB
4 ipredictive.com
js.ipredictive.com — Cisco Umbrella Rank: 35556
ad.ipredictive.com — Cisco Umbrella Rank: 5591
4 KB
3 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 924
1 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 549
1012 B
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 424
1 KB
3 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 961
547 B
3 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1251
573 B
3 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1760
325 B
3 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1832
2 KB
3 media.net
contextual.media.net — Cisco Umbrella Rank: 553
2 KB
3 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 770
99 B
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 949
1 KB
3 openx.net
us-u.openx.net — Cisco Umbrella Rank: 395
395 B
3 g1782759016.co
g1782759016.co — Cisco Umbrella Rank: 157565
513 B
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 373
12 KB
3 dafwidget.com
app.dafwidget.com — Cisco Umbrella Rank: 665927
13 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 915
pixel.quantserve.com — Cisco Umbrella Rank: 655
10 KB
2 kargo.com
storage.cloud.kargo.com — Cisco Umbrella Rank: 6115
crb.kargo.com — Cisco Umbrella Rank: 1613
kds-pixel.kargo.com Failed
3 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2142
33 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
203 B
2 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1199
925 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 400
745 B
2 tvsquared.com
collector-3219.tvsquared.com
9 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 449
7 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
170 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
182 KB
1 cloudfront.net
d6tizftlrpuof.cloudfront.net
2 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 213
621 B
1 usabilla.com
w.usabilla.com — Cisco Umbrella Rank: 3608
11 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 325
15 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 851
1 KB
1 turn.com
r.turn.com — Cisco Umbrella Rank: 3406
398 B
1 rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 4450
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
984 B
1 adxcel-ec2.com
data.adxcel-ec2.com — Cisco Umbrella Rank: 2915
131 B
1 mrtnsvr.com
event.mrtnsvr.com — Cisco Umbrella Rank: 50745
249 B
1 tp88trk.com
www.tp88trk.com — Cisco Umbrella Rank: 25030
18 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 171
2 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 894
13 KB
1 plyr.io
cdn.plyr.io — Cisco Umbrella Rank: 14413
32 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 687
30 KB
223 58
Domain Requested by
18 h.online-metrix.net give.unrefugees.org
h.online-metrix.net
14 give.unrefugees.org give.unrefugees.org
13 play.google.com www.gstatic.com
12 www.gstatic.com www.google.com
www.gstatic.com
pay.google.com
9 www.google.com 1 redirects give.unrefugees.org
www.gstatic.com
www.google.com
8 p.rfihub.com 6 redirects give.unrefugees.org
8 www.google-analytics.com www.googletagmanager.com
give.unrefugees.org
www.google-analytics.com
7 use.typekit.net give.unrefugees.org
use.typekit.net
6 sync-tm.everesttech.net 5 redirects give.unrefugees.org
6 x.bidswitch.net 3 redirects give.unrefugees.org
6 sync.search.spotxchange.com 3 redirects give.unrefugees.org
6 dsum-sec.casalemedia.com 3 redirects give.unrefugees.org
6 idsync.rlcdn.com give.unrefugees.org
6 dpm.demdex.net 3 redirects give.unrefugees.org
6 ib.adnxs.com 3 redirects give.unrefugees.org
6 www.google.de give.unrefugees.org
6 www.paypal.com give.unrefugees.org
www.paypal.com
www.paypalobjects.com
4 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
4 trkn.us 2 redirects give.unrefugees.org
4 pay.google.com give.unrefugees.org
pay.google.com
www.gstatic.com
3 tr.snapchat.com sc-static.net
give.unrefugees.org
3 beacon.krxd.net give.unrefugees.org
3 aa.agkn.com give.unrefugees.org
3 partners.tremorhub.com give.unrefugees.org
3 x.dlx.addthis.com give.unrefugees.org
3 bpi.rtactivate.com give.unrefugees.org
3 live.rezync.com 3 redirects
3 contextual.media.net give.unrefugees.org
3 e1.emxdgt.com give.unrefugees.org
3 ps.eyeota.net give.unrefugees.org
3 us-u.openx.net give.unrefugees.org
3 a.rfihub.com give.unrefugees.org
3 cm.g.doubleclick.net 3 redirects
3 ad.ipredictive.com give.unrefugees.org
js.ipredictive.com
3 g1782759016.co give.unrefugees.org
3 bat.bing.com www.googletagmanager.com
bat.bing.com
give.unrefugees.org
3 app.dafwidget.com give.unrefugees.org
app.dafwidget.com
2 20826429p.rfihub.com c1.rfihub.net
2 4647326.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 t.paypal.com give.unrefugees.org
2 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
2 www.facebook.com give.unrefugees.org
2 fonts.gstatic.com fonts.googleapis.com
www.google.com
2 sp.analytics.yahoo.com give.unrefugees.org
2 region1.analytics.google.com www.googletagmanager.com
2 pixel.tapad.com 1 redirects give.unrefugees.org
2 adservice.google.com give.unrefugees.org
4647326.fls.doubleclick.net
2 ad.doubleclick.net 2 redirects
2 collector-3219.tvsquared.com give.unrefugees.org
2 s.yimg.com give.unrefugees.org
s.yimg.com
2 connect.facebook.net give.unrefugees.org
connect.facebook.net
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
2 www.googletagmanager.com give.unrefugees.org
www.googletagmanager.com
1 d6tizftlrpuof.cloudfront.net give.unrefugees.org
1 zrtzph91v7qgvkwalztt7lf52udeva56d2unnrdq6c54e3a4b5e30c03am1.e.aa.online-metrix.net
1 bam.nr-data.net js-agent.newrelic.com
1 w.usabilla.com give.unrefugees.org
1 js-agent.newrelic.com give.unrefugees.org
1 pixel.quantserve.com give.unrefugees.org
1 crb.kargo.com storage.cloud.kargo.com
1 rules.quantcount.com secure.quantserve.com
1 20826430p.rfihub.com c1.rfihub.net
1 r.turn.com give.unrefugees.org
1 20669309p.rfihub.com 1 redirects
1 secure.quantserve.com give.unrefugees.org
1 storage.cloud.kargo.com www.googletagmanager.com
1 c1.rfihub.net give.unrefugees.org
1 lyibja.unrefugees.org connect.facebook.net
1 fonts.googleapis.com give.unrefugees.org
1 data.adxcel-ec2.com give.unrefugees.org
1 event.mrtnsvr.com 1 redirects
1 js.ipredictive.com www.googletagmanager.com
1 www.tp88trk.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 sc-static.net www.googletagmanager.com
1 p.typekit.net use.typekit.net
1 cdn.plyr.io give.unrefugees.org
1 code.jquery.com give.unrefugees.org
1 click.e.unrefugees.org 1 redirects
0 kds-pixel.kargo.com Failed storage.cloud.kargo.com
223 80

This site contains links to these domains. Also see Links.

Domain
dafwidget.com
www.unrefugees.org
Subject Issuer Validity Valid
unrefugees.org
Amazon		 2022-11-07 -
2023-12-06		 a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
h.online-metrix.net
Trustwave Organization Validation SHA256 CA, Level 1		 2021-12-28 -
2023-01-23		 a year crt.sh
app.dafwidget.com
Amazon		 2022-10-14 -
2023-11-12		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.plyr.io
GTS CA 1P5		 2022-10-31 -
2023-01-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-11-10 -
2023-11-10		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-01-27		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-22 -
2022-12-21		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-28 -
2023-01-18		 2 months crt.sh
*.tvsquared.com
Amazon		 2022-08-16 -
2023-09-13		 a year crt.sh
tp88trk.com
Starfield Secure Certificate Authority - G2		 2022-02-15 -
2023-02-15		 a year crt.sh
g1782759016.co
GTS CA 1D4		 2022-11-01 -
2023-01-30		 3 months crt.sh
*.ipredictive.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
adxcel-ec2.com
Amazon		 2022-10-18 -
2023-11-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-09 -
2023-02-01		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
lyibja.unrefugees.org
R3		 2022-11-20 -
2023-02-18		 3 months crt.sh
www.paypalobjects.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-13 -
2023-11-13		 a year crt.sh
*.rfihub.net
Amazon		 2022-11-29 -
2023-12-29		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
kargo.com
R3		 2022-12-12 -
2023-03-12		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-24 -
2023-05-24		 a year crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.dev.kargo.com
Amazon		 2022-03-01 -
2023-03-29		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2022-05-18 -
2023-06-19		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
rtactivate.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-20 -
2023-10-19		 a year crt.sh
*.snap.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-08-16		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
w.usabilla.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
*.e.aa.online-metrix.net
Trustwave Organization Validation SHA256 CA, Level 1		 2022-06-08 -
2023-07-10		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh

This page contains 19 frames:

Primary Page: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Frame ID: 1CBA2E6D4B4681FE8ED8EF23EE123072
Requests: 105 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 45749DE8AA02DCED785A16452DAC8BE9
Requests: 2 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgive.unrefugees.org&mid=
Frame ID: C02B7B96F22E4AB8A2263B8037232BA9
Requests: 16 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=normal&cb=x647lmzc6w63
Frame ID: 74DD65E80D8C6C4B26F916EAF214E50F
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B27F3E1E9B3B0E00CEB59D2D5192C1A4
Requests: 1 HTTP requests in this frame

Frame: https://ad.ipredictive.com/d/track/event?upid=101374&cache_buster=1670992457&url=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&val=undefined&tn=undefined&itms=undefined
Frame ID: A7E95136B71A2F0855AD33FBC669974A
Requests: 1 HTTP requests in this frame

Frame: https://4647326.fls.doubleclick.net/activityi;dc_pre=CLvkpf-j-PsCFalMHgId-pQF_g;src=4647326;type=unrefcms;cat=donfvis;ord=6433703586910;gtm=2wgbu0;auiddc=572612540.1670992458;u3=undefined;u2=undefined;~oref=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC
Frame ID: 24C4E31A387E113C0F4A6047DA41B7D7
Requests: 2 HTTP requests in this frame

Frame: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&pf=&ra=12575415298934223
Frame ID: 6759EA9E158CBAD01C170768E3FEC0A4
Requests: 19 HTTP requests in this frame

Frame: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&pf=&ra=5194068967119838
Frame ID: 144479CD4206BF872D55D88F7C284B52
Requests: 19 HTTP requests in this frame

Frame: https://20826430p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826430&_o=9587&_t=20826430&pe=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&pf=&ra=46359405778820495
Frame ID: 44F6C887DABA7FAB58D990F15CF7A381
Requests: 19 HTTP requests in this frame

Frame: https://crb.kargo.com/api/v1/initsync/725f91f1-4621-30be-4129-a21548d2e71e?partners=Tapad
Frame ID: F3AAE6FCEB5A3B22BD743A427742FCB8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm
Frame ID: 29A82788B064E07F20A97037C957605E
Requests: 3 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=cda0845c-e241-4b98-8d4b-abdc76d31d9d&u_scsid=55665071-1dbb-40ac-8dc3-63a7e36b0ba3&u_sclid=e1c74fc3-fe8d-4434-b063-b19a9aefb577
Frame ID: B6E08FD338D7E0525D6A4C88FE5FCFD7
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/check.js;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&jb=35392e24687b6f7d3d55696e666d7f73246a7b673d57696c6c677f73273a383332246873607d354b6a706f6d6d24687b6235436a726f6f672d3232313830
Frame ID: D3A4F43F509A8DCF8FFAD77A4477EED5
Requests: 12 HTTP requests in this frame

Frame: https://w.usabilla.com/fa5b33ed7c80.js?lv=1
Frame ID: 85991275F64D7BA25F6443000B195739
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03
Frame ID: A27C12D2B6F221CFBBA7BCF1AFD3B278
Requests: 3 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03
Frame ID: 04AA97E433C5B12DDD183856D4C008C6
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/top_fp.html;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03
Frame ID: 010D50A10A93984739158A74C2168275
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/unhcr-button-ca8fba580979f02c2694fa49ed8ef52a.png
Frame ID: A8B338410300CC3CDB0D05ADCA340606
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

2x MATCH: Help Refugees Survive Winter | USA for UNHCR

Page URL History Show full URLs

  1. https://click.e.unrefugees.org/?qs=39ea6f921bd5a896281633df565eccfcd62beb9901e573a2f1f931e1bf119cb737e558ec... HTTP 302
    https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_so... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • https://cdn\.plyr\.io/([0-9.]+)/.+\.js
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

223
Requests

84 %
HTTPS

36 %
IPv6

58
Domains

80
Subdomains

70
IPs

7
Countries

3797 kB
Transfer

8343 kB
Size

68
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.e.unrefugees.org/?qs=39ea6f921bd5a896281633df565eccfcd62beb9901e573a2f1f931e1bf119cb737e558ec0f910ffca4bcee462bf6cdbf85ff36c8ba95b42b HTTP 302
    https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://ad.doubleclick.net/ddm/activity/src=4269937;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=4269937;dc_pre=CK2d9_6j-PsCFaQC5godS-wGSA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=4269937;dc_pre=CK2d9_6j-PsCFaQC5godS-wGSA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
Request Chain 36
  • https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=612522681 HTTP 302
  • https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=612522681;ip=81.95.5.41;cuidchk=1
Request Chain 37
  • https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=2015766781 HTTP 302
  • https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=2015766781;ip=81.95.5.41;cuidchk=1
Request Chain 40
  • https://event.mrtnsvr.com/?adv=17114&cb=2009789168&ref=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&gtmcb=1925294637 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=8j46aZxtM HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3203&partner_device_id=8j46aZxtM
Request Chain 47
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10934040069/?random=918237720&cv=11&fst=1670992457641&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&tiba=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&value=0&auid=572612540.1670992458&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=SVKZY8eFKYja1gaZ0ovwCw&sscte=1&crd=&eitems=ChEIgOLgnAYQv8rZkOaz7YjmARIdAB0dZCFF2hf0aRJA12C14yYl9l3i1nyMouS_4Uo&pscrd=Ek5DaEVJZ09MZ25BWVEyTld5NzVHZHplSHVBUklsQUI4WkxPRGxtX1hNTG9PbkpUWEw4VmdZZ1B2dGxzTnVJempWTzNCZjM2OHU2ZUZaQ3caWENoRUlnT0xnbkFZUTR1M0pwSktzMUtiREFSSXRBTlNlUENkenFpcDU1SlhTOTl2R01FVWVBOW9LdUFhZ2N0VS1hM19ONk1aTGRYV2FzMTNoLVJFSm9hYWk HTTP 302
  • https://www.google.com/pagead/1p-conversion/10934040069/?random=918237720&cv=11&fst=1670992457641&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&tiba=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&value=0&auid=572612540.1670992458&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ09MZ25BWVEyTld5NzVHZHplSHVBUklsQUI4WkxPRGxtX1hNTG9PbkpUWEw4VmdZZ1B2dGxzTnVJempWTzNCZjM2OHU2ZUZaQ3caWENoRUlnT0xnbkFZUTR1M0pwSktzMUtiREFSSXRBTlNlUENkenFpcDU1SlhTOTl2R01FVWVBOW9LdUFhZ2N0VS1hM19ONk1aTGRYV2FzMTNoLVJFSm9hYWk&is_vtc=1&ocp_id=SVKZY8eFKYja1gaZ0ovwCw&cid=CAQSKQDq26N9cFCoH4jZFfsdtlgLvZTfZ9pUNukdhcQ250Hx4lfwIFnhEsxBIBM&eitems=ChEIgOLgnAYQv8rZkOaz7YjmARIdAB0dZCHuxW8UKnn7d7HmhxabK77pB_0yt77jIM8&random=4291241790 HTTP 302
  • https://www.google.de/pagead/1p-conversion/10934040069/?random=918237720&cv=11&fst=1670992457641&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&tiba=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&value=0&auid=572612540.1670992458&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ09MZ25BWVEyTld5NzVHZHplSHVBUklsQUI4WkxPRGxtX1hNTG9PbkpUWEw4VmdZZ1B2dGxzTnVJempWTzNCZjM2OHU2ZUZaQ3caWENoRUlnT0xnbkFZUTR1M0pwSktzMUtiREFSSXRBTlNlUENkenFpcDU1SlhTOTl2R01FVWVBOW9LdUFhZ2N0VS1hM19ONk1aTGRYV2FzMTNoLVJFSm9hYWk&is_vtc=1&ocp_id=SVKZY8eFKYja1gaZ0ovwCw&cid=CAQSKQDq26N9cFCoH4jZFfsdtlgLvZTfZ9pUNukdhcQ250Hx4lfwIFnhEsxBIBM&eitems=ChEIgOLgnAYQv8rZkOaz7YjmARIdAB0dZCHuxW8UKnn7d7HmhxabK77pB_0yt77jIM8&random=4291241790&ipr=y&prhg=0&ezwbk=AZuM4hDhVAYYisnReS5lQRek3h1Xv6LKbmAn82Ctu_-ad7TdNBwb5swxMmr3qAQ4iRq_UnY1XYAuTxnhIQbKilO78dAY
Request Chain 90
  • https://4647326.fls.doubleclick.net/activityi;src=4647326;type=unrefcms;cat=donfvis;ord=6433703586910;gtm=2wgbu0;auiddc=572612540.1670992458;u3=undefined;u2=undefined;~oref=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC HTTP 302
  • https://4647326.fls.doubleclick.net/activityi;dc_pre=CLvkpf-j-PsCFalMHgId-pQF_g;src=4647326;type=unrefcms;cat=donfvis;ord=6433703586910;gtm=2wgbu0;auiddc=572612540.1670992458;u3=undefined;u2=undefined;~oref=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC
Request Chain 94
  • https://20669309p.rfihub.com/ca.gif?rb=9587&ca=20669309&ra=39609096 HTTP 302
  • https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=
Request Chain 110
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMjkxMTg2MDE0Mg==&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJJy8cgsZiPdUrnK_KI6Xzw&google_cver=1
Request Chain 111
  • https://ib.adnxs.com/setuid?entity=18&code=5140084922911860142 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084922911860142
Request Chain 112
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084922911860142&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084922911860142&redir=
Request Chain 114
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=5142336720936411528&bid=omt9pi0
Request Chain 117
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084922911860142&referrer=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=e4ebe476-890b-4032-a486-6613c2aae286%3A1670992458.720107&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3De4ebe476-890b-4032-a486-6613c2aae286%253A1670992458.720107 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=e4ebe476-890b-4032-a486-6613c2aae286%3A1670992458.720107
Request Chain 119
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084922911860142&forward= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084922911860142&forward=&C=1
Request Chain 122
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084922911860142&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084922911860142&img=1&__user_check__=1&sync_id=92c55ead-7b68-11ed-8ef3-1a3cf9d10206
Request Chain 126
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084922911860142&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084922911860142&expires=30
Request Chain 127
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y5lSSgAAANMPaAAp HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=Y5lSSgAAANMPaAAp&_test=Y5lSSgAAANMPaAAp
Request Chain 130
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=5142336720936411528&bid=omt9pi0
Request Chain 131
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y5lSSgADSc8J5wAe HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=Y5lSSgADSc8J5wAe&_test=Y5lSSgADSc8J5wAe
Request Chain 132
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMjkxMTg2MDE0MQ==&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJJy8cgsZiPdUrnK_KI6Xzw&google_cver=1
Request Chain 133
  • https://ib.adnxs.com/setuid?entity=18&code=5140084922911860141 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084922911860141
Request Chain 134
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084922911860141&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084922911860141&redir=
Request Chain 138
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084922911860141&referrer=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=80fa1334-ec99-48c1-9852-3f1549bddc07%3A1670992458.7436693&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D80fa1334-ec99-48c1-9852-3f1549bddc07%253A1670992458.7436693 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=80fa1334-ec99-48c1-9852-3f1549bddc07%3A1670992458.7436693
Request Chain 140
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084922911860141&forward= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084922911860141&forward=&C=1
Request Chain 143
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084922911860141&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084922911860141&img=1&__user_check__=1&sync_id=92c0dc84-7b68-11ed-89c9-1ce730eb0106
Request Chain 147
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084922911860141&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084922911860141&expires=30
Request Chain 148
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=5142336720936411528&bid=omt9pi0
Request Chain 149
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y5lSSgAADu4J5gAe
Request Chain 150
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MjMzNjcyMDkzNjQxMTUyOA==&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJJy8cgsZiPdUrnK_KI6Xzw&google_cver=1
Request Chain 151
  • https://ib.adnxs.com/setuid?entity=18&code=5142336720936411528 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5142336720936411528
Request Chain 152
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5142336720936411528&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5142336720936411528&redir=
Request Chain 156
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336720936411528&referrer=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=9dff58c0-f682-414f-b49e-c6526f67e4c2%3A1670992458.742813&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D9dff58c0-f682-414f-b49e-c6526f67e4c2%253A1670992458.742813 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=9dff58c0-f682-414f-b49e-c6526f67e4c2%3A1670992458.742813
Request Chain 158
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5142336720936411528&forward= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5142336720936411528&forward=&C=1
Request Chain 161
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5142336720936411528&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5142336720936411528&img=1&__user_check__=1&sync_id=92c114b6-7b68-11ed-b883-1e87ce780106
Request Chain 165
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336720936411528&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5142336720936411528&expires=30

223 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 220922wint_eoywint_d_3000
give.unrefugees.org/
Redirect Chain
  • https://click.e.unrefugees.org/?qs=39ea6f921bd5a896281633df565eccfcd62beb9901e573a2f1f931e1bf119cb737e558ec0f910ffca4bcee462bf6cdbf85ff36c8ba95b42b
  • https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_o...
38 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.68.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-68-103.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d2af6fccc7e434a8c0019c621de121e9ea0c9fc5da04b7755b7e7e2ca4c38c28

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
15132
content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 04:34:17 GMT
vary
Accept-Encoding

Redirect headers

Cache-Control
private
Connection
close
Content-Length
393
Content-Type
text/html; charset=utf-8
Date
Wed, 14 Dec 2022 04:34:16 GMT
Location
https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
index.css
give.unrefugees.org/css/ 		127 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://give.unrefugees.org/css/index.css?v=8
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.68.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-68-103.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
acb1891dbdbd5ba9c8cd826c361df68cf004fb702eed1b7bb2ce102b50a34be5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 19:08:13 GMT
etag
"804c694d1ddbd71:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
20298
plyr.css
give.unrefugees.org/css/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://give.unrefugees.org/css/plyr.css
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.68.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-68-103.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
465ecd3c27cf42a3309af6bda6e2b8c4b9cb7a78788908904e0d6761a2c3102a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
content-encoding
gzip
last-modified
Sat, 23 Feb 2019 20:10:20 GMT
etag
"09e7cdb3cbd41:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
4215
hrp3szy.css
use.typekit.net/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/hrp3szy.css
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7cb56da908e94235a698c35dac8162e57993bfceefba669afddc29bd866b97f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 14 Dec 2022 04:34:17 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1032
tags.js
h.online-metrix.net/fp/ 		93 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/tags.js?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&pageid=1
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
3988981a4004cd6520bda6c6216c90776071b61f1a98b4c97c43d0be94036155
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:17 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
P3P
CP=IVAa PSAa
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=100
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
nudge_arrow.png
give.unrefugees.org/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.unrefugees.org/img/nudge_arrow.png
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.68.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-68-103.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
394e68bb96ac874b1a9f9b39286a16349ab781c8513ce632ce5c7ba8bb2ba0ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
last-modified
Thu, 08 Sep 2022 15:48:50 GMT
accept-ranges
bytes
etag
"05d2e7d9ac3d81:0"
content-length
1102
content-type
image/png
lock-secure-donation.png
give.unrefugees.org/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.unrefugees.org/img/lock-secure-donation.png
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.68.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-68-103.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
9b9c0898e129c8c18b79f176435c368cecfe30a903797c9feba7a82ee19902bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
last-modified
Thu, 08 Sep 2022 15:48:50 GMT
accept-ranges
bytes
etag
"05d2e7d9ac3d81:0"
content-length
8196
content-type
image/png
rf1200940_8g5a8157_1200x800_copyright.png
give.unrefugees.org/media/gd3m5eer/ 		956 KB
958 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.unrefugees.org/media/gd3m5eer/rf1200940_8g5a8157_1200x800_copyright.png
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.68.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-68-103.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
4ba7d1cf5684c00a4183aab29cb49e2ca081a7896b53398fe58e3912117ab324

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
last-modified
Thu, 22 Sep 2022 20:11:50 GMT
accept-ranges
bytes
etag
"9068dd8cbfced81:0"
content-length
979398
content-type
image/png
source.js
app.dafwidget.com/api/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dafwidget.com/api/js/source.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.86.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-86-20.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
1ad2c17d074acf6294285ccca5e31aa0ba3c00e08be8b28226b5620609fbe9fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
last-modified
Fri, 13 Aug 2021 16:43:24 GMT
server
nginx
x-powered-by
Express
etag
W/"1810-17b40659739"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
6160
bbb-logo-173x87.png
give.unrefugees.org/media/1017/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.unrefugees.org/media/1017/bbb-logo-173x87.png
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.68.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-68-103.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
97880bcd7fcc199a008ea736ab008f7f92e9cf6c0addc2afb6c92b3e70d9c9a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
last-modified
Wed, 28 Mar 2018 18:24:27 GMT
accept-ranges
bytes
etag
"a937c21c2c6d31:0"
content-length
33886
content-type
image/png
guide-star-platinum.png
give.unrefugees.org/media/1005/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.unrefugees.org/media/1005/guide-star-platinum.png
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.68.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-68-103.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
53b492f729960ead9c5779dc772534e0f00e2dcdbd1687a0d236af95417549b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
last-modified
Tue, 05 Dec 2017 18:17:59 GMT
accept-ranges
bytes
etag
"af9bd561f56dd31:0"
content-length
16468
content-type
image/png
unhcr-visibility-horizontal-white-cmyk-v2016.svg
give.unrefugees.org/img/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.unrefugees.org/img/unhcr-visibility-horizontal-white-cmyk-v2016.svg
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.68.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-68-103.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6bfbae61daf6218548d35bd824d5299e6f0517f156050c302ddd83fa0e8abdc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
content-encoding
gzip
last-modified
Thu, 08 Sep 2022 15:48:50 GMT
etag
"05d2e7d9ac3d81:0"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
4074
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://give.unrefugees.org/
Origin
https://give.unrefugees.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-15851"
vary
Accept-Encoding
x-hw
1670992457.dop150.fr8.t,1670992457.cds108.fr8.hn,1670992457.cds236.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
plyr.js
cdn.plyr.io/3.5.2/ 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.plyr.io/3.5.2/plyr.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8608c7129a24079dd332403d0aef583dcefdf0bfc02914d626a6559a3ac049ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
N64Z2XPHMDZ01RFQ
age
3576962
cf-polished
origSize=113855
x-cache
MISS, MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
c0aZHS2UyjPL57jCKvUFNtgtBUC5+Lhoyf8GCbf4Z7+yCmxy3GzgEqMENtUyOzOu4/tbdlANdeg=
x-served-by
cache-iad-kjyo7100169-IAD, cache-jnb7023-JNB
cf-bgj
minify
last-modified
Sun, 24 Feb 2019 01:08:29 GMT
server
cloudflare
x-timer
S1666987152.925848,VS0,VE318
etag
W/"26d009457000af80d7306229fc132b15"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vg2hT3ut1z%2FljUoU0565r6ORkMAhv2zRlTz0pd9J3eMbLJD69K2csyYe3j%2BbOfvZz%2FUtKxnPgt92%2FMV%2Bbaqe%2FziMNn6BZ6DH%2FkD0TUJ68w%2FSdN98wXWMq7x%2BSPWnLG9l82DAAY5g38If"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control
max-age=31536000
cf-ray
779439ebc986dccf-LHR
x-cache-hits
0, 0
api.js
www.google.com/recaptcha/ 		850 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
60ad39fa43fe443478bd89b66fcd41687f29c18a801647de044b03abf76bd458
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
553
x-xss-protection
1; mode=block
expires
Wed, 14 Dec 2022 04:34:17 GMT
js
www.paypal.com/sdk/ 		321 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0dcc598e494e594317b1a5677b22fac5f762af917bc1b0f0bcef596df34cd3b4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-SqTIHh4XfTCVznKHjMrw6rBNSbvXb3QB+8BH1QKAsxp3iMRs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-SqTIHh4XfTCVznKHjMrw6rBNSbvXb3QB+8BH1QKAsxp3iMRs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-SqTIHh4XfTCVznKHjMrw6rBNSbvXb3QB+8BH1QKAsxp3iMRs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-SqTIHh4XfTCVznKHjMrw6rBNSbvXb3QB+8BH1QKAsxp3iMRs' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 04:34:17 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
198
x-cache
HIT
p3p
true
paypal-debug-id
f386940efb90b
server-timing
"traceparent;desc="00-0000000000000000000f386940efb90b-065e19662d0569f6-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
96723
x-xss-protection
1; mode=block
x-served-by
cache-hhn-etou8220033-HHN
traceparent
00-0000000000000000000f386940efb90b-12b2d61d3f837305-01
x-timer
S1670992458.545124,VS0,VE2
etag
W/"179d3-SUAQUTUrosUTcfs6s7WDorC7Ts0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
accept-ranges
bytes
x-cache-hits
1
index.min.js
give.unrefugees.org/scripts/lib/ 		756 KB
485 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://give.unrefugees.org/scripts/lib/index.min.js?v=8
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.68.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-68-103.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
672edf933c822bde52c94c5e5e724156bd9eb8160e7e879e129df41c8edae82c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 20:23:56 GMT
etag
"096172ee7fdd81:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
495182
commerce.min.js
give.unrefugees.org/scripts/lib/ 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://give.unrefugees.org/scripts/lib/commerce.min.js?v=8
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.68.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-68-103.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7ecd5fa9a2d1ac1ef56e0ddef1561a59455e159f3896342ba8a329025ce0f29c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
content-encoding
gzip
last-modified
Wed, 23 Nov 2022 16:20:23 GMT
etag
"803de47c57ffd81:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
12490
pay.js
pay.google.com/gp/p/js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
15d15926ef725375b609cf24a0e9f0bf581b5651c18cc9cac99f3d78f305e193
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-wqztU0bH1m0dLGetXOEd7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-wqztU0bH1m0dLGetXOEd7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="InstantbuyFrontendHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 14 Dec 2022 04:34:17 GMT
gtm.js
www.googletagmanager.com/ 		396 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c0708756161be1206ff405c1c8459f99162bc457db33f650de48e29b5210ba6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106092
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Dec 2022 04:34:17 GMT
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=hrp3szy&ht=tk&f=139.140.171.173.174.175.176.15701.15703.15705.15708&a=1630018&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3681 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 03:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4180
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 14 Dec 2022 05:24:37 GMT
optimize.js
www.google-analytics.com/gtm/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-M6SN8J6
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0604018ee997fa5e445c755ae0e4cec0de16d595834359aef25eaa8ca6ed57f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43946
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Dec 2022 04:34:17 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/957115417/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957115417/?random=1670992457634&cv=11&fst=1670992457634&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&tiba=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&auid=572612540.1670992458&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e910ecdd9f3918165d27ba39052021a9f99dbd9e662c48e140c540e445e25dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1067
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 14 Dec 2022 04:34:17 GMT
last-modified
Mon, 05 Dec 2022 17:15:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6C9981FAC2074618806D51D4786312BF Ref B: FRA31EDGE0121 Ref C: 2022-12-14T04:34:17Z
etag
"027e538cd8d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11460
scevent.min.js
sc-static.net/ 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-245.fra2.r.cloudfront.net
Software
CloudFront /
Resource Hash
127ed38a4225bf1e539654ce93433380bfe10c5796588d6309ecec6afe02a3c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
content-encoding
gzip
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C2
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
13267
x-amz-cf-id
mGoRTp5bO89wr0KmWPwzg5orPjF-TJ65EYpnrj5wS9xNCCQ3G5IUGg==
/
www.googleadservices.com/pagead/conversion/10934040069/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/10934040069/?random=1670992457641&cv=11&fst=1670992457641&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&tiba=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&value=0&bttype=purchase&auid=572612540.1670992458&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
cd8a72b3334639b2b7f2b0d2ee00c00ca0786ce1ba0435487c7980f331a22427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1437
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d9d7e78e22202af03b2d09ad31952e031e3423006cba4a29fd506c5664c7761
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 14 Dec 2022 04:34:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27320
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
4MXSKu8kKSnxco0NL9PDCe8oj4XNyQiRw6GPS2OUrIrxgj0Y2bYSjScnXhbXTWMZFrxiaW18maDwg2oHbfV5OA==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
ytc.js
s.yimg.com/wi/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:05 GMT
x-amz-version-id
.QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding
gzip
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-amz-request-id
1J88Z10TEQZNGC3N
age
13
x-amz-server-side-encryption
AES256
x-amz-id-2
NrPVvurakid9PDQnu5Oey/D1D/HkznSxmZqVdtbWx9hdQz68jV+aD3Z/cMTnRgQxdV+AcGrxL3k=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 14 Jun 2022 12:21:31 GMT
server
ATS
etag
"6a624022b5d271dcefb070b0b6670abc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
tv2track.js
collector-3219.tvsquared.com/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collector-3219.tvsquared.com/tv2track.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.227.154 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-227-154.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 04:34:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 10:12:59 GMT
Server
nginx
ETag
"6305f9ab-2133"
Content-Type
application/javascript
Cache-Control
max-age=600
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
8499
Expires
Wed, 14 Dec 2022 04:44:18 GMT
everflow.js
www.tp88trk.com/scripts/sdk/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tp88trk.com/scripts/sdk/everflow.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.228 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
228.72.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a72806e7ecf829960274016cfa7c3b84dd3f89fbba960f8e0e2b2fddfa743df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
content-encoding
gzip
via
1.1 google
server
nginx
vary
Origin
content-type
text/javascript
cache-control
max-age=14400
x-eflow-request-id
2645852a-6e17-4232-942e-4f8553e5bbcb
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gp
g1782759016.co/ 		26 B
113 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g1782759016.co/gp?id=-L_Ny2xXp1FWryzFl6qy&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&cw=1600&ch=1200
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7d2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
eb7e68073ee5ed998d26671859e008697e757f3276759a8ec173e5a62d34a404

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
via
1.1 google
server
Google Frontend
x-powered-by
Express
etag
W/"1a-7KeVhWk+843gX+8y2fD4wjI8a34"
content-type
application/javascript; charset=utf-8
x-cloud-trace-context
2e0192ad9eb78b2def9a71ab4f5710e9
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
gp
g1782759016.co/ 		26 B
173 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g1782759016.co/gp?id=-LXPWq_CG-cVgJYLdmun&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&cw=1600&ch=1200
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7d2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
eb7e68073ee5ed998d26671859e008697e757f3276759a8ec173e5a62d34a404

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
via
1.1 google
server
Google Frontend
x-powered-by
Express
etag
W/"1a-7KeVhWk+843gX+8y2fD4wjI8a34"
content-type
application/javascript; charset=utf-8
x-cloud-trace-context
bd6b72e23e1093ea7b0bc219cfcb8844
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
gp
g1782759016.co/ 		0
227 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g1782759016.co/gp?id=-LFI9dAMttdUZNQm4p8O&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&cw=1600&ch=1200
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7d2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
via
1.1 google
server
Google Frontend
x-powered-by
Express
content-type
application/javascript
x-cloud-trace-context
6c48656a7ef3be20910bb71a2a791cfb
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
adelphic_universal_pixel.js
js.ipredictive.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ipredictive.com/adelphic_universal_pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 03:41:02 GMT
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
last-modified
Fri, 30 Sep 2022 15:42:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
3215
etag
"83b469155694c51d4c5581028a6788bc"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2108
x-amz-cf-id
iJ1ZkYH06mTgBlHufO61GZlSE0E52u-E81q_si5iSj_S4gF-56lNdg==
js
www.googletagmanager.com/gtag/ 		229 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P9YZZV758Y&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3bfd5b69c294a60a04f91e37a61bcb61222803505d83372bcaf0614946ec7703
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79939
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 04:34:17 GMT
src=4269937;dc_pre=CK2d9_6j-PsCFaQC5godS-wGSA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=4269937;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
  • https://ad.doubleclick.net/ddm/activity/src=4269937;dc_pre=CK2d9_6j-PsCFaQC5godS-wGSA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
  • https://adservice.google.com/ddm/fls/z/src=4269937;dc_pre=CK2d9_6j-PsCFaQC5godS-wGSA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=4269937;dc_pre=CK2d9_6j-PsCFaQC5godS-wGSA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:17 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adservice.google.com/ddm/fls/z/src=4269937;dc_pre=CK2d9_6j-PsCFaQC5godS-wGSA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]
trkn.us/pixel/conv/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=612522681
  • https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=612522681;ip=81.95.5.41;cuidchk=1
42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=612522681;ip=81.95.5.41;cuidchk=1
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
34.204.208.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-208-160.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
Content-Type
image/gif
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Wed, 14 Dec 2022 04:34:18 GMT
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/html; charset=UTF-8
Location
/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=612522681;ip=81.95.5.41;cuidchk=1
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Content-Length
0
ppt=18676;g=sitewide;gid=43404;ord=undefined
trkn.us/pixel/conv/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=2015766781
  • https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=2015766781;ip=81.95.5.41;cuidchk=1
42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=2015766781;ip=81.95.5.41;cuidchk=1
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
34.204.208.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-208-160.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
Content-Type
image/gif
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Wed, 14 Dec 2022 04:34:18 GMT
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/html; charset=UTF-8
Location
/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=2015766781;ip=81.95.5.41;cuidchk=1
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Content-Length
0
pixel
ad.ipredictive.com/d/rt/ 		631 B
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=60700&uuid=d5534c09-ec00-4f6f-9451-54fa79df98bb&rr=CACHE_BUSTER&gtmcb=469921665
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.95.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-95-207.compute-1.amazonaws.com
Software
/
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 04:34:18 GMT
Content-Encoding
gzip
Connection
keep-alive
X-CI-RTID
ba906f71-9a8b-4dec-a297-a30e3d2ec0ad
Content-Length
479
Content-Type
image/jpeg
pixel
ad.ipredictive.com/d/track/cvt/ 		631 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.ipredictive.com/d/track/cvt/pixel?acct_id=58684&cache_buster=[timestamp]&gtmcb=334159855
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.95.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-95-207.compute-1.amazonaws.com
Software
/
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 04:34:18 GMT
Content-Encoding
gzip
Connection
keep-alive
X-CI-RTID
8ba99f57-e25a-4c68-85bf-97941f42cd83
Content-Length
479
Content-Type
image/jpeg
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://event.mrtnsvr.com/?adv=17114&cb=2009789168&ref=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=8j46aZxtM
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3203&partner_device_id=8j46aZxtM
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3203&partner_device_id=8j46aZxtM
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Wed, 14 Dec 2022 04:34:17 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3203&partner_device_id=8j46aZxtM
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
data.adxcel-ec2.com/pixel/ 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=content&pixid=f2fb3240-c0e1-432f-91c7-686941e6de69
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.227.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-227-63.compute-1.amazonaws.com
Software
/
Resource Hash
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
43
Content-Type
image/gif
css
fonts.googleapis.com/ 		2 KB
984 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Kalam|Lato&display=swap
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d08c52cc003c28f266bcdf1924c340b183c1f32fb96da57550f6973f5fbe50a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Dec 2022 04:34:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 04:34:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Dec 2022 04:34:17 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-3754388-9&cid=1115816511.1670992458&jid=1983336686&gjid=163973654&_gid=2077781041.1670992458&_u=YGBAiAABRAAAAE~&z=2005973520
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.unrefugees.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 14 Dec 2022 04:34:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.unrefugees.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1959273370&t=pageview&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&ul=en-us&de=UTF-8&dt=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiAABR~&jid=1983336686&gjid=163973654&cid=1115816511.1670992458&tid=UA-3754388-9&_gid=2077781041.1670992458&gtm=2wgbu0N9KWLLF&cd1=7011K000002NriwQAC&cd2=7011K000002Nrj1QAC&z=51650926
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6706
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/957115417/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/957115417/?random=1670992457634&cv=11&fst=1670990400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&tiba=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&fmt=3&is_vtc=1&random=1144387688&rmt_tld=0&ipr=y
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/957115417/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/957115417/?random=1670992457634&cv=11&fst=1670990400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&tiba=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&fmt=3&is_vtc=1&random=1144387688&rmt_tld=1&ipr=y
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/10934040069/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10934040069/?random=918237720&cv=11&fst=1670992457641&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=H-81CJ38i88DEIXs4...
  • https://www.google.com/pagead/1p-conversion/10934040069/?random=918237720&cv=11&fst=1670992457641&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadse...
  • https://www.google.de/pagead/1p-conversion/10934040069/?random=918237720&cv=11&fst=1670992457641&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadser...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/10934040069/?random=918237720&cv=11&fst=1670992457641&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&tiba=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&value=0&auid=572612540.1670992458&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ09MZ25BWVEyTld5NzVHZHplSHVBUklsQUI4WkxPRGxtX1hNTG9PbkpUWEw4VmdZZ1B2dGxzTnVJempWTzNCZjM2OHU2ZUZaQ3caWENoRUlnT0xnbkFZUTR1M0pwSktzMUtiREFSSXRBTlNlUENkenFpcDU1SlhTOTl2R01FVWVBOW9LdUFhZ2N0VS1hM19ONk1aTGRYV2FzMTNoLVJFSm9hYWk&is_vtc=1&ocp_id=SVKZY8eFKYja1gaZ0ovwCw&cid=CAQSKQDq26N9cFCoH4jZFfsdtlgLvZTfZ9pUNukdhcQ250Hx4lfwIFnhEsxBIBM&eitems=ChEIgOLgnAYQv8rZkOaz7YjmARIdAB0dZCHuxW8UKnn7d7HmhxabK77pB_0yt77jIM8&random=4291241790&ipr=y&prhg=0&ezwbk=AZuM4hDhVAYYisnReS5lQRek3h1Xv6LKbmAn82Ctu_-ad7TdNBwb5swxMmr3qAQ4iRq_UnY1XYAuTxnhIQbKilO78dAY
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H3
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/10934040069/?random=918237720&cv=11&fst=1670992457641&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=H-81CJ38i88DEIXs4N0o&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&tiba=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&value=0&auid=572612540.1670992458&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ09MZ25BWVEyTld5NzVHZHplSHVBUklsQUI4WkxPRGxtX1hNTG9PbkpUWEw4VmdZZ1B2dGxzTnVJempWTzNCZjM2OHU2ZUZaQ3caWENoRUlnT0xnbkFZUTR1M0pwSktzMUtiREFSSXRBTlNlUENkenFpcDU1SlhTOTl2R01FVWVBOW9LdUFhZ2N0VS1hM19ONk1aTGRYV2FzMTNoLVJFSm9hYWk&is_vtc=1&ocp_id=SVKZY8eFKYja1gaZ0ovwCw&cid=CAQSKQDq26N9cFCoH4jZFfsdtlgLvZTfZ9pUNukdhcQ250Hx4lfwIFnhEsxBIBM&eitems=ChEIgOLgnAYQv8rZkOaz7YjmARIdAB0dZCHuxW8UKnn7d7HmhxabK77pB_0yt77jIM8&random=4291241790&ipr=y&prhg=0&ezwbk=AZuM4hDhVAYYisnReS5lQRek3h1Xv6LKbmAn82Ctu_-ad7TdNBwb5swxMmr3qAQ4iRq_UnY1XYAuTxnhIQbKilO78dAY
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
10095779.json
s.yimg.com/wi/config/ 		46 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10095779.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
81f701abbdb3dcd7318338357add41af96a3b776549dc928c4703cf1cf9f2ffe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:46:38 GMT
x-amz-version-id
AO6OvHycU6oPxWJjvTRCjyjUvfXH8wEk
x-content-type-options
nosniff
strict-transport-security
max-age=15552000
x-amz-request-id
18281Q5730RRQYD6
age
42460
x-amz-server-side-encryption
AES256
content-length
46
x-amz-id-2
m8sQ9fFrAVnhBN856fMHPDFjau2jCypqwT3TRG/zp0xFDED2z1XvaIyD47aw1pL63qTV2RCMrag=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Fri, 20 Oct 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Wed, 14 Sep 2022 20:58:25 GMT
server
ATS
etag
"ca96ec3516187adbafe0fb0d4f2e4932"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
363860773806760
connect.facebook.net/signals/config/ 		482 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/363860773806760?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bcc519f8b0da8c7c7d4f0d00a4fafe16b16a125c8028b16a801a407b1e8572a2
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 14 Dec 2022 04:34:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
145501
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
OaMR4Ggs5hnDqZuQSqTDSlLZrSgIFgYphBgKvt4XudcBloZllDeeghkJX8HgrgDakXzFrtqVVxoxdWvR1XCFsA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
5612726.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5612726.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Wed, 14 Dec 2022 04:34:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8D1AF248C79A44C480B9BFC7E61C924E Ref B: FRA31EDGE0121 Ref C: 2022-12-14T04:34:17Z
x-cache
CONFIG_NOCACHE
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1473340-18&cid=1115816511.1670992458&jid=1855823148&gjid=1966212013&_gid=2077781041.1670992458&_u=aGDAiAABRAAAAE~&z=1115762098
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.unrefugees.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 14 Dec 2022 04:34:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.unrefugees.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1959273370&t=pageview&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&ul=en-us&de=UTF-8&dt=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiAABRAAAAE~&jid=1855823148&gjid=1966212013&cid=1115816511.1670992458&tid=UA-1473340-18&_gid=2077781041.1670992458&gtm=2wgbu0N9KWLLF&cd3=USA&z=2125696889
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6706
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P9YZZV758Y&gtm=2oebu0&_p=1959273370&_gaz=1&cid=1115816511.1670992458&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670992457&sct=1&seg=0&dl=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&dt=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P9YZZV758Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.unrefugees.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P9YZZV758Y&cid=1115816511.1670992458&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P9YZZV758Y&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.unrefugees.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P9YZZV758Y&cid=1115816511.1670992458&gtm=2oebu0&aip=1&z=388734600
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2014%20Dec%202022%2004%3A34%3A17%20GMT&n=0&b=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&.yp=10095779&f=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&enc=UTF-8&yv=1.13.0&tagmgr=gtm
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Wed, 14 Dec 2022 04:34:17 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3754388-9&cid=1115816511.1670992458&jid=1983336686&_u=YGBAiAABRAAAAE~&z=1283765093
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3754388-9&cid=1115816511.1670992458&jid=1983336686&_u=YGBAiAABRAAAAE~&z=1283765093
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1473340-18&cid=1115816511.1670992458&jid=1855823148&_u=aGDAiAABRAAAAE~&z=2011097472
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1473340-18&cid=1115816511.1670992458&jid=1855823148&_u=aGDAiAABRAAAAE~&z=2011097472
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
use.typekit.net/af/180254/00000000000000000001522c/27/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/180254/00000000000000000001522c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
38c9c1413e17c7a5ee87095bdb4cad0da069451ee937cb801c8f37f2c734644f

Request headers

Referer
https://use.typekit.net/hrp3szy.css
Origin
https://give.unrefugees.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
server
nginx
etag
"d8f0e75543cc417069e2148d573e1b3687264d73"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
46404
l
use.typekit.net/af/925423/00000000000000003b9b038f/27/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/925423/00000000000000003b9b038f/27/l?subset_id=2&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7c707b4d486575fcdf35497e30073fd70f0a9ea072e4ca1ca724da7fbab22a9b

Request headers

Referer
https://use.typekit.net/hrp3szy.css
Origin
https://give.unrefugees.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
server
nginx
etag
"af967ea1356382090341795946181a15b4b5bcf0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19900
l
use.typekit.net/af/220823/000000000000000000015231/27/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/220823/000000000000000000015231/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
73ef385046533349dbdb6264bfdb814819b44a3a7ddeedf7611db7d55f567c7c

Request headers

Referer
https://use.typekit.net/hrp3szy.css
Origin
https://give.unrefugees.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
server
nginx
etag
"25d9000ed11ad93413dd9fab416a1870c8ae46cd"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
46076
YA9dr0Wd4kDdMthROCc.woff2
fonts.gstatic.com/s/kalam/v16/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kalam/v16/YA9dr0Wd4kDdMthROCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kalam|Lato&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
954410601a823f37e219f7930b7446f86afa15621326a7078d56fb9c910135cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.unrefugees.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 21:50:03 GMT
x-content-type-options
nosniff
age
456254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22336
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:47:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 21:50:03 GMT
events
lyibja.unrefugees.org/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lyibja.unrefugees.org/events
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/363860773806760?v=2.9.89&r=stable
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.25.243.35 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-243-35.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://give.unrefugees.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://give.unrefugees.org
date
Wed, 14 Dec 2022 04:34:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
0
vary
origin
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=363860773806760&ev=PageView&dl=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D_removed_%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522utm_cid%2522%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1670992457872&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670992457867.1035493495&eid=ob3_plugin-set_330595230a635fffdbc925f66084494106fbc074c8d025a6f5d0dbfaa158464d&it=1670992457716&coo=false&exp=a1&rqm=GET
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 14 Dec 2022 04:34:17 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
checkmark-icon.svg
give.unrefugees.org/img/ 		899 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.unrefugees.org/img/checkmark-icon.svg
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.68.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-68-103.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2f61f967f0f19fe63c743f330f862db14d88fcc7e09eae7d22998e87a4e97749

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/css/index.css?v=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
last-modified
Thu, 08 Sep 2022 15:48:50 GMT
accept-ranges
bytes
etag
"05d2e7d9ac3d81:0"
content-length
899
content-type
image/svg+xml
l
use.typekit.net/af/bdde80/00000000000000000001522d/27/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/bdde80/00000000000000000001522d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b00ea6dbf24a120110b2c029c3113cf214fe6a5ea3b6dc0c89f021c81bbb6a68

Request headers

Referer
https://use.typekit.net/hrp3szy.css
Origin
https://give.unrefugees.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
server
nginx
etag
"58e390be81d6dc97507673691b0fec8d83b8db8f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
47672
fontello.woff2
give.unrefugees.org/font/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://give.unrefugees.org/font/fontello.woff2?47325548
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.68.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-68-103.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
fd8c794bb43e5220596bc1c5d50f865268cd2655c86f0d3175875d7e1c3afcc6

Request headers

Referer
https://give.unrefugees.org/css/index.css?v=8
Origin
https://give.unrefugees.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
last-modified
Wed, 17 May 2017 10:53:35 GMT
accept-ranges
bytes
etag
"bc6dfed4fbced21:0"
content-length
4328
content-type
application/x-font-woff2
l
use.typekit.net/af/8e11d4/00000000000000003b9b038c/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/8e11d4/00000000000000003b9b038c/27/l?subset_id=2&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
62c0466b6e78094d8bb9b9fb50f13f3eb39e3be88dce7663ecfbcabde18b64bc

Request headers

Referer
https://use.typekit.net/hrp3szy.css
Origin
https://give.unrefugees.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
server
nginx
etag
"50fb462bb968fa8996b7f205254cfa92e534ea41"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19600
css.escape.js
app.dafwidget.com/api/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dafwidget.com/api/js/css.escape.js
Requested by
Host: app.dafwidget.com
URL: https://app.dafwidget.com/api/js/source.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.86.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-86-20.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
1c1a744432792356c2e9d9abdaa97182f3757a89b4cb5be5a3aa13c20cdd802b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
last-modified
Fri, 16 Jul 2021 11:59:36 GMT
server
nginx
x-powered-by
Express
etag
W/"c51-17aaf2fb1dd"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
3153
source.css
app.dafwidget.com/api/js/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.dafwidget.com/api/js/source.css
Requested by
Host: app.dafwidget.com
URL: https://app.dafwidget.com/api/js/source.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.86.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-86-20.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
eaf0ec8226518eb627f5fade801052a1ea281c506ebce8ce8ae99a27138ba2e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:17 GMT
last-modified
Fri, 16 Jul 2021 11:59:36 GMT
server
nginx
x-powered-by
Express
etag
W/"e14-17aaf2fb115"
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
3604
pptm.js
www.paypal.com/tagmanager/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=give.unrefugees.org&t=xo&v=5.0.344&source=payments_sdk&client_id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
66ccc020ba92c20186b6c6054cc4b8b1a8490cfaa582c4bd1ebf38d07123dd76
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-HHH/FT9hji6kHnb1YqruDii3U6pnK+zrDQEzwWQVeTZLCLO9' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-HHH/FT9hji6kHnb1YqruDii3U6pnK+zrDQEzwWQVeTZLCLO9' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 04:34:18 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
33995
x-cache
HIT
paypal-debug-id
f67905415b0fc
server-timing
"traceparent;desc="00-0000000000000000000f67905415b0fc-82a2763cee9db15c-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4741
x-xss-protection
1; mode=block
x-served-by
cache-hhn-etou8220033-HHN
traceparent
00-0000000000000000000f67905415b0fc-ce5edbf26f0c90d6-01
x-timer
S1670992458.035819,VS0,VE2
etag
W/"3539-HXYor4jseplAdQXApscPD3urozQ"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600
accept-ranges
bytes
x-cache-hits
1
unhcr-visibility-horizontal-blue.svg
give.unrefugees.org/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.unrefugees.org/img/unhcr-visibility-horizontal-blue.svg
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.68.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-68-103.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e9027cbc9f2efbff37e09740f41c16a1ffd89eae8f1555f6a5955d3198d9c31d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/css/index.css?v=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
last-modified
Tue, 31 Oct 2017 17:19:01 GMT
accept-ranges
bytes
etag
"4aa739586c52d31:0"
content-length
12267
content-type
image/svg+xml
l
use.typekit.net/af/219c30/00000000000000003b9b0389/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/219c30/00000000000000003b9b0389/27/l?subset_id=2&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
50bfd91bb65762023b74efba030d3212fef8f6261707ba8edb9e4b28d13bb5ed

Request headers

Referer
https://use.typekit.net/hrp3szy.css
Origin
https://give.unrefugees.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
server
nginx
etag
"7c243ed5f8437a6687e49316f96967fcfd3feb05"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19160
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ 		403 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d64e243770a7345b699907f77f5e6789584278786ffa215802150dab0ee1d7a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://give.unrefugees.org/
Origin
https://give.unrefugees.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 00:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164801
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 01:21:32 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 00:51:56 GMT
muse.js
www.paypalobjects.com/muse/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=give.unrefugees.org&t=xo&v=5.0.344&source=payments_sdk&client_id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
84840867de170
dc
ccg11-origin-www-1.paypal.com
content-length
16464
x-served-by
cache-sjc10081-SJC, cache-hhn-etou8220040-HHN
last-modified
Tue, 03 May 2022 17:28:29 GMT
x-timer
S1670992458.088799,VS0,VE0
etag
W/"6271663d-da91"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
1004776, 250398
ts
t.paypal.com/ 		42 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AZXYADENKNJPZE-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AZXYADENKNJPZE-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3f710125-e254-44cc-ba7e-5d8abc3fb13d&fltp=analytics&mrid=ZXYADENKNJPZE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1670992458055&g=0&completeurl=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/3708) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
ECAcc (lhd/3708)
traceparent
00-00000000000000000003eaa4637c4401-46f393ef62ff1697-01
content-type
image/gif
paypal-debug-id
3eaa4637c4401
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=172
timing-allow-origin
*
content-length
42
expires
Wed, 14 Dec 2022 04:34:18 GMT
tv2track.php
collector-3219.tvsquared.com/ 		42 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector-3219.tvsquared.com/tv2track.php?action_name=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&idsite=TV-63728109-1&rec=1&r=914645&h=4&m=34&s=18&url=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&_id=47dddb85a84bdeba&_idts=1670992458&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=963
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.227.154 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-227-154.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

P3p
CP='OTI DSP COR NID STP UNI OTPa OUR'
Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
nginx
Connection
keep-alive
Request-Id
a8a80ed0-83ca-43f5-bcc6-c1ffb9d40041
Content-Length
42
Content-Type
image/gif
index.html
www.paypalobjects.com/muse/analytics/ Frame 4574 		54 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://give.unrefugees.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16791
content-type
text/html
date
Wed, 14 Dec 2022 04:34:18 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"6271663d-d994"
last-modified
Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id
50b39f10d2761
strict-transport-security
max-age=31557600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
935084, 273469
x-content-type-options
nosniff
x-served-by
cache-sjc10023-SJC, cache-hhn-etou8220040-HHN
x-timer
S1670992458.208896,VS0,VE0
ts
t.paypal.com/ 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AZXYADENKNJPZE-1&page=muse%3Aoffer%3A%3A%3AZXYADENKNJPZE-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3f710125-e254-44cc-ba7e-5d8abc3fb13d&es=visitorInfoFlowStarted&mrid=ZXYADENKNJPZE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1670992458268&g=0&completeurl=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35E6) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
ECAcc (lhd/35E6)
traceparent
00-00000000000000000007214687ee93d8-1b00bbfd052ddd20-01
content-type
image/gif
paypal-debug-id
7214687ee93d8
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=173
timing-allow-origin
*
content-length
42
expires
Wed, 14 Dec 2022 04:34:18 GMT
graphql
www.paypal.com/targeting/ Frame 4574 		435 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8a54692aa869e31887731be4a7a78ba8d181ddfde9be34ae6e9b81d996e85f48
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-nnI19EG2yr26o1YD/Fx8vh9511DcUsHX38xFix9i+8Fow2ju' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-nnI19EG2yr26o1YD/Fx8vh9511DcUsHX38xFix9i+8Fow2ju' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
date
Wed, 14 Dec 2022 04:34:18 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS
paypal-debug-id
f714263a1aa32
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-hhn-etou8220033-HHN
traceparent
00-0000000000000000000f714263a1aa32-bb30ac83a526eb03-01
x-timer
S1670992458.490964,VS0,VE247
etag
W/W/"1b3-AV1rEEwha8bElkXHS3YW0eOcV7s"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Wed, 14 Dec 2022 04:34:18 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f7142635d9e87
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f7142635d9e87-a4a589cde8907d21-01
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn-etou8220063-HHN
x-timer
S1670992458.287936,VS0,VE190
payframe
pay.google.com/gp/p/ui/ Frame C02B 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgive.unrefugees.org&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7d641be37ba246fc6f52ad51095c24248f53ef390bbe69399c4d66026aa5c434
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-Wl41lyJcYaBsuKDnWAJ84g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://give.unrefugees.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-Wl41lyJcYaBsuKDnWAJ84g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
cross-origin-resource-policy
same-site
date
Wed, 14 Dec 2022 04:34:18 GMT
expires
Wed, 14 Dec 2022 04:34:18 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to
{"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame 74DD 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=normal&cb=x647lmzc6w63
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1e4de30ec9b4dff5b5c8d77406bee47124a3626f16ee4292d4e04c9791c14266
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DDpV3FDtTl2LtQvZjUsulg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://give.unrefugees.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23076
content-security-policy
script-src 'report-sample' 'nonce-DDpV3FDtTl2LtQvZjUsulg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 04:34:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ Frame B27F 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://give.unrefugees.org
Referer
https://give.unrefugees.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://give.unrefugees.org
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 04:34:18 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
0
bat.bing.com/action/ 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5612726&tm=gtm002&Ver=2&mid=a952730d-421c-485c-9b59-ce36610010fe&sid=929001c07b6811edafa447488209c966&vid=928ffa707b6811ed9c0e75ed5ca06f9d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&p=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&r=&lt=2751&evt=pageLoad&sv=1&rn=686356
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Dec 2022 04:34:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F583D14FC4E24A27A4599C527CD212CA Ref B: FRA31EDGE0121 Ref C: 2022-12-14T04:34:18Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
tc.min.js
c1.rfihub.net/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:1a00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 03:55:33 GMT
content-encoding
gzip
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
last-modified
Wed, 14 Dec 2022 03:55:23 GMT
server
Jetty(9.3.29.v20201019)
x-amz-cf-pop
FRA56-P2
age
2325
x-cache
Hit from cloudfront
content-type
application/x-javascript
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
public, max-age=3600
content-length
6162
x-amz-cf-id
vYgmT2W7ogMAmsQgFWO-EV7E93F6kqcMnjNrh-zfogqRWlWAMrfupA==
expires
Wed, 14 Dec 2022 04:55:33 GMT
event
ad.ipredictive.com/d/track/ Frame A7E9 		0
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ipredictive.com/d/track/event?upid=101374&cache_buster=1670992457&url=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&val=undefined&tn=undefined&itms=undefined
Requested by
Host: js.ipredictive.com
URL: https://js.ipredictive.com/adelphic_universal_pixel.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.95.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-95-207.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://give.unrefugees.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Wed, 14 Dec 2022 04:34:18 GMT
X-CI-RTID
baca955a-f1bd-45d5-8ad0-5539fe500793
activityi;dc_pre=CLvkpf-j-PsCFalMHgId-pQF_g;src=4647326;type=unrefcms;cat=donfvis;ord=6433703586910;gtm=2wgbu0;auiddc=572612540.1670992458;u3=undefined;u2=undefined;~oref=https%3A%2F%2Fgive.unrefug...
4647326.fls.doubleclick.net/ Frame 24C4
Redirect Chain
  • https://4647326.fls.doubleclick.net/activityi;src=4647326;type=unrefcms;cat=donfvis;ord=6433703586910;gtm=2wgbu0;auiddc=572612540.1670992458;u3=undefined;u2=undefined;~oref=https%3A%2F%2Fgive.unref...
  • https://4647326.fls.doubleclick.net/activityi;dc_pre=CLvkpf-j-PsCFalMHgId-pQF_g;src=4647326;type=unrefcms;cat=donfvis;ord=6433703586910;gtm=2wgbu0;auiddc=572612540.1670992458;u3=undefined;u2=undefi...
676 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://4647326.fls.doubleclick.net/activityi;dc_pre=CLvkpf-j-PsCFalMHgId-pQF_g;src=4647326;type=unrefcms;cat=donfvis;ord=6433703586910;gtm=2wgbu0;auiddc=572612540.1670992458;u3=undefined;u2=undefined;~oref=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
0eebe1dc6779cab9dff8a0dba3b9ba3af8eb07081003282c82d27bd27c0b3303
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://give.unrefugees.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
403
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 04:34:18 GMT
expires
Wed, 14 Dec 2022 04:34:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 04:34:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://4647326.fls.doubleclick.net/activityi;dc_pre=CLvkpf-j-PsCFalMHgId-pQF_g;src=4647326;type=unrefcms;cat=donfvis;ord=6433703586910;gtm=2wgbu0;auiddc=572612540.1670992458;u3=undefined;u2=undefined;~oref=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
kds-events-gtm.min.js
storage.cloud.kargo.com/kds/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.cloud.kargo.com/kds/kds-events-gtm.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-72.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6bb14648f4a5ebf80cfc8571803a0cfa53ef9ef8b66e16e3972aa4f647ddf581

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
ADi5Q6flYxSpdMf.eubyYJHooQlF1EUa
content-encoding
gzip
date
Wed, 14 Dec 2022 04:34:18 GMT
x-amz-request-id
KMP8688BQKPW2KTA
x-amz-replication-status
COMPLETED
content-length
2262
x-amz-id-2
w+WgNix1/2uZkcTKak0E9OVvS6Ms9uCA9E46heAQtm8uCzZz7y921nuVKczgIdIKO9oE4Bl5UBs=
last-modified
Fri, 26 Aug 2022 12:16:38 GMT
server
AmazonS3
etag
"19b15a56af8b6dc7bae0037a86742bb5"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
content-encoding
gzip
etag
"KvGSi9leJgKNKEGESzHjYw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 21 Dec 2022 04:34:18 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&b=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&.yp=10095779&f=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&enc=UTF-8&yv=1.13.0&et=custom&ec=pageview&ea=donation_form_visit&tagmgr=gtm
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Wed, 14 Dec 2022 04:34:18 GMT
beacon
r.turn.com/r/
Redirect Chain
  • https://20669309p.rfihub.com/ca.gif?rb=9587&ca=20669309&ra=39609096
  • https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 14 Dec 2022 04:34:17 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

Location
https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=
Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
styles__ltr.css
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame 74DD 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=normal&cb=x647lmzc6w63
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:35:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 01:21:32 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:35:31 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame 74DD 		403 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=normal&cb=x647lmzc6w63
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d64e243770a7345b699907f77f5e6789584278786ffa215802150dab0ee1d7a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 00:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164801
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 01:21:32 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 00:51:56 GMT
ca.html
20826429p.rfihub.com/ Frame 6759 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&pf=&ra=12575415298934223
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
3bd12de2c420d6e0e70f6ed26b69a210ed0ca959a40e71ae25552dd33a30de19

Request headers

Referer
https://give.unrefugees.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
2753
Content-Type
text/html;charset=utf-8
Date
Wed, 14 Dec 2022 04:34:18 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
ca.html
20826429p.rfihub.com/ Frame 1444 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&pf=&ra=5194068967119838
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
29605ab02b52c385801792af17e38d1180acb5b381090f4e4c6bdba1f3932193

Request headers

Referer
https://give.unrefugees.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
2753
Content-Type
text/html;charset=utf-8
Date
Wed, 14 Dec 2022 04:34:18 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
ca.html
20826430p.rfihub.com/ Frame 44F6 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20826430p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826430&_o=9587&_t=20826430&pe=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&pf=&ra=46359405778820495
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
0cfa313b6b8d21f28b36880d37c80def8c5291f2129a1e83b2c497c67f044756

Request headers

Referer
https://give.unrefugees.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
2753
Content-Type
text/html;charset=utf-8
Date
Wed, 14 Dec 2022 04:34:18 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
rules-p-SLcBYqRUU3yLq.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-SLcBYqRUU3yLq.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f2e256cb560023d729b4581ba94e88cedce352fc2cbcbb60e3232a5859d4793

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 03:58:13 GMT
content-encoding
gzip
via
1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
2166
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 22:22:26 GMT
server
AmazonS3
etag
W/"291bda9609975bc4fbca3a725bc18ab7"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
6sQuM-13qsdE3iPipiF_cYIRrlml5oGxJeflE_lu8iuQDlmejlScJg==
725f91f1-4621-30be-4129-a21548d2e71e
crb.kargo.com/api/v1/initsync/ Frame F3AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://crb.kargo.com/api/v1/initsync/725f91f1-4621-30be-4129-a21548d2e71e?partners=Tapad
Requested by
Host: storage.cloud.kargo.com
URL: https://storage.cloud.kargo.com/kds/kds-events-gtm.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.0.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-0-5.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://give.unrefugees.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Date
Wed, 14 Dec 2022 04:34:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Krk-Reject-Reason
consent
Pragma
no-cache
Vary
Origin
X-Accel-Expires
0
v1
kds-pixel.kargo.com/api/ 		0
0
v1
kds-pixel.kargo.com/api/ 		0
0
truncated
/ Frame 74DD 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 74DD 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 74DD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 19:40:09 GMT
x-content-type-options
nosniff
age
464049
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 15 Dec 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 74DD 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=normal&cb=x647lmzc6w63
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 11:55:05 GMT
x-content-type-options
nosniff
age
405553
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:55:05 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 74DD 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=normal&cb=x647lmzc6w63
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d4dc0c66eadd4b3167ccb395964b88ea5717313ab053efc1618af0064cb7f3fd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=normal&cb=x647lmzc6w63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 14 Dec 2022 04:34:18 GMT
pixel;r=1844077769;labels=_fp.event.Donation%20Landing%20Page%2C_fp.customer.undefined;rf=0;a=p-SLcBYqRUU3yLq;url=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1844077769;labels=_fp.event.Donation%20Landing%20Page%2C_fp.customer.undefined;rf=0;a=p-SLcBYqRUU3yLq;url=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC;uht=2;fpan=1;fpa=P0-1133479768-1670992458499;pbc=;ns=0;ce=1;qjs=1;qv=b2bd41b7-20221206125257;cm=;gdpr=0;ref=;d=unrefugees.org;dst=0;et=1670992458610;tzo=0;ogl=title.2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR%2Ctype.website%2Curl.https%3A%2F%2Fgive%252Eunrefugees%252Eorg%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0%2Cimage.https%3A%2F%2Fcdn%252Eunrefugees%252Eorg%2Fu4uforms2020%2Fmedia%2Fcgynoafr%2Frf1200940_8g5a8157_1200x8%2Cdescription.More%20than%20100%20million%20people%20globally%20have%20fled%20war%252C%20violence%20and%20persecution%20%E2%80%94%20;ses=93472e98-9c30-4a87-8a3d-ffa7f13186a4
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
cm
a.rfihub.com/ Frame 6759
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMjkxMTg2MDE0Mg==&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJJy8cgsZiPdUrnK_KI6Xzw&google_cver=1
42 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJJy8cgsZiPdUrnK_KI6Xzw&google_cver=1
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 14 Dec 2022 04:34:18 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJJy8cgsZiPdUrnK_KI6Xzw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 6759
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=18&code=5140084922911860142
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084922911860142
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084922911860142
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:18 GMT
AN-X-Request-Uuid
07b38756-29d8-47df-8f7b-609d2b141788
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:18 GMT
AN-X-Request-Uuid
75321730-deac-416c-840a-41c622793f39
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084922911860142
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 6759
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084922911860142&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084922911860142&redir=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084922911860142&redir=
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
3.248.138.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-138-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-0bb46f593.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ZmPWOYMTQpU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v045-0ed41892e.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
06CjeycHTdo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084922911860142&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sd
us-u.openx.net/w/1.0/ Frame 6759 		43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5140084922911860142&r=
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
match
ps.eyeota.net/ Frame 6759
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=5142336720936411528&bid=omt9pi0
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=5142336720936411528&bid=omt9pi0
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 04:34:18 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?uid=5142336720936411528&bid=omt9pi0
Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
put
e1.emxdgt.com/ Frame 6759 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d16&uid=5140084922911860142
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.71.169.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
content-length
0
content-type
text/html
cksync.php
contextual.media.net/ Frame 6759 		45 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5140084922911860142
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 14 Dec 2022 04:34:18 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 14 Dec 2022 04:34:18 GMT
501709.gif
idsync.rlcdn.com/ Frame 6759
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084922911860142&referrer=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031...
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=e4ebe476-890b-4032-a486-6613c2aae286%3A1670992458.720107&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3De4ebe476-890b-4032-a486-6613c2aa...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=e4ebe476-890b-4032-a486-6613c2aae286%3A1670992458.720107
0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=e4ebe476-890b-4032-a486-6613c2aae286%3A1670992458.720107
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

Location
https://idsync.rlcdn.com/501709.gif?partner_uid=e4ebe476-890b-4032-a486-6613c2aae286%3A1670992458.720107
Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
bpi.rtactivate.com/tag/ Frame 6759 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=5140084922911860142
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.235.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-235-239.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 6759
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084922911860142&forward=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084922911860142&forward=&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084922911860142&forward=&C=1
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=57&external_user_id=5140084922911860142&forward=&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
360947.gif
idsync.rlcdn.com/ Frame 6759 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=5140084922911860142
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rocketfuel_sync
x.dlx.addthis.com/e/ Frame 6759 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5140084922911860142
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-201.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Wed, 14 Dec 2022 04:34:19 GMT
pragma
no-cache
date
Wed, 14 Dec 2022 04:34:19 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 6759
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084922911860142&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084922911860142&img=1&__user_check__=1&sync_id=92c55ead-7b68-11ed-8ef3-1a3cf9d10206
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084922911860142&img=1&__user_check__=1&sync_id=92c55ead-7b68-11ed-8ef3-1a3cf9d10206
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
126
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=7180&uid=5140084922911860142&img=1&__user_check__=1&sync_id=92c55ead-7b68-11ed-8ef3-1a3cf9d10206
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
55
Connection
keep-alive
Content-Length
0
sync
partners.tremorhub.com/ Frame 6759 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRF=5140084922911860142&r=O1Nr_vwEZwKV
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:4bad:ae69:ceac:6044 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Wed, 14 Dec 2022 04:34:18 GMT
server
Apache-Coyote/1.1
content-type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame 6759 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5140084922911860142
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.6.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-6-114.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame 6759 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5140084922911860142
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.181.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-181-25.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
beacon-n007-dub-prod.krxd.net
date
Wed, 14 Dec 2022 04:34:18 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1670992458
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/ Frame 6759
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084922911860142&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084922911860142&expires=30
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084922911860142&expires=30
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Server
52.58.214.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-214-36.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084922911860142&expires=30
date
Wed, 14 Dec 2022 04:34:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cm
p.rfihub.com/ Frame 6759
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y5lSSgAAANMPaAAp
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=Y5lSSgAAANMPaAAp&_test=Y5lSSgAAANMPaAAp
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y5lSSgAAANMPaAAp&_test=Y5lSSgAAANMPaAAp
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 14 Dec 2022 04:34:18 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-hhn-etou8220084-HHN
pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1670992459.852435,VS0,VE0
x-cache
HIT
location
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y5lSSgAAANMPaAAp&_test=Y5lSSgAAANMPaAAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
dc_pre=CLvkpf-j-PsCFalMHgId-pQF_g;src=4647326;type=unrefcms;cat=donfvis;ord=6433703586910;gtm=2wgbu0;auiddc=*;u3=undefined;u2=undefined;~oref=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_...
adservice.google.com/ddm/fls/z/ Frame 24C4 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLvkpf-j-PsCFalMHgId-pQF_g;src=4647326;type=unrefcms;cat=donfvis;ord=6433703586910;gtm=2wgbu0;auiddc=*;u3=undefined;u2=undefined;~oref=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC
Requested by
Host: 4647326.fls.doubleclick.net
URL: https://4647326.fls.doubleclick.net/activityi;dc_pre=CLvkpf-j-PsCFalMHgId-pQF_g;src=4647326;type=unrefcms;cat=donfvis;ord=6433703586910;gtm=2wgbu0;auiddc=572612540.1670992458;u3=undefined;u2=undefined;~oref=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4647326.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame 29A8 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e557401cc7a84acbf00a8aba436c1191f9fe8410438ba6acf62e5d6d207eed04
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-boUBZgoOkRZhBJQgz3iqiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://give.unrefugees.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1114
content-security-policy
script-src 'report-sample' 'nonce-boUBZgoOkRZhBJQgz3iqiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 04:34:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
match
ps.eyeota.net/ Frame 1444
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=5142336720936411528&bid=omt9pi0
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=5142336720936411528&bid=omt9pi0
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 04:34:18 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?uid=5142336720936411528&bid=omt9pi0
Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cm
p.rfihub.com/ Frame 1444
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y5lSSgADSc8J5wAe
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=Y5lSSgADSc8J5wAe&_test=Y5lSSgADSc8J5wAe
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y5lSSgADSc8J5wAe&_test=Y5lSSgADSc8J5wAe
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 14 Dec 2022 04:34:18 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-hhn-etou8220084-HHN
pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1670992459.806368,VS0,VE0
x-cache
HIT
location
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y5lSSgADSc8J5wAe&_test=Y5lSSgADSc8J5wAe
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cm
a.rfihub.com/ Frame 1444
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMjkxMTg2MDE0MQ==&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJJy8cgsZiPdUrnK_KI6Xzw&google_cver=1
42 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJJy8cgsZiPdUrnK_KI6Xzw&google_cver=1
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 14 Dec 2022 04:34:18 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJJy8cgsZiPdUrnK_KI6Xzw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 1444
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=18&code=5140084922911860141
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084922911860141
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084922911860141
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:18 GMT
AN-X-Request-Uuid
ee07fe35-4fc8-4b6c-a318-561e8ad2fcd7
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:18 GMT
AN-X-Request-Uuid
5f487e1b-562a-422c-ab2f-b8108dec8458
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084922911860141
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 1444
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084922911860141&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084922911860141&redir=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084922911860141&redir=
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
3.248.138.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-138-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-06601d6e7.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4VIlh5HxQ1o=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v045-0a4852727.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
6pFyn/eaTV4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084922911860141&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sd
us-u.openx.net/w/1.0/ Frame 1444 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5140084922911860141&r=
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
put
e1.emxdgt.com/ Frame 1444 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d16&uid=5140084922911860141
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.71.169.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
content-length
0
content-type
text/html
cksync.php
contextual.media.net/ Frame 1444 		45 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5140084922911860141
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 14 Dec 2022 04:34:18 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 14 Dec 2022 04:34:18 GMT
501709.gif
idsync.rlcdn.com/ Frame 1444
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084922911860141&referrer=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031...
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=80fa1334-ec99-48c1-9852-3f1549bddc07%3A1670992458.7436693&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D80fa1334-ec99-48c1-9852-3f1549b...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=80fa1334-ec99-48c1-9852-3f1549bddc07%3A1670992458.7436693
0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=80fa1334-ec99-48c1-9852-3f1549bddc07%3A1670992458.7436693
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

Location
https://idsync.rlcdn.com/501709.gif?partner_uid=80fa1334-ec99-48c1-9852-3f1549bddc07%3A1670992458.7436693
Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
bpi.rtactivate.com/tag/ Frame 1444 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=5140084922911860141
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.235.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-235-239.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 1444
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084922911860141&forward=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084922911860141&forward=&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084922911860141&forward=&C=1
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=57&external_user_id=5140084922911860141&forward=&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
360947.gif
idsync.rlcdn.com/ Frame 1444 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=5140084922911860141
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rocketfuel_sync
x.dlx.addthis.com/e/ Frame 1444 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5140084922911860141
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-201.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Wed, 14 Dec 2022 04:34:18 GMT
pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 1444
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084922911860141&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084922911860141&img=1&__user_check__=1&sync_id=92c0dc84-7b68-11ed-89c9-1ce730eb0106
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084922911860141&img=1&__user_check__=1&sync_id=92c0dc84-7b68-11ed-89c9-1ce730eb0106
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
64
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=7180&uid=5140084922911860141&img=1&__user_check__=1&sync_id=92c0dc84-7b68-11ed-89c9-1ce730eb0106
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
140
Connection
keep-alive
Content-Length
0
sync
partners.tremorhub.com/ Frame 1444 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRF=5140084922911860141&r=L6TOT3psmfHu
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:4bad:ae69:ceac:6044 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Wed, 14 Dec 2022 04:34:18 GMT
server
Apache-Coyote/1.1
content-type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame 1444 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5140084922911860141
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.6.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-6-114.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame 1444 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5140084922911860141
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.181.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-181-25.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
beacon-n015-dub-prod.krxd.net
date
Wed, 14 Dec 2022 04:34:18 GMT
cache-control
private, no-cache, no-store
x-request-time
D=137 t=1670992458
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/ Frame 1444
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084922911860141&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084922911860141&expires=30
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084922911860141&expires=30
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Server
52.58.214.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-214-36.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826429p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084922911860141&expires=30
date
Wed, 14 Dec 2022 04:34:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
match
ps.eyeota.net/ Frame 44F6
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=5142336720936411528&bid=omt9pi0
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=5142336720936411528&bid=omt9pi0
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826430p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 04:34:18 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?uid=5142336720936411528&bid=omt9pi0
Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/ Frame 44F6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y5lSSgAADu4J5gAe
85 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y5lSSgAADu4J5gAe
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826430p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220084-HHN
pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
1663
x-timer
S1670992459.806331,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
4195

Redirect headers

x-served-by
cache-hhn-etou8220084-HHN
pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1670992459.704379,VS0,VE93
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y5lSSgAADu4J5gAe
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
cm
a.rfihub.com/ Frame 44F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MjMzNjcyMDkzNjQxMTUyOA==&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJJy8cgsZiPdUrnK_KI6Xzw&google_cver=1
42 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJJy8cgsZiPdUrnK_KI6Xzw&google_cver=1
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826430p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 14 Dec 2022 04:34:18 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJJy8cgsZiPdUrnK_KI6Xzw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 44F6
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=18&code=5142336720936411528
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5142336720936411528
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5142336720936411528
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826430p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:18 GMT
AN-X-Request-Uuid
50e85fe7-771e-4b72-9450-7839b049111d
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:18 GMT
AN-X-Request-Uuid
0285efda-b65a-433b-9f93-56386b09e671
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5142336720936411528
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.41; 81.95.5.41; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 44F6
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5142336720936411528&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5142336720936411528&redir=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5142336720936411528&redir=
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
3.248.138.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-138-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826430p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-00c503e2b.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Io9AWpUiTGU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v045-0f14bb97f.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
27fqRx0DRdg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5142336720936411528&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sd
us-u.openx.net/w/1.0/ Frame 44F6 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5142336720936411528&r=
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826430p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
put
e1.emxdgt.com/ Frame 44F6 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d16&uid=5142336720936411528
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.71.169.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826430p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
content-length
0
content-type
text/html
cksync.php
contextual.media.net/ Frame 44F6 		45 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5142336720936411528
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826430p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 14 Dec 2022 04:34:18 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 14 Dec 2022 04:34:18 GMT
501709.gif
idsync.rlcdn.com/ Frame 44F6
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336720936411528&referrer=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031...
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=9dff58c0-f682-414f-b49e-c6526f67e4c2%3A1670992458.742813&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D9dff58c0-f682-414f-b49e-c6526f67...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=9dff58c0-f682-414f-b49e-c6526f67e4c2%3A1670992458.742813
0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=9dff58c0-f682-414f-b49e-c6526f67e4c2%3A1670992458.742813
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826430p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

Location
https://idsync.rlcdn.com/501709.gif?partner_uid=9dff58c0-f682-414f-b49e-c6526f67e4c2%3A1670992458.742813
Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
bpi.rtactivate.com/tag/ Frame 44F6 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=5142336720936411528
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.235.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-235-239.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826430p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 44F6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5142336720936411528&forward=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5142336720936411528&forward=&C=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5142336720936411528&forward=&C=1
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826430p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=57&external_user_id=5142336720936411528&forward=&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
360947.gif
idsync.rlcdn.com/ Frame 44F6 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=5142336720936411528
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826430p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rocketfuel_sync
x.dlx.addthis.com/e/ Frame 44F6 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5142336720936411528
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-201.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826430p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Wed, 14 Dec 2022 04:34:18 GMT
pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 44F6
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5142336720936411528&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5142336720936411528&img=1&__user_check__=1&sync_id=92c114b6-7b68-11ed-b883-1e87ce780106
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5142336720936411528&img=1&__user_check__=1&sync_id=92c114b6-7b68-11ed-b883-1e87ce780106
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826430p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
114
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 14 Dec 2022 04:34:18 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=7180&uid=5142336720936411528&img=1&__user_check__=1&sync_id=92c114b6-7b68-11ed-b883-1e87ce780106
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
49
Connection
keep-alive
Content-Length
0
sync
partners.tremorhub.com/ Frame 44F6 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRF=5142336720936411528&r=kXxx3nF1EegF
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:4bad:ae69:ceac:6044 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826430p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Wed, 14 Dec 2022 04:34:18 GMT
server
Apache-Coyote/1.1
content-type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame 44F6 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5142336720936411528
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.6.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-6-114.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826430p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:18 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame 44F6 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5142336720936411528
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.181.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-181-25.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826430p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
beacon-n004-dub-prod.krxd.net
date
Wed, 14 Dec 2022 04:34:18 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1670992458
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/ Frame 44F6
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336720936411528&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5142336720936411528&expires=30
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5142336720936411528&expires=30
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Server
52.58.214.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-214-36.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20826430p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5142336720936411528&expires=30
date
Wed, 14 Dec 2022 04:34:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame C02B 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgive.unrefugees.org&mid=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1608
content-type
text/html; charset=UTF-8
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/am=3AAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame C02B 		155 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/am=3AAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjs8QGAfWh9FDDxSJ8ZJzR7mHGrbg/m=_b,_tp,_r
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgive.unrefugees.org&mid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1be0c3c829df3b7c305b6d413ec4ad3932d157eaa9c5dd0c9f4bcb11c43de26b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:38:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39371
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55890
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 12:25:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:38:07 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame 29A8 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:35:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 01:21:32 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:35:31 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame 29A8 		403 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d64e243770a7345b699907f77f5e6789584278786ffa215802150dab0ee1d7a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 00:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164801
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 01:21:32 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 00:51:56 GMT
m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Svn... Frame C02B 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.SvnZyf6A1eU.L.B1.O/am=3AAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhhgnpbKCnyN5ccChOXfmHvbHHcpA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/am=3AAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjs8QGAfWh9FDDxSJ8ZJzR7mHGrbg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c02d559d2909e4fdd805537332e5d975faf5b9a08f3c777996d2c67af931fb1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:44:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25995
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 02:28:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:44:44 GMT
pay
pay.google.com/gp/p/ui/ Frame C02B 		1 MB
355 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/am=3AAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjs8QGAfWh9FDDxSJ8ZJzR7mHGrbg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c44348cebc0fa3ae4f269cb0ba390319bc33f7d8386a6e72b7b112e46b9abd82
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-G2tFDDj-V_9B98kYYZjR4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-G2tFDDj-V_9B98kYYZjR4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
report-to
{"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 14 Dec 2022 04:34:18 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Svn... Frame C02B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.SvnZyf6A1eU.L.B1.O/am=3AAg/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhhgnpbKCnyN5ccChOXfmHvbHHcpA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/am=3AAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjs8QGAfWh9FDDxSJ8ZJzR7mHGrbg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b37b9123ac7bd72bd1b2b34583d7a580d3a47958bba0a98553ccdecf5326561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:44:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9246
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 02:28:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:44:44 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Svn... Frame C02B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.SvnZyf6A1eU.L.B1.O/am=3AAg/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhhgnpbKCnyN5ccChOXfmHvbHHcpA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/am=3AAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjs8QGAfWh9FDDxSJ8ZJzR7mHGrbg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
248260f69218e27ceecdda7774300d875e2b02b3b11ec63fbda562554b8a8940
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:44:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13445
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 02:28:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:44:44 GMT
log
play.google.com/ Frame C02B 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/am=3AAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjs8QGAfWh9FDDxSJ8ZJzR7mHGrbg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 04:34:18 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 04:34:18 GMT
expires
Wed, 14 Dec 2022 04:34:18 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame C02B 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/am=3AAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjs8QGAfWh9FDDxSJ8ZJzR7mHGrbg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 04:34:18 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 04:34:18 GMT
expires
Wed, 14 Dec 2022 04:34:18 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame C02B 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/am=3AAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjs8QGAfWh9FDDxSJ8ZJzR7mHGrbg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 04:34:18 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 04:34:18 GMT
expires
Wed, 14 Dec 2022 04:34:18 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame C02B 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/am=3AAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjs8QGAfWh9FDDxSJ8ZJzR7mHGrbg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 04:34:18 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 04:34:18 GMT
expires
Wed, 14 Dec 2022 04:34:18 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame C02B 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/am=3AAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjs8QGAfWh9FDDxSJ8ZJzR7mHGrbg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 04:34:18 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 04:34:18 GMT
expires
Wed, 14 Dec 2022 04:34:18 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame C02B 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/am=3AAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjs8QGAfWh9FDDxSJ8ZJzR7mHGrbg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 04:34:18 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 04:34:18 GMT
expires
Wed, 14 Dec 2022 04:34:18 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
m=RqjULd
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Svn... Frame C02B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.SvnZyf6A1eU.L.B1.O/am=3AAg/d=1/exm=Das5Le,EFQ78c,FCpbqb,IZT63,LEikZe,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,lwddkf,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhhgnpbKCnyN5ccChOXfmHvbHHcpA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=RqjULd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/am=3AAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjs8QGAfWh9FDDxSJ8ZJzR7mHGrbg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca1e72c59edacf9ad24e0d048906db4686b360c8e23efc752a86aec92929e669
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:44:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4023
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 02:28:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:44:44 GMT
log
play.google.com/ Frame C02B 		131 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/am=3AAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjs8QGAfWh9FDDxSJ8ZJzR7mHGrbg/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 04:34:18 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 04:34:18 GMT
m=UUJqVe,siKnQd,MpJwZc,KUM7Z,SpsfSb,xQtZb,zbML3c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Svn... Frame C02B 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.SvnZyf6A1eU.L.B1.O/am=3AAg/d=1/exm=Das5Le,EFQ78c,FCpbqb,IZT63,LEikZe,PrPYRd,RqjULd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,lwddkf,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhhgnpbKCnyN5ccChOXfmHvbHHcpA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=UUJqVe,siKnQd,MpJwZc,KUM7Z,SpsfSb,xQtZb,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.a8iRIxVkeCM.es5.O/am=3AAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjs8QGAfWh9FDDxSJ8ZJzR7mHGrbg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7178729519e557b8750d2853c39740355fec5df8d1f25d5caabce73e480472c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:44:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12366
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 02:28:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:44:44 GMT
i
tr.snapchat.com/cm/ Frame B6E0 		0
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=cda0845c-e241-4b98-8d4b-abdc76d31d9d&u_scsid=55665071-1dbb-40ac-8dc3-63a7e36b0ba3&u_sclid=e1c74fc3-fe8d-4434-b063-b19a9aefb577
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://give.unrefugees.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 14 Dec 2022 04:34:19 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
cda0845c-e241-4b98-8d4b-abdc76d31d9d.js
tr.snapchat.com/config/org/ 		144 B
536 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/org/cda0845c-e241-4b98-8d4b-abdc76d31d9d.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e881080fcdc4e516f43aae8c7b81737169601e12d939570c946998fe98f40863
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://give.unrefugees.org/
Origin
https://give.unrefugees.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
API Gateway
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://give.unrefugees.org
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ 		68 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=cda0845c-e241-4b98-8d4b-abdc76d31d9d&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&bt=1d53c387&if=false&m_dcl=0&m_pi=0&m_pl=0&m_pv=v2&m_rd=3373&m_sl=2069&rf=&trackId=373b866c-90ec-4d0e-ad66-81e927d2b313&ts=1670992459025&u_c1=0757aee8-7991-4cdb-a41b-1d582d014310&u_sclid=e1c74fc3-fe8d-4434-b063-b19a9aefb577&u_scsid=55665071-1dbb-40ac-8dc3-63a7e36b0ba3&v=2.0.0
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:34:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Dec 2022 04:34:19 GMT
x-amz-request-id
RRKXEVQW2SDW2GHS
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
03CQTgRwutb23xI+ezVWDl/urz5PujEPZUUYeWq6WaU8koK6NYEk/hfPU/nUIjbAqwml6+O3/HwCh3VOvzmIag==
x-served-by
cache-hhn-etou8220041-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1670992459.051026,VS0,VE0
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
75
check.js;CIS3SID=E8032AD24C58245137C23E8C6E565253
h.online-metrix.net/fp/ Frame D3A4 		328 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/check.js;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&jb=35392e24687b6f7d3d55696e666d7f73246a7b673d57696c6c677f73273a383332246873607d354b6a706f6d6d24687b6235436a726f6f672d3232313830
Requested by
Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/tags.js?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&pageid=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
bf88929b36586813e0c2517079f6fb0ae8d6343da0e30b97aa18786c72b31ccd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:19 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
tmx-nonce
6c54e3a4b5e30c03
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
h.online-metrix.net/fp/ Frame D3A4 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&ck=0&m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:19 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
h.online-metrix.net/fp/ Frame D3A4 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&ck=0&m=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:19 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1959273370&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&ul=en-us&de=UTF-8&dt=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F220922wint_eoywint_d_3000&el=25%25&_u=aGHACEABRAAAAGAAI~&jid=227148676&gjid=465378824&cid=1115816511.1670992458&tid=UA-3754388-9&_gid=2077781041.1670992458&_r=1&gtm=2wgbu0N9KWLLF&z=1519819407
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://give.unrefugees.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.unrefugees.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1959273370&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&ul=en-us&de=UTF-8&dt=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F220922wint_eoywint_d_3000&el=50%25&_u=aGHACEABRAAAAGAAI~&jid=&gjid=&cid=1115816511.1670992458&tid=UA-3754388-9&_gid=2077781041.1670992458&gtm=2wgbu0N9KWLLF&z=348577703
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6708
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1959273370&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&ul=en-us&de=UTF-8&dt=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F220922wint_eoywint_d_3000&el=75%25&_u=aGHACEABRAAAAGAAI~&jid=&gjid=&cid=1115816511.1670992458&tid=UA-3754388-9&_gid=2077781041.1670992458&gtm=2wgbu0N9KWLLF&z=1440347056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6708
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1959273370&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&ul=en-us&de=UTF-8&dt=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F220922wint_eoywint_d_3000&el=100%25&_u=aGHACEABRAAAAGAAI~&jid=&gjid=&cid=1115816511.1670992458&tid=UA-3754388-9&_gid=2077781041.1670992458&gtm=2wgbu0N9KWLLF&z=1130217701
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6708
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
fa5b33ed7c80.js
w.usabilla.com/ Frame 8599 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.usabilla.com/fa5b33ed7c80.js?lv=1
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.50.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-50-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
91998714d8becfb51068e43460f2dc62490219f066c25ce7a49f814875134cc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:19 GMT
content-encoding
gzip
x-widget-server
2.1
etag
"328d42701f247ddd3937d8946c9a2c8b"
content-type
text/javascript
cache-control
public,max-age=0
content-length
11224
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-3754388-9&cid=1115816511.1670992458&jid=227148676&gjid=465378824&_gid=2077781041.1670992458&_u=aGHACEABRAAAAGAAI~&z=1394835594
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.unrefugees.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 14 Dec 2022 04:34:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.unrefugees.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cf888b8b66
bam.nr-data.net/1/ 		49 B
621 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/cf888b8b66?a=357730915&v=1216.487a282&to=ZFNSZUsADUJYWxFRC10ZfWd6TjFUV1wASilFVXNeVxURXlVUAEpLfllURFUEM1BeXQ%3D%3D&rst=3431&ck=1&ref=https://give.unrefugees.org/220922wint_eoywint_d_3000&ap=619&be=1862&fe=3375&dc=2741&perf=%7B%22timing%22:%7B%22of%22:1670992455651,%22n%22:0,%22f%22:517,%22dn%22:518,%22dne%22:535,%22c%22:535,%22s%22:704,%22ce%22:877,%22rq%22:877,%22rp%22:1839,%22rpe%22:1840,%22dl%22:1842,%22di%22:2741,%22ds%22:2741,%22de%22:2751,%22dc%22:3370,%22l%22:3375,%22le%22:3388%7D,%22navigation%22:%7B%7D%7D&fp=2170&fcp=2170&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 04:34:19 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
779439f57e279c10-FRA
logger
www.paypal.com/xoplatform/logger/api/ 		1014 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c6c045377130344b2542f469a2c03b8f824e00f0bdaa9d5eda085642ef4b0645
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://give.unrefugees.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
content-type
application/json

Response headers

date
Wed, 14 Dec 2022 04:34:19 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS
paypal-debug-id
f675749a63268
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn-etou8220063-HHN
traceparent
00-0000000000000000000f675749a63268-28e238946ac64b45-01
x-timer
S1670992459.291700,VS0,VE190
etag
W/W/"3f6-aIZz+adhcOX/YE+PB6n5t+Z6DAU"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://give.unrefugees.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://give.unrefugees.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://give.unrefugees.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Wed, 14 Dec 2022 04:34:19 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f675749940f6f
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f675749940f6f-64afe3a944509348-01
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-hhn-etou8220063-HHN
x-timer
S1670992459.092928,VS0,VE190
clear.png
h.online-metrix.net/fp/ Frame D3A4 		81 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/clear.png
Requested by
Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/check.js;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&jb=35392e24687b6f7d3d55696e666d7f73246a7b673d57696c6c677f73273a383332246873607d354b6a706f6d6d24687b6235436a726f6f672d3232313830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*, zrtzph91/6c54e3a4b5e30c03e1873-191614bb-eb08-4452-98a3-87b6246988f7
Referer
https://give.unrefugees.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 04:34:19 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 14 Dec 2022 04:34:19 GMT
Server
Apache
Etag
782b5a7a012b42ba98b5a85320bbd1ef
Content-Type
image/png
Access-Control-Allow-Origin
https://give.unrefugees.org
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
Expires
Mon, 13 Dec 2027 04:34:19 GMT
ls_fp.html;CIS3SID=E8032AD24C58245137C23E8C6E565253
h.online-metrix.net/fp/ Frame A27C 		92 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03
Requested by
Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/check.js;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&jb=35392e24687b6f7d3d55696e666d7f73246a7b673d57696c6c677f73273a383332246873607d354b6a706f6d6d24687b6235436a726f6f672d3232313830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
6d872552faf9247873d70695b6cf27ae314d8480447c6613d62fef2cb714cf4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://give.unrefugees.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 14 Dec 2022 04:34:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=96
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
clear.png
h.online-metrix.net/fp/ Frame D3A4 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&jb=33362e6e71693d3a653435383a3a3e6163333a3c6337343a6a303132356b3f603b363538666931
Requested by
Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/check.js;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&jb=35392e24687b6f7d3d55696e666d7f73246a7b673d57696c6c677f73273a383332246873607d354b6a706f6d6d24687b6235436a726f6f672d3232313830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:19 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
es.js
h.online-metrix.net/fp/ Frame D3A4 		104 B
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/es.js?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&cb=td_3W
Requested by
Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/check.js;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&jb=35392e24687b6f7d3d55696e666d7f73246a7b673d57696c6c677f73273a383332246873607d354b6a706f6d6d24687b6235436a726f6f672d3232313830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
d472190d36180d075db67f055a5efb946a18829dbbcefdecea24df6634c51a42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:19 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sid_fp.html;CIS3SID=E8032AD24C58245137C23E8C6E565253
h.online-metrix.net/fp/ Frame 04AA 		104 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03
Requested by
Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/check.js;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&jb=35392e24687b6f7d3d55696e666d7f73246a7b673d57696c6c677f73273a383332246873607d354b6a706f6d6d24687b6235436a726f6f672d3232313830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
e83027e8c6b88196d231560ab2c5ecaf218cc7fdce66823c42e12dcc20ea7b1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://give.unrefugees.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 14 Dec 2022 04:34:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=97
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
clear.png
h.online-metrix.net/fp/ Frame D3A4 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&jd=35352e24686e6e3533246a666a3f313934313f396662663b3f3b3f65313e3f6063353734606a3b31606134326b3a2462667c6e3f303a37363233
Requested by
Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/check.js;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&jb=35392e24687b6f7d3d55696e666d7f73246a7b673d57696c6c677f73273a383332246873607d354b6a706f6d6d24687b6235436a726f6f672d3232313830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:19 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
top_fp.html;CIS3SID=E8032AD24C58245137C23E8C6E565253
h.online-metrix.net/fp/ Frame 010D 		90 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/top_fp.html;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03
Requested by
Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/check.js;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&jb=35392e24687b6f7d3d55696e666d7f73246a7b673d57696c6c677f73273a383332246873607d354b6a706f6d6d24687b6235436a726f6f672d3232313830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
0150f3853d818af09dcfdf9066aa7e696dc63cfb30c981b993a9c6dc28dc64b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://give.unrefugees.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 14 Dec 2022 04:34:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=99
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
clear.png
h.online-metrix.net/fp/ Frame D3A4 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&ja=32333834242e633530247a3d32246e3d3336383878313232382e69663f393e32327a333232382e7b7a7b3d307032246c707a3d332c313432382c333238382c31363238243932323824333432322c333a38382e333630382e333a30382c322c30246f7c3d6338303a616263666b3f3f64666e6c643b6763383639393c353236623163356926656e3f342671616c3d30342e64683d68767c787b2531492d304427304665617e6d2c776e726d64776f656d732c6f7265273a46303238313232776b667c57656d717f6b6c765d645d3b3838322733467d766f576d6d646b756d27314c656f616164253236777c6557636b6c2d3146323233334338383232334362454e7151494e2732367776655f716f7d7a636525314c7d3c752f69787267636e25303e7d7c6f5d636165726361676625314455515d58535d45465757494e564d5a3a30303a5743525247414e575757303031323930273a367d746f5f636d6c7c656c742d3b4466756e646e616c674a475a27303453445767666776696d6d27314c373831334b3032323830304e7a61775141412d3a3e534457656d6c766a6c7b2d3b4c35323131433232383038324c726a3353494324647a35687474727b2d3b41273a4e2730446569746d267d6c7065667d65676d73266f70672530443a3232393a3a77696e76576d6779756166765d665d333238382d31447574655d6f6d6461756f2533466765616b6c2d3a3675746f576b6164273b4c323231334b3238383831416a47447b53494e2d323475746f5d7b6f77726b6d253344773c7d256172786d636e273036777c655761636d70696b6566253b4457535f525157454c5f5f414e5445503a383a325d49585247434e5f5d573a3a333031322d30347d74655f616f6e7667667427334c6e756c6c6461646d424d502d303451445f6d666d7c6b6f65253b46353831394b32303032323a4e70697f59414325303e5b4e5f6f6766766a6e7b25314c3f3833334b303832323832467268315143412e706e3d3b2e70683d35306e3a3863693e606164606533393b6a353138376967326c336a64603264362460683f646b3b39306137693d3a63633b6c6763373a66326d6c6a316161643b60336a342e6a716f3d556b66646d777b2d323031322e627b623f4b60706d6f6725303839383a246a7367773f5f6966646d777324687b62773d4b60726f6d672e6660633f3c2e6c666f3f382466657c723f30267c786635457c63273246576c636e6d77662e6d61746a7a353c30323b6c336130606561383a6d346163353e3232303269643335353632396666343d30383134336c3e6d61633a3c66613b3661646a6c3f30313133393b346926783d726c75656b665f646c697b682535476e6964736729786e77656b6e5d7f6166666d7773576f676c69695f726c617b677a2537456e696c73652378647d676b665763666d60655d696b7a6d6061742d37476e6164736721706e776f696c5f797d69636b7661656d25374d6e636e71672172647d6f6b6c5f73606d61637769766725354764696c716529786c75676b66577a656364786e637b6772273d4d6e636e736529726e7d67616e5d766c615d786c63796d7a2535456469647b6523786477656b6c5f666d7e696e7472253d4764696c7b6523706c7765616e5d737e6f5f7669677f6d7a25374d6e636e71672172647d6f6b6c5f6a6974632d354d66636c7367246f6c5d63357f6562676e5f6d6a474e2d3a32332c32253038204772676e4744273038455b253030322c322d323243607a6f6d697765215f65604f44273032454c51442d3a324753253a323326302d3232284f726766474e253a3845532530384f44534e2d3a3247512732323926382730304360706d65697d6d2b57656049617455656a4369742530385f6d624544494c454e475f6b667b7c636c63656c5d637a72697971253340273a3047585c57626c656c6c5765696c65697a2731402530384d50565d636f646d7057627d666465725d6a696c645f6e646f6174273b4a2d32324d50565d646e6f637c576a6e676e642d31402d3238455a545f647069675d646d78746825314a2d3a3047505c5d716a6364677a577c677a74757a675d646f6c2531422530324d58565f7c6d787475706d576b6f6f787a6771716b6f6c576a78766125334a2730384550545d74657a767d72675f6b676d7072677b7b616f6c577a6576612733402d3a38475a545f7c677a7c757a655d66696e766d725d616661736f747067786163273b4a273032475856577b5a454025334a2730384f4d535d656c676f6d6e765f61666465785d7d616674273b4a2730324d4551576e6a6d5d72656666677a5f6569726d6172273b422732384745535f717c696664637a6c5d6667706974697c61746773253b40273a304745515f74677a7c757065576e6c6f61762d3b4a2530384747515d76657a7c7d7a675d666c676376576c616e67617227314a253030474d535f7467707c7d72675760636e645d666e67697c273142253a324d4d53577467787477706d5f6a61646e5f666c6d697c576c6b666d6370273142273a384747515f766d70766d7857617072617b5d676268656b7c253342273a385f45404f445d616d6e6f70576a7d6464657257646e67617c2531422530325f4540474457636f6d727a6d7b73676c5776677a7675706d5769717663253b40273a305f4540474c5d61676d72726d7b7365645d7c6d7074777a6d5d67766125314a2d3a325545424f4e5d6b6f657070657371676c5f7665707c7572655d6d7c6b31273b4a2730325545404f4457616d6d707a67717b656c5f76657876777a655d733b7c632533402d3a3857474a4f4e5d616d6d727a6d7b7167645f7c677a7c757a655d73337661577370676a2d33422530385f4d4245445766676077675d7a6d66666772657a5d6b6666672531422530325f45404744576465707660577c657a7c7d7067273142273a385f4740474c5766706977576277666667707b2531422d3a305745404f44576c6d7b6d5d616d6c7467707c2d314025323855474a47445f6f756c766b576470617f393626676e57603533646e3d666464363736386c6c613630376d34306a65386535346430373d343431383c64343237312e7f676e7e354b6c76676c273a38416c612e267f656e7a3d416e76656c2730384970697b2d32304f726d664f4c273a38476c656b6e672e6b6b663f30&jb=31353c246e793d456f78696c6e632d32443526382532302a5f6166646d7f7b2730324c54273a3839322c30253b40273a305f696c363427314a253030703e34292530384978706e6d5f6760496b74273a4e3d31352e333e273038284348564d4c27304b25303064616b652530384f6d6369672127303241687067656d27304631383a2c382e3d3337392e3b3a2d323253696e617269273a4e3d3335263b34
Requested by
Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/check.js;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&jb=35392e24687b6f7d3d55696e666d7f73246a7b673d57696c6c677f73273a383332246873607d354b6a706f6d6d24687b6235436a726f6f672d3232313830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 04:34:19 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
Content-Type
text/javascript;charset=UTF-8
clear.png
zrtzph91v7qgvkwalztt7lf52udeva56d2unnrdq6c54e3a4b5e30c03am1.e.aa.online-metrix.net/fp/ Frame D3A4 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zrtzph91v7qgvkwalztt7lf52udeva56d2unnrdq6c54e3a4b5e30c03am1.e.aa.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&di=yes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.134.131 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:19 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3754388-9&cid=1115816511.1670992458&jid=227148676&_u=aGHACEABRAAAAGAAI~&z=737982150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3754388-9&cid=1115816511.1670992458&jid=227148676&_u=aGHACEABRAAAAGAAI~&z=737982150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clear.png
h.online-metrix.net/fp/ Frame A27C 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&jf=33362e6e716a3d393061623734343c323a303c3c3931353b316a6a663a396a3235336332373a3e
Requested by
Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:19 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=95
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
es.js
h.online-metrix.net/fp/ Frame A27C 		104 B
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/es.js?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&cb=td_3W&fr
Requested by
Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
1d8397824e84cb208f06f81296130f6b1ed0a0235b1b0b67d0401840ab6c3650
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:19 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=98
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
unhcr-button-ca8fba580979f02c2694fa49ed8ef52a.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame A8B3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d6tizftlrpuof.cloudfront.net/themes/production/unhcr-button-ca8fba580979f02c2694fa49ed8ef52a.png
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/220922wint_eoywint_d_3000?utm_medium=email&utm_cid=0031K00003CjGLyQAN&utm_source=u4u-appeal&utm_campaign=US_PS_EN_WINTER2022_APPEAL___221212&utm_content=fullfileBOX&SF_onetime=7011K000002NriwQAC&SF_monthly=7011K000002Nrj1QAC
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-53.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90b232dae4b3477832ee21493d7558ace8cf6e9b8bc97f9c552f301da013f1da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 10:26:36 GMT
x-amz-version-id
.SrcatzoiMfoqGSBwRAbfAVYaagZkb9i
Via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
Last-Modified
Tue, 05 Feb 2019 19:50:28 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
756464
ETag
"ca8fba580979f02c2694fa49ed8ef52a"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=315360000, no-transform, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1768
X-Amz-Cf-Id
1WF0h3-qqtvd2CU4IVv5B3PejGEJ9LWufVIYblDpAXyPIsVR4bk9Ew==
clear1.png;CIS3SID=E8032AD24C58245137C23E8C6E565253
h.online-metrix.net/fp/ Frame D3A4 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.online-metrix.net/fp/clear1.png;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&jf=34313c2471616457726c643d76667a5f3230614056687441583b5935765d716d24716b645d6c697c673f31363f323b31323c353b26736b6657747b706d35776562386d6b6c73632e7b6b665d69657b353b38373b33303931323e303f32633836363a6b653164383a3031303438303a613a3e3c3a61673164323b3839323530333c303238303c6134613435663d373365313c3636333a303c3f62303b3c6131643739333b6e6b603131376b33673b316e6566326432646d636434313862643736383a6d63326b396466616464326a316d633630366e3a3a383438363b383160366b3460636d3d343931606b6c313266303a3663373465646a6c38356662656c3b34693838343626736b6657736b67353b303434323a3a38363a316b6137353364663e3b39353762326e30303930316430323232646a6335313f3c31636364396d3e61673d6c6035643665673e6d6d613062623a66303f35383230303331633d383632396d326236603a3b3f36366a3a3636333165633d3869633a37633e3a3a6d303a363639303732693635613c38336131366b303b32373b3b3135247169647a3538
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:19 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=97
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear1.png;CIS3SID=E8032AD24C58245137C23E8C6E565253
h.online-metrix.net/fp/ Frame 04AA 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.online-metrix.net/fp/clear1.png;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&jf=34313c2471616457726c643d76667a5f4a334b4935614c616642476c5a52313524716b645d6c697c673f31363f323b31323c353b26736b6657747b706d35776562386d6b6c73632e7b6b665d69657b353b38373b33303931323e303f32633836363a6b653164383a3031303438303a613a3e3c3a61673164323b3839323530333c303238303c343a3534343269646339313c323766303c693b36353d3e303767636363303b393b6430306961363c643f63346462333038303b313e6d30663232313b386433383d663634643660316d3a633533646c63373b376a303a64306067313363343130383433646a6c3838373a3e63353764363238393a603a31383a6335393938396426736b6657736b67353b303434323a3a3832676a3d66373a3337606c6d31603336383d333a69363d613462623032383760373b6c6536613369303f653a3f3f343135613131316d3166353963693164303538323030323b666c3933343d3c6637333b6e393b663a6b6a3b66343766613e3c6d373030363b60376e336b6534313234303c636063386c386330673d3a6c66353f316336247169647a3539
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:19 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=94
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
h.online-metrix.net/fp/ Frame D3A4 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&jac=1&je=31393124247f65613d3a312e3b3726352c34392e706d3d6c672e6a61767b7c3f27354025303a646d74676c253a30273b41392e32302530412d3230737c69747573273a3a2d33432d3a30616a63726561666f273032253f462469756c683f63613560316534653e30316363636b3e6e32633f6b333b303b33343b3c3e6037633339353b3e623c643a6464363a3e303233306e653466323b6e6b643a3c3d3b24677a333f6e396d673739636964353d313c3735363566303c3931363f3d3234653b3a6e6e6360303933316363
Requested by
Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/check.js;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&jb=35392e24687b6f7d3d55696e666d7f73246a7b673d57696c6c677f73273a383332246873607d354b6a706f6d6d24687b6235436a726f6f672d3232313830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 04:34:19 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=93
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P9YZZV758Y&gtm=2oebu0&_p=1959273370&cid=1115816511.1670992458&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1670992457&sct=1&seg=0&dl=https%3A%2F%2Fgive.unrefugees.org%2F220922wint_eoywint_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjGLyQAN%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_WINTER2022_APPEAL___221212%26utm_content%3DfullfileBOX%26SF_onetime%3D7011K000002NriwQAC%26SF_monthly%3D7011K000002Nrj1QAC&dt=2x%20MATCH%3A%20Help%20Refugees%20Survive%20Winter%20%7C%20USA%20for%20UNHCR&en=scroll&epn.percent_scrolled=90&_et=35
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P9YZZV758Y&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 04:34:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.unrefugees.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clear3.png;CIS3SID=E8032AD24C58245137C23E8C6E565253
h.online-metrix.net/fp/ Frame D3A4 		0
219 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/clear3.png;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&jac=1&je=31323b242478676d5f77706463766d3d27374a2d323230273a3a2d33432d3f4027303076677a2d3a302733413b27354c253a4327323233273a322733492d374225303a7d6664676e616c676632304d585c414d4c30253a30273b412d354066616e716d2530432d3a324f505641474625303a2d3041362735462d3f4c273544
Requested by
Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/check.js;CIS3SID=E8032AD24C58245137C23E8C6E565253?org_id=zrtzph91&session_id=e1873-191614bb-eb08-4452-98a3-87b6246988f7&nonce=6c54e3a4b5e30c03&jb=35392e24687b6f7d3d55696e666d7f73246a7b673d57696c6c677f73273a383332246873607d354b6a706f6d6d24687b6235436a726f6f672d3232313830
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , United States, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 04:34:23 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Type
text/javascript;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kds-pixel.kargo.com
URL
https://kds-pixel.kargo.com/api/v1
Domain
kds-pixel.kargo.com
URL
https://kds-pixel.kargo.com/api/v1

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| oncontentvisibilityautostatechange object| NREUM object| newrelic function| __nr_require object| dataLayer string| appUrl string| payPalPlanID string| googlePayEnvironment string| googlePayMerchantID string| googlePayMerchantPageID string| sessionID object| utmUsr object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| snaptr function| fbq function| _fbq object| dotq object| _tvq object| gaplugins object| gaGlobal object| gaData object| YAHOO function| UET function| UET_init function| UET_push object| ueto_9d4be6bcb7 object| uetq object| google_optimize function| onYouTubeIframeAPIReady object| td_2p boolean| tmx_profiling_started function| tmx_run_page_fingerprinting function| td_K function| td_E function| td_Z function| td_s function| td_0X function| td_2o function| td_k function| td_M function| td_c function| td_i function| td_3M function| td_0o function| td_5a function| td_4g function| td_n function| td_I function| td_1d function| td_q function| td_1P function| tmx_post_session_params_fixed number| td_v number| td_R number| td_z number| td_l number| td_w object| td_0x object| regeneratorRuntime object| JSON3 string| _msdaf_id object| EF function| AdelphicUniversalPixel string| dafLink object| dafModule function| $ function| jQuery function| Plyr object| __post_robot_11_0_0___uid_mfhbvtdxnuyksxtwouicyhjrxpldtc object| paypal object| __zoid_10_1_0___uid_mfhbvtdxnuyksxtwouicyhjrxpldtc object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| paypalDDL string| PaypalOffersObject function| ppq object| JSON2 object| TV2Track object| recaptcha object| __post_robot_10_0_44__ object| PAYPAL function| Hammer object| Handlebars function| Cookies object| EGO7 object| WJ object| U4U object| giftCard object| isMobile function| getParameterByName function| getParameterByNameIgnoreCase function| setupInputValidation function| getFormattedDate object| GooglePay object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google object| outer object| closure_lm_524863 function| _rfi string| qVal function| captchaCallback function| captchaExpired object| payments function| kds number| cache_buster object| _qevents function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP function| quantserve function| __qc object| ezt object| _qoptions object| KARGO string| EVENTS_URL string| KRG_IMP_ID object| lsKimp object| pkimp object| vlsKimp object| vpkimp string| kimp string| cerbUrl function| lightningjs function| usabilla_live

68 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
h.online-metrix.net/ Name: thx_guid
Value: af7e9926c689b2a7d2c9aaecef2f448c
h.online-metrix.net/ Name: tmx_guid
Value: AAwdqmrFfdSLMZALlRa0yyEK34Nbuj--GNrU1M1bTHwEkj-dbJ5ycC_4VFXXwgTWGy3GQRJOWWfDorFPB16h4WYY0SyiAQ
.google.com/ Name: NID
Value: 511=rhLDtHJDoxx1XGg8qewvbr_yzceOrHQnh-RGKSi1ObEWc9ajEayxo3AqdWkrOJovLOABfblmVAFkvnh47f_VQfuY__T3JMxf0ooMjiOg9UAmYUBvg1oQI7B41dtxLY4FkjadeQUL8_Y0o_T-y71_MIxF2cxHZcRO2C7dyr7p7Xo
.unrefugees.org/ Name: _gcl_au
Value: 1.1.572612540.1670992458
.bing.com/ Name: MUID
Value: 10CB623DA103655E01A67047A0AF64C7
.give.unrefugees.org/ Name: _ga
Value: GA1.3.1115816511.1670992458
.give.unrefugees.org/ Name: _gid
Value: GA1.3.2077781041.1670992458
.give.unrefugees.org/ Name: _dc_gtm_UA-3754388-9
Value: 1
.unrefugees.org/ Name: _schn
Value: _6kz7xnk
.unrefugees.org/ Name: _scid
Value: 0757aee8-7991-4cdb-a41b-1d582d014310
.give.unrefugees.org/ Name: _dc_gtm_UA-1473340-18
Value: 1
.unrefugees.org/ Name: _ga_P9YZZV758Y
Value: GS1.1.1670992457.1.0.1670992457.60.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUlzpmWC31IFWrakH0FhflOjXQcQRHifCIzIuCfvf6LrifQSRN3E6MZvPzAV
.unrefugees.org/ Name: _fbp
Value: fb.1.1670992457867.1035493495
.mrtnsvr.com/ Name: userId
Value: 8j46aZxtM
.yahoo.com/ Name: A3
Value: d=AQABBElSmWMCEL4IJ8XrfttCk3DWK7MZt40FEgEBAQGjmmOjYwAAAAAA_eMAAA&S=AQAAAiFm_RIqilNoJSShP8IzIbk
.tapad.com/ Name: TapAd_TS
Value: 1670992457946
.tapad.com/ Name: TapAd_DID
Value: 8736a526-d865-4f8b-bb90-c84427468660
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.trkn.us/ Name: barometric[cuid]
Value: cuid_dd5881bb-ecfd-47fb-8618-34ab2eded255
give.unrefugees.org/ Name: _tq_id.TV-63728109-1.addf
Value: 47dddb85a84bdeba.1670992458.0.1670992458..
.ipredictive.com/ Name: ci_rtc
Value: _uts=1670992458
.ipredictive.com/ Name: cu
Value: 27745e84-4f0c-4605-9405-f4205c05c1cb|1670992458069
give.unrefugees.org/ Name: AWSALB
Value: k7YHDWY8AwtTrbKRC900NG9HDLY1KKyoPH9jxKbU7VKJVMrl+98yhhhI7MpxfhUvOeD2DpIhkdPN5E3Vp3BuRTIH42kZs6lUVOMNvLWShXuHJLorPA5gwWusZp7j
give.unrefugees.org/ Name: AWSALBCORS
Value: k7YHDWY8AwtTrbKRC900NG9HDLY1KKyoPH9jxKbU7VKJVMrl+98yhhhI7MpxfhUvOeD2DpIhkdPN5E3Vp3BuRTIH42kZs6lUVOMNvLWShXuHJLorPA5gwWusZp7j
.unrefugees.org/ Name: _uetsid
Value: 929001c07b6811edafa447488209c966
.unrefugees.org/ Name: _uetvid
Value: 928ffa707b6811ed9c0e75ed5ca06f9d
.paypal.com/ Name: ts_c
Value: vr%3D0ee9727b1850aa59ea40d3bbffffffff%26vt%3D0ee9727b1850aa59ea40d3bbfffffffe
give.unrefugees.org/ Name: U4UUser
Value: {%22firstName%22:%22Sherri%22%2C%22lastName%22:%22Butler%22%2C%22email%22:%22sherri.butler@sabre.com%22}
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MrA0NjMxNDQ1shDiM9SNCglKC8vLC8rLCMwFAGeDNXAlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MrA0NjMxNDQ1shDiM9SNCglKC8vLC8rLCMwFAGeDNXAlAAAA
.quantserve.com/ Name: mc
Value: 6399524a-976da-e3f53-ceef4
.turn.com/ Name: uid
Value: 8082247272213838188
.unrefugees.org/ Name: __qca
Value: P0-1133479768-1670992458499
.casalemedia.com/ Name: CMPRO
Value: 3183
.casalemedia.com/ Name: CMID
Value: Y5lSSkP.NfR7EfzNz6eBfwAA
.casalemedia.com/ Name: CMPS
Value: 3183
.adnxs.com/ Name: uuid2
Value: 6172440273425468515
.media.net/ Name: visitor-id
Value: 3139940588173798000V10
.media.net/ Name: data-rk
Value: 5142336720936411528~~3
.adnxs.com/ Name: anj
Value: dTM7k!M4/YErk#WF']wIg2C%woNja7!]tbPl1MNu::wpAk`W=ifSt1mlwV>_k_d>ai.%0)n:-ukJ7deX!_6-zQEVk`!'OR5LR7%K
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: LANG
Value: de_DE%3BDE
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY3MDk5MjQ1ODY1NiIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: tsrce
Value: targetingnodeweb
www.paypal.com/ Name: nsid
Value: s%3AOaGH-LHswAyjzGSLvzc8Qzy-kGv55poF.1ena2PuFPM0Z%2BL5tDu2MRKzdX6vZv7QD4xRmSouVKzo
.paypal.com/ Name: l7_az
Value: dcg01.phx
.paypal.com/ Name: ts
Value: vreXpYrS%3D1765686858%26vteXpYrS%3D1670994258%26vr%3D0ee9727b1850aa59ea40d3bbffffffff%26vt%3D0ee9727b1850aa59ea40d3bbfffffffe%26vtyp%3D
.eyeota.net/ Name: SERVERID
Value: 20038~DM
.paypalobjects.com/ Name: paypal-offers--cust
Value: null:null:null
.spotxchange.com/ Name: audience
Value: 92c55e53-7b68-11ed-8ef3-1a3cf9d10206
.krxd.net/ Name: _kuid_
Value: PQbCtyQj
.rezync.com/ Name: zync-uuid
Value: 9dff58c0-f682-414f-b49e-c6526f67e4c2:1670992458.742813
live.rezync.com/ Name: sd-session-id
Value: .eJwNyksOwiAQANC7zLoYZhiGz2UapUNCtGhK3dj07nb5knfA_NFtvXftO-R9--oE5dUuDcgHjPZb9QkZPDI5J4FscsKIniKcEwwdo7373JbrpKVWH4s1VSIZRq7mwUlNEU9SJSgXyijBpkTs4y0wRXRw_gGQmSWA.Y5lSSg.HrXIeDe640alJiLara0-V7oA62U
.dpm.demdex.net/ Name: dpm
Value: 71522561667392006710076556401088893072
.demdex.net/ Name: demdex
Value: 71522561667392006710076556401088893072
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y5lSSgAAANMPaAAp
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129fKqtEhOL47KDEgJLcrzjvf2NIuoKg_iNTQzN7C0NDIxtTA3Np_FiMQ3NTPYhcY_hcZ_hcb_hcafxITKn4XGX4TGX4XG34TG34WungWVfwuZb2ZutohVINI0Jzg43dHR0c83INHRsWAVK5ISCzOzTaxoVnCjOZEXzUvCZpYpaWmmFskGumlmFka6JoYmabpJJpapuslmpkZmaWbmqSbJRlYITXrmJkYWhsazhJEtNjZbJIxq8CM0PgDBDtdAuQEAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129fKqtEhOL47KDEgJLcrzjvf2NIuoKl_FKBBpmhMcnO7o6OjnG5Do6FjQxGJmmZKWZmqRbKCbZmZhpGtiaJKmm2RimaqbbGZqZJZmZp5qkmxkZWhmbmBpaWRiaqFnbmJkYWgMABVvHqJqAAAA
.bidswitch.net/ Name: c
Value: 1670992458
.bidswitch.net/ Name: tuuid_lu
Value: 1670992458
.bidswitch.net/ Name: tuuid
Value: 68f79e03-003e-49d1-bbe2-f94dfb0834b4
.unrefugees.org/ Name: _ga
Value: GA1.2.1115816511.1670992458
.unrefugees.org/ Name: _gid
Value: GA1.2.2077781041.1670992458
.unrefugees.org/ Name: _gat_UA-3754388-9
Value: 1
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBiQkAMAgEsImEq/iOo8VO4fBNlAGrGYrrQXI0qfg1vcbtsfKG7B5zZLJoLj7gmVdoMgAAAA==
.nr-data.net/ Name: JSESSIONID
Value: ea4a67d456f55b8a

8 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5140084922911860141
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5142336720936411528
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5140084922911860142
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=e4ebe476-890b-4032-a486-6613c2aae286%3A1670992458.720107
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=80fa1334-ec99-48c1-9852-3f1549bddc07%3A1670992458.7436693
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=9dff58c0-f682-414f-b49e-c6526f67e4c2%3A1670992458.742813
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20669309p.rfihub.com
20826429p.rfihub.com
20826430p.rfihub.com
4647326.fls.doubleclick.net
a.rfihub.com
aa.agkn.com
ad.doubleclick.net
ad.ipredictive.com
adservice.google.com
app.dafwidget.com
bam.nr-data.net
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
c1.rfihub.net
cdn.plyr.io
click.e.unrefugees.org
cm.g.doubleclick.net
code.jquery.com
collector-3219.tvsquared.com
connect.facebook.net
contextual.media.net
crb.kargo.com
d6tizftlrpuof.cloudfront.net
data.adxcel-ec2.com
dpm.demdex.net
dsum-sec.casalemedia.com
e1.emxdgt.com
event.mrtnsvr.com
fonts.googleapis.com
fonts.gstatic.com
g1782759016.co
give.unrefugees.org
googleads.g.doubleclick.net
h.online-metrix.net
ib.adnxs.com
idsync.rlcdn.com
js-agent.newrelic.com
js.ipredictive.com
kds-pixel.kargo.com
live.rezync.com
lyibja.unrefugees.org
p.rfihub.com
p.typekit.net
partners.tremorhub.com
pay.google.com
pixel.quantserve.com
pixel.tapad.com
play.google.com
ps.eyeota.net
r.turn.com
region1.analytics.google.com
rules.quantcount.com
s.yimg.com
sc-static.net
secure.quantserve.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
storage.cloud.kargo.com
sync-tm.everesttech.net
sync.search.spotxchange.com
t.paypal.com
tr.snapchat.com
trkn.us
us-u.openx.net
use.typekit.net
w.usabilla.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.tp88trk.com
x.bidswitch.net
x.dlx.addthis.com
zrtzph91v7qgvkwalztt7lf52udeva56d2unnrdq6c54e3a4b5e30c03am1.e.aa.online-metrix.net
kds-pixel.kargo.com
13.111.228.216
13.224.189.110
13.225.77.245
13.225.78.26
13.225.84.53
142.250.184.226
142.250.185.102
142.250.185.162
142.250.186.102
151.101.1.21
151.101.194.137
151.101.194.49
151.101.2.133
162.247.241.14
18.116.227.154
18.184.216.10
18.194.0.5
184.30.20.22
184.30.24.201
185.80.39.216
185.89.211.132
185.94.180.126
192.229.221.25
193.0.160.128
2.19.126.72
2001:4860:4802:32::36
2001:4de0:ac18::1:a:2a
2001:678:cb4:bbbb::11
212.82.100.181
2600:1901:0:7d2::
2600:1f18:612b:4200:4bad:ae69:ceac:6044
2600:9000:20eb:e00:6:44e3:f8c0:93a1
2600:9000:223c:1a00:1:76cf:fe80:93a1
2606:4700:21::681b:c358
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:802::2002
2a00:1450:4001:802::200a
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
2a00:1450:4001:812::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:400c:c07::9d
2a00:1450:400c:c1b::5c
2a02:26f0:480:f::213:7ec6
2a02:26f0:780::5f65:3681
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
3.127.6.114
3.229.86.20
3.248.138.237
3.71.169.66
34.204.208.160
34.204.227.63
34.98.64.218
35.190.43.134
35.190.72.228
35.227.237.181
35.227.248.159
35.244.174.68
52.211.50.179
52.25.243.35
52.48.181.25
52.58.214.36
54.158.235.239
54.69.68.103
54.82.95.207
91.235.132.130
91.235.134.131
0150f3853d818af09dcfdf9066aa7e696dc63cfb30c981b993a9c6dc28dc64b6
0604018ee997fa5e445c755ae0e4cec0de16d595834359aef25eaa8ca6ed57f0
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0cfa313b6b8d21f28b36880d37c80def8c5291f2129a1e83b2c497c67f044756
0dcc598e494e594317b1a5677b22fac5f762af917bc1b0f0bcef596df34cd3b4
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0eebe1dc6779cab9dff8a0dba3b9ba3af8eb07081003282c82d27bd27c0b3303
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53
127ed38a4225bf1e539654ce93433380bfe10c5796588d6309ecec6afe02a3c9
15d15926ef725375b609cf24a0e9f0bf581b5651c18cc9cac99f3d78f305e193
1ad2c17d074acf6294285ccca5e31aa0ba3c00e08be8b28226b5620609fbe9fe
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1be0c3c829df3b7c305b6d413ec4ad3932d157eaa9c5dd0c9f4bcb11c43de26b
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c1a744432792356c2e9d9abdaa97182f3757a89b4cb5be5a3aa13c20cdd802b
1d8397824e84cb208f06f81296130f6b1ed0a0235b1b0b67d0401840ab6c3650
1e4de30ec9b4dff5b5c8d77406bee47124a3626f16ee4292d4e04c9791c14266
248260f69218e27ceecdda7774300d875e2b02b3b11ec63fbda562554b8a8940
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
29605ab02b52c385801792af17e38d1180acb5b381090f4e4c6bdba1f3932193
2a72806e7ecf829960274016cfa7c3b84dd3f89fbba960f8e0e2b2fddfa743df
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2f61f967f0f19fe63c743f330f862db14d88fcc7e09eae7d22998e87a4e97749
38c9c1413e17c7a5ee87095bdb4cad0da069451ee937cb801c8f37f2c734644f
394e68bb96ac874b1a9f9b39286a16349ab781c8513ce632ce5c7ba8bb2ba0ab
3988981a4004cd6520bda6c6216c90776071b61f1a98b4c97c43d0be94036155
3bd12de2c420d6e0e70f6ed26b69a210ed0ca959a40e71ae25552dd33a30de19
3bfd5b69c294a60a04f91e37a61bcb61222803505d83372bcaf0614946ec7703
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e910ecdd9f3918165d27ba39052021a9f99dbd9e662c48e140c540e445e25dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
465ecd3c27cf42a3309af6bda6e2b8c4b9cb7a78788908904e0d6761a2c3102a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7d1cf5684c00a4183aab29cb49e2ca081a7896b53398fe58e3912117ab324
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50bfd91bb65762023b74efba030d3212fef8f6261707ba8edb9e4b28d13bb5ed
53b492f729960ead9c5779dc772534e0f00e2dcdbd1687a0d236af95417549b5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d9d7e78e22202af03b2d09ad31952e031e3423006cba4a29fd506c5664c7761
60ad39fa43fe443478bd89b66fcd41687f29c18a801647de044b03abf76bd458
62c0466b6e78094d8bb9b9fb50f13f3eb39e3be88dce7663ecfbcabde18b64bc
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
66ccc020ba92c20186b6c6054cc4b8b1a8490cfaa582c4bd1ebf38d07123dd76
672edf933c822bde52c94c5e5e724156bd9eb8160e7e879e129df41c8edae82c
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6bb14648f4a5ebf80cfc8571803a0cfa53ef9ef8b66e16e3972aa4f647ddf581
6bfbae61daf6218548d35bd824d5299e6f0517f156050c302ddd83fa0e8abdc8
6d872552faf9247873d70695b6cf27ae314d8480447c6613d62fef2cb714cf4a
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
73ef385046533349dbdb6264bfdb814819b44a3a7ddeedf7611db7d55f567c7c
7c707b4d486575fcdf35497e30073fd70f0a9ea072e4ca1ca724da7fbab22a9b
7cb56da908e94235a698c35dac8162e57993bfceefba669afddc29bd866b97f8
7d641be37ba246fc6f52ad51095c24248f53ef390bbe69399c4d66026aa5c434
7ecd5fa9a2d1ac1ef56e0ddef1561a59455e159f3896342ba8a329025ce0f29c
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f2e256cb560023d729b4581ba94e88cedce352fc2cbcbb60e3232a5859d4793
81f701abbdb3dcd7318338357add41af96a3b776549dc928c4703cf1cf9f2ffe
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8608c7129a24079dd332403d0aef583dcefdf0bfc02914d626a6559a3ac049ad
8a54692aa869e31887731be4a7a78ba8d181ddfde9be34ae6e9b81d996e85f48
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
90b232dae4b3477832ee21493d7558ace8cf6e9b8bc97f9c552f301da013f1da
91998714d8becfb51068e43460f2dc62490219f066c25ce7a49f814875134cc9
954410601a823f37e219f7930b7446f86afa15621326a7078d56fb9c910135cb
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
97880bcd7fcc199a008ea736ab008f7f92e9cf6c0addc2afb6c92b3e70d9c9a5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b37b9123ac7bd72bd1b2b34583d7a580d3a47958bba0a98553ccdecf5326561
9b9c0898e129c8c18b79f176435c368cecfe30a903797c9feba7a82ee19902bd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a7178729519e557b8750d2853c39740355fec5df8d1f25d5caabce73e480472c
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce
acb1891dbdbd5ba9c8cd826c361df68cf004fb702eed1b7bb2ce102b50a34be5
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b00ea6dbf24a120110b2c029c3113cf214fe6a5ea3b6dc0c89f021c81bbb6a68
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bcc519f8b0da8c7c7d4f0d00a4fafe16b16a125c8028b16a801a407b1e8572a2
bf88929b36586813e0c2517079f6fb0ae8d6343da0e30b97aa18786c72b31ccd
c02d559d2909e4fdd805537332e5d975faf5b9a08f3c777996d2c67af931fb1a
c0708756161be1206ff405c1c8459f99162bc457db33f650de48e29b5210ba6a
c44348cebc0fa3ae4f269cb0ba390319bc33f7d8386a6e72b7b112e46b9abd82
c6c045377130344b2542f469a2c03b8f824e00f0bdaa9d5eda085642ef4b0645
ca1e72c59edacf9ad24e0d048906db4686b360c8e23efc752a86aec92929e669
cd8a72b3334639b2b7f2b0d2ee00c00ca0786ce1ba0435487c7980f331a22427
d08c52cc003c28f266bcdf1924c340b183c1f32fb96da57550f6973f5fbe50a7
d2af6fccc7e434a8c0019c621de121e9ea0c9fc5da04b7755b7e7e2ca4c38c28
d472190d36180d075db67f055a5efb946a18829dbbcefdecea24df6634c51a42
d4dc0c66eadd4b3167ccb395964b88ea5717313ab053efc1618af0064cb7f3fd
d64e243770a7345b699907f77f5e6789584278786ffa215802150dab0ee1d7a6
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e557401cc7a84acbf00a8aba436c1191f9fe8410438ba6acf62e5d6d207eed04
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e83027e8c6b88196d231560ab2c5ecaf218cc7fdce66823c42e12dcc20ea7b1d
e881080fcdc4e516f43aae8c7b81737169601e12d939570c946998fe98f40863
e9027cbc9f2efbff37e09740f41c16a1ffd89eae8f1555f6a5955d3198d9c31d
eaf0ec8226518eb627f5fade801052a1ea281c506ebce8ce8ae99a27138ba2e7
eb7e68073ee5ed998d26671859e008697e757f3276759a8ec173e5a62d34a404
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
fd8c794bb43e5220596bc1c5d50f865268cd2655c86f0d3175875d7e1c3afcc6