urlscan.io logo urlscan.io
SecurityTrails logo

media.unhcr.org Open in urlscan Pro
35.81.197.244  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://media.unhcr.org/CS.aspx?VP3=LinkHome&OpenLightbox=2CZ9NU6YU5Y
Effective URL: https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
Submission: On August 26 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 35.81.197.244, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is media.unhcr.org.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 20th 2023. Valid for: a year.
This is the only time media.unhcr.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 35.81.197.244 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
21 5
Apex Domain
Subdomains		 Transfer
16 unhcr.org
media.unhcr.org
732 KB
3 gstatic.com
fonts.gstatic.com
69 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
2 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 982
7 KB
21 4
Domain Requested by
16 media.unhcr.org 1 redirects media.unhcr.org
3 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com media.unhcr.org
1 maxcdn.bootstrapcdn.com media.unhcr.org
21 4

This site contains links to these domains. Also see Links.

Domain
www.unhcr.org
www.orangelogic.com
Subject Issuer Validity Valid
media.unhcr.org
Amazon RSA 2048 M02		 2023-04-20 -
2024-05-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
Frame ID: 3D360D380E5A12AF70140FCB47B5C3BE
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

UNHCR - Refugees Media - Login/Registration

Page URL History Show full URLs

  1. https://media.unhcr.org/CS.aspx?VP3=LinkHome&OpenLightbox=2CZ9NU6YU5Y HTTP 302
    https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

21
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

809 kB
Transfer

2767 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://media.unhcr.org/CS.aspx?VP3=LinkHome&OpenLightbox=2CZ9NU6YU5Y HTTP 302
    https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request CS.aspx
media.unhcr.org/
Redirect Chain
  • https://media.unhcr.org/CS.aspx?VP3=LinkHome&OpenLightbox=2CZ9NU6YU5Y
  • https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
41 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.197.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-197-244.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
59d2601966d6dac6ff711545b82d09c00c4e070c8ba7c9a9f42a5baa472e3d43
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com checkout.stripe.com js.stripe.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
14176
content-security-policy
frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com checkout.stripe.com js.stripe.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='
content-security-policy-report-only
sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
content-type
text/html; charset=utf-8
date
Sat, 26 Aug 2023 19:13:35 GMT
feature-policy
geolocation 'none'
referrer-policy
same-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
private
content-length
193
content-security-policy
frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com checkout.stripe.com js.stripe.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='
content-security-policy-report-only
sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
content-type
text/html; charset=utf-8
date
Sat, 26 Aug 2023 19:13:34 GMT
feature-policy
geolocation 'none'
location
https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
referrer-policy
same-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		5 KB
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:400,400i,600,700,800
Requested by
Host: media.unhcr.org
URL: https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
07e11652262e211b28c7aead5983d029d1aea8c57cee673119bd852bd1ecac93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 26 Aug 2023 19:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 26 Aug 2023 19:08:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 26 Aug 2023 19:13:35 GMT
css2
fonts.googleapis.com/ 		20 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300;400;600&family=Fira+Sans+Extra+Condensed:wght@300;400;600&family=Fira+Sans:wght@300;400&display=swap
Requested by
Host: media.unhcr.org
URL: https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8a0c94f567d59c97f03ea63ba5a3336e9b548a06606da00d7ed5f895658dc915
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 26 Aug 2023 19:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 26 Aug 2023 19:13:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 26 Aug 2023 19:13:35 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: media.unhcr.org
URL: https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:13:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617
age
18437481
cdn-cachedat
2021-06-08 14:35:32
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cdn-cache
HIT
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
55fb4fa8e5dd0a7f71d503394bffb28b
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
7fce649448391cc5-FRA
cdn-requestpullsuccess
True
FrontEnd_SkinFamily33217908e1bde9375a08a5e1c12e4f32.css
media.unhcr.org/ClientFiles/COR/Styles/TEMP_SF0e0ac5/ 		620 KB
117 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.unhcr.org/ClientFiles/COR/Styles/TEMP_SF0e0ac5/FrontEnd_SkinFamily33217908e1bde9375a08a5e1c12e4f32.css
Requested by
Host: media.unhcr.org
URL: https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.197.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-197-244.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
cc16f720b0a434ad9649225048eb212f38d07191d8b0bdf33dfa86044cf210bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 03 Aug 2023 17:41:16 GMT
etag
"064b431c6d91:0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
118554
AdminV3_SkinFamily008b5c265f8bce7d45db10534fe821ca.css
media.unhcr.org/ClientFiles/COR/Styles/TEMP_SF0e0ac5/ 		575 KB
97 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.unhcr.org/ClientFiles/COR/Styles/TEMP_SF0e0ac5/AdminV3_SkinFamily008b5c265f8bce7d45db10534fe821ca.css
Requested by
Host: media.unhcr.org
URL: https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.197.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-197-244.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
8fb92dd9ba4672ec5714f34ec56697afefd209d80b21c3d87fff32b42b6ab0a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 03 Aug 2023 17:41:26 GMT
etag
"0e7f9b931c6d91:0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
98896
638261442210000000.js
media.unhcr.org/Include/TEMP3/ 		1 MB
313 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.unhcr.org/Include/TEMP3/638261442210000000.js
Requested by
Host: media.unhcr.org
URL: https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.197.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-197-244.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
705243433505e2052c0f1ec2c85f3b1dac949338e85dfb178e0915bab7a571c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 03 Aug 2023 17:40:56 GMT
etag
"04418a831c6d91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
319496
ajax-loader.gif
media.unhcr.org/ClientFiles/COR/Images/ 		740 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.unhcr.org/ClientFiles/COR/Images/ajax-loader.gif
Requested by
Host: media.unhcr.org
URL: https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.197.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-197-244.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c03648d5942c77a33eff64037c96e24ce8dbce2c877d9163e041ea2e36b83608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:13:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
last-modified
Fri, 28 Jul 2023 12:30:17 GMT
etag
"8012e8434fc1d91:0"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
740
RF2MSC218.png
media.unhcr.org/Assets/V2/ChFSRjFTNTAwMDAwMDAwMDAwNBIGVFJNaXNjGh1cVFJNaXNjXGRcNFwwXGFcUkYyTVNDMjE4LnBuZyIECAEQDw--~/7z_R7qUJ2pcJvTBz/7z_R7qUJ2pcJvTBz/ 		145 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.unhcr.org/Assets/V2/ChFSRjFTNTAwMDAwMDAwMDAwNBIGVFJNaXNjGh1cVFJNaXNjXGRcNFwwXGFcUkYyTVNDMjE4LnBuZyIECAEQDw--~/7z_R7qUJ2pcJvTBz/7z_R7qUJ2pcJvTBz/RF2MSC218.png
Requested by
Host: media.unhcr.org
URL: https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.197.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-197-244.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
503c2f076df7ef4c8ec7d753f65afa2d448b663dfb661b67460ed5d03b663f4e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com checkout.stripe.com js.stripe.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:13:37 GMT
content-security-policy
frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com checkout.stripe.com js.stripe.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='
x-content-type-options
nosniff, nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy-report-only
sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
content-disposition
inline; filename=RF2MSC218.png;
content-length
148965
x-xss-protection
1; mode=block
referrer-policy
same-origin
etag
"9f7382012dbca16c"
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, HEAD, OPTIONS, PUT, DELETE
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
feature-policy
geolocation 'none'
access-control-max-age
86400
accept-ranges
bytes
access-control-allow-headers
*
Blank.gif
media.unhcr.org/ClientFiles/COR/Images/Cortex3/ 		154 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.unhcr.org/ClientFiles/COR/Images/Cortex3/Blank.gif
Requested by
Host: media.unhcr.org
URL: https://media.unhcr.org/ClientFiles/COR/Styles/TEMP_SF0e0ac5/AdminV3_SkinFamily008b5c265f8bce7d45db10534fe821ca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.197.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-197-244.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b10f11e04cdcb585e127ffda10a7b66a6b69170f2d42438346db4d0c2ab3c2c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media.unhcr.org/ClientFiles/COR/Styles/TEMP_SF0e0ac5/AdminV3_SkinFamily008b5c265f8bce7d45db10534fe821ca.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:13:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
last-modified
Fri, 28 Jul 2023 12:30:16 GMT
etag
"07c4f434fc1d91:0"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
154
transparent_pixel.png
media.unhcr.org/ClientFiles/COR/Images/ 		110 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.unhcr.org/ClientFiles/COR/Images/transparent_pixel.png
Requested by
Host: media.unhcr.org
URL: https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.197.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-197-244.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
859e0d54ce7aae5de46f9ac67a24313fed8bd042baa8cd3135a1395db5aef5c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:13:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
last-modified
Fri, 28 Jul 2023 12:30:17 GMT
etag
"8012e8434fc1d91:0"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
110
Q0L12DP.svg
media.unhcr.org/Assets/V2/ChFSRjFTNTAwMDAwMDAwMDAwNBIGVFJNaXNjGhtcVFJNaXNjXDRcOVwwXDRcUTBMMTJEUC5zdmciBAgBEA8-~/U5LmdmDbl10jU775/U5LmdmDbl10jU775/ 		189 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.unhcr.org/Assets/V2/ChFSRjFTNTAwMDAwMDAwMDAwNBIGVFJNaXNjGhtcVFJNaXNjXDRcOVwwXDRcUTBMMTJEUC5zdmciBAgBEA8-~/U5LmdmDbl10jU775/U5LmdmDbl10jU775/Q0L12DP.svg
Requested by
Host: media.unhcr.org
URL: https://media.unhcr.org/ClientFiles/COR/Styles/TEMP_SF0e0ac5/AdminV3_SkinFamily008b5c265f8bce7d45db10534fe821ca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.197.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-197-244.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
418522fbeee6479a33548ad839bea435149ebbc93f563381c76d2d49eb7dc52c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com checkout.stripe.com js.stripe.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media.unhcr.org/ClientFiles/COR/Styles/TEMP_SF0e0ac5/AdminV3_SkinFamily008b5c265f8bce7d45db10534fe821ca.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:13:37 GMT
content-security-policy
frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com checkout.stripe.com js.stripe.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='
x-content-type-options
nosniff, nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy-report-only
sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
content-disposition
inline; filename=Q0L12DP.svg;
content-length
189
x-xss-protection
1; mode=block
referrer-policy
same-origin
etag
"9f7382012dbca16c"
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, HEAD, OPTIONS, PUT, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
feature-policy
geolocation 'none'
access-control-max-age
86400
accept-ranges
bytes
access-control-allow-headers
*
OLXMSC3092.png
media.unhcr.org/Assets/V2/ChFSRjFTNTAwMDAwMDAwMDAwNBIGVFJNaXNjGh5cVFJNaXNjXDFcZVw0XGNcT0xYTVNDMzA5Mi5wbmciBAgBEA8-~/INZSqgdAyVeLt4Qt/INZSqgdAyVeLt4Qt/ 		247 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.unhcr.org/Assets/V2/ChFSRjFTNTAwMDAwMDAwMDAwNBIGVFJNaXNjGh5cVFJNaXNjXDFcZVw0XGNcT0xYTVNDMzA5Mi5wbmciBAgBEA8-~/INZSqgdAyVeLt4Qt/INZSqgdAyVeLt4Qt/OLXMSC3092.png
Requested by
Host: media.unhcr.org
URL: https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.197.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-197-244.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
3c02368c0b5a99314831f8b6853fe64d936f35ac44452d334dc3747e81033dfa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com checkout.stripe.com js.stripe.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:13:37 GMT
content-security-policy
frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com checkout.stripe.com js.stripe.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='
x-content-type-options
nosniff, nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy-report-only
sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
content-disposition
inline; filename=OLXMSC3092.png;
content-length
247
x-xss-protection
1; mode=block
referrer-policy
same-origin
etag
"9f7382012dbca16c"
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, HEAD, OPTIONS, PUT, DELETE
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
feature-policy
geolocation 'none'
access-control-max-age
86400
accept-ranges
bytes
access-control-allow-headers
*
OLXMSC3088.png
media.unhcr.org/Assets/V2/ChFSRjFTNTAwMDAwMDAwMDAwNBIGVFJNaXNjGh5cVFJNaXNjXDRcYVxlXGNcT0xYTVNDMzA4OC5wbmciBAgBEA8-~/qRCDh31k7AYmwGoz/qRCDh31k7AYmwGoz/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.unhcr.org/Assets/V2/ChFSRjFTNTAwMDAwMDAwMDAwNBIGVFJNaXNjGh5cVFJNaXNjXDRcYVxlXGNcT0xYTVNDMzA4OC5wbmciBAgBEA8-~/qRCDh31k7AYmwGoz/qRCDh31k7AYmwGoz/OLXMSC3088.png
Requested by
Host: media.unhcr.org
URL: https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.197.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-197-244.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
99c53addc6c6081e32779304fc593a7ebad97830769cd117455d264f3a1c4e5a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com checkout.stripe.com js.stripe.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:13:37 GMT
content-security-policy
frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com checkout.stripe.com js.stripe.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='
x-content-type-options
nosniff, nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy-report-only
sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
content-disposition
inline; filename=OLXMSC3088.png;
content-length
1110
x-xss-protection
1; mode=block
referrer-policy
same-origin
etag
"9f7382012dbca16c"
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, HEAD, OPTIONS, PUT, DELETE
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
feature-policy
geolocation 'none'
access-control-max-age
86400
accept-ranges
bytes
access-control-allow-headers
*
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300;400;600&family=Fira+Sans+Extra+Condensed:wght@300;400;600&family=Fira+Sans:wght@300;400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://media.unhcr.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 17:45:59 GMT
x-content-type-options
nosniff
age
350857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23880
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Aug 2024 17:45:59 GMT
va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300;400;600&family=Fira+Sans+Extra+Condensed:wght@300;400;600&family=Fira+Sans:wght@300;400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8fb86afe5b79eaff2c4a5a44459de5444d04a7b395fd7bd627e70b95e5e5347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://media.unhcr.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 07:35:26 GMT
x-content-type-options
nosniff
age
128290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23620
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Aug 2024 07:35:26 GMT
wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasanscondensed/v10/wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300;400;600&family=Fira+Sans+Extra+Condensed:wght@300;400;600&family=Fira+Sans:wght@300;400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://media.unhcr.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 06:58:21 GMT
x-content-type-options
nosniff
age
44115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22768
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:50:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 06:58:21 GMT
Resolution.aspx
media.unhcr.org/htm/ 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://media.unhcr.org/htm/Resolution.aspx?W=1600&H=1200&dummy=1693077217010
Requested by
Host: media.unhcr.org
URL: https://media.unhcr.org/Include/TEMP3/638261442210000000.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.197.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-197-244.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d3a051bc285e3edf10eab58d200d5cc210542b8e81760b49d4bad197b6a97d35
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com checkout.stripe.com js.stripe.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:13:37 GMT
content-encoding
gzip
referrer-policy
same-origin
content-security-policy
frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com checkout.stripe.com js.stripe.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='
x-content-type-options
nosniff, nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
content-security-policy-report-only
sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
cache-control
private
feature-policy
geolocation 'none'
content-length
6027
x-xss-protection
1; mode=block
638261442210000000_dyn.js
media.unhcr.org/Include/TEMP3/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.unhcr.org/Include/TEMP3/638261442210000000_dyn.js?version=MjAyMy0wNy0zMSAwOTowNTowOC4wMDA
Requested by
Host: media.unhcr.org
URL: https://media.unhcr.org/Include/TEMP3/638261442210000000.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.197.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-197-244.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
59665870578859cae82c34d086e2ccc0f18e4a1c97ea4eb5efb14be4bafc24a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 03 Aug 2023 17:40:56 GMT
etag
"04418a831c6d91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
17879
AlterSession.aspx
media.unhcr.org/htm/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://media.unhcr.org/htm/AlterSession.aspx?BrowserTimezoneOffset=-120
Requested by
Host: media.unhcr.org
URL: https://media.unhcr.org/Include/TEMP3/638261442210000000.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.197.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-197-244.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com checkout.stripe.com js.stripe.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:13:37 GMT
content-security-policy
frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com checkout.stripe.com js.stripe.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='
referrer-policy
same-origin
x-content-type-options
nosniff, nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
SAMEORIGIN
content-security-policy-report-only
sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
content-type
text/html
cache-control
private
feature-policy
geolocation 'none'
content-length
0
x-xss-protection
1; mode=block
truncated
/ 		261 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4ba57009f834d94ca9320bf2fd9d58392894132cb6e424503990c1ec3ae4d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
Resolution.aspx
media.unhcr.org/htm/ 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://media.unhcr.org/htm/Resolution.aspx?W=1600&H=1200&dummy=1693077218316
Requested by
Host: media.unhcr.org
URL: https://media.unhcr.org/Include/TEMP3/638261442210000000.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.197.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-197-244.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
1788bffa3b40e73a5dd8bda7a37c2fe51bdf381e742ba3dc258367722bbd7f1b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com checkout.stripe.com js.stripe.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:13:38 GMT
content-encoding
gzip
referrer-policy
same-origin
content-security-policy
frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com checkout.stripe.com js.stripe.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='
x-content-type-options
nosniff, nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
content-security-policy-report-only
sandbox allow-scripts allow-same-origin allow-popups allow-downloads allow-forms allow-modals
cache-control
private
feature-policy
geolocation 'none'
content-length
6026
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

277 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture boolean| CSPEnabled function| UtilsLoadScript function| UtilsEvalScripts function| UtilsEvalScriptsWithResult function| UtilsValidateNonceAlt function| UtilsValidateNonce function| CSP function| DOMChangesQueue function| FastArray function| $Elt function| $E function| $PI function| $S function| $SetStyle function| $SetCss function| $AddClass function| $RemoveClass function| $ReplaceClass function| $HasClass function| $SwitchClass function| $Control function| $AddEvent function| $AddAction function| $LS function| $LE function| CacheMgr function| ConstProperties function| ConstValues function| ControlHeap function| ControlMgr function| ControlsUtils function| CtrlEventMgr function| CtrlEvent function| Dependency function| HistoryMgr function| ImageMgr function| PositionItem function| GetHeightIFrame function| GetWidthIFrame function| getStyle function| PositionMgr function| PostRenderMgr function| PreRenderMgr function| Point function| ResizeMgr function| Collection function| EventItem function| EventTable function| RegisterControlEvent function| RegisterButtonEvent function| RegisterButtonClickDblClickEvent function| RegisterTextAreaEvent function| RegisterImageEvent function| TriggerItem function| TriggerTable function| VFormInfoItem function| VFormInfoTable function| DraggableItem function| DroppableItem function| BindableElementsMgr function| BreadcrumbPositionMgr function| FramesMgr function| MultipleSelectionMgr function| SelectionItem function| InitializeMediaResumableUpload function| StackMgr function| StringBuilder function| StyleMgr function| TemplatesMgr function| WaitingPopupMgr function| ClearAction function| CloseWindowAction function| CollapsePanelAction function| ExecuteScriptAction function| ParamValueUpdateAction function| RefreshMgrAction function| BlurAdvEvent function| BlurEvent function| ChangeEvent function| ClickDeferredMgr function| ClickDeferredEvent function| ClickEvent function| ClickOutEvent function| DragFilesInBrowserEvent function| FocusEvent function| ControlKeyboardEvent function| MouseDownEvent function| OrientationChangeEvent function| OutEvent function| OverEvent function| ScrollDownEvent function| ScrollUpEvent function| ShortcutEvent function| ShowEvent function| SwipeEvent function| WindowExitEvent function| WindowResizeEvent function| AutoCompContainer function| AutoCompInvokedWithChar function| AutoCompletionProperties function| AutoCompMultiEntry function| AutoCompTextarea function| ComplexAutoCompProperties function| AdvancedVisibilityMgr function| AttachZoomForImage function| AttachZoomForLabel function| HandleAttachZoom function| HandleAyncAttachZoom function| AttachZoom function| SetImageResponsive function| GetParentWidth function| IsInEditMode function| AutoExpandHeight function| AutoScaleProperties function| AutoScroll function| ClassProperties function| ClearCacheProperties function| ClipboardProperties function| CommandProperties function| M5ServerContextMenuHandler function| CustomScrollbarProperties function| DeactivateBackProperties function| DefaultActionProperties function| DeferInject function| DragProperties function| DropProperties function| DynamicChildrenVisibilityMgr function| DynamicChildrenVisibilityProperties function| EditableTable function| EffectProperties function| FileNameOnDropProperties function| FixedPos function| FixedProperties function| FocusProperties function| FoldProperties function| FreeHtmlContainer function| GlobalDataProviderProperties function| HyperlinkProperties function| InPlaceEditorProperties function| LoadingAjaxMgr function| LoadingAjaxProperties function| LoadingPostBackMgr function| LoadingPostBackProperties function| LoadingProperties function| MatrixEventProperties function| MenuProperties function| MenuGroupMgr function| MountMgr function| MountProperties function| MultipleSourcesProperties function| PositionGroupProperties function| ProcessLinkAnchorsForLabel function| RelativeProperties function| ReorderProperties function| RequiredProperties function| ResizableProperties function| ResizeProperties function| RulerProperties function| ScrollProperties function| ScrollbarMgr function| ScrollTargetProperties function| ScrollTargetMgr function| SelectAllProperties function| SelectionProperties function| SequenceLoadingProperties function| SequenceLoadingMgr function| SlideShowProperties function| TempSourceProperties function| TooltipProperties object| TooltipMgr function| UserDropImagesProperties function| VisibilityObserverMgr function| ZoomProperties function| AudioCtrl function| AudioPlayer function| AutoCompletionCtrl function| ButtonCtrl function| ChartCtrl function| ChartV2Ctrl function| CheckBoxCtrl function| CropCtrl function| DataTableCtrl function| DateCtrl function| DropDownListCtrl function| FlashCtrl function| HiddenCtrl function| HyperlinkCtrl function| ImageCtrl function| LabelCtrl function| MapCtrl function| MapMarkerCtrl function| MeetingFlashQR function| MenuMgr function| MenuCtrl function| PanelAdvancedCtrl function| PanelCtrl function| PanelColCtrl function| PanelPopupCtrl function| PanelTableCtrl function| ParameterBoolCtrl function| ParameterEnumCtrl function| ParameterStrCtrl function| ParameterNumCtrl function| ParamControl object| ParamMgr function| Popup function| RadioButtonListCtrl function| RatingCtrl function| SlideshowCtrl function| SlideshowMgr function| TextAreaCtrl function| TextBoxCtrl function| TextBoxPasswordCtrl function| TimeCtrl function| UploadCtrl function| UploadFieldCtrl function| VideoCtrl function| GetHtml5Player object| Param boolean| M3IECompatMode object| Utils number| giContextMenuCounter object| Matrix3 string| sLocH object| TriggerTableHelper function| widgetsAutocomplete object| DragDropMgr object| DragDropReorderMgr object| TranslationMode object| addthis_share object| IntervalTreeUtils function| fConfirmOngoingUploads object| SimpleTooltip object| swfobject object| VFormEffects object| WysiwygManager object| AutoCompletionMgr boolean| bMyZoomDarkMode object| SizeLearningMgr object| UserDropImagesPropertiesMgr object| CollaborationManager object| MatrixDebug object| Effect object| NodeJsModule object| NodeJsExports function| ElementQueries function| ResizeSensor object| moStyleCache object| DebugTooltip object| exprEval function| $ function| jQuery function| tmpl function| uuidv4 object| clipboard function| mediumZoom object| Papa object| PubSub function| Resumable object| EventControlAction_ClickHandlers function| PreloadMgr object| iziToast object| store function| M3PrepareLBPicker function| ResumableUpload object| UploadItemStatus function| getCaretCoordinates object| Prism function| CodeHighlight function| M5ContextMenuHander object| DynamicTemplatesMgr boolean| UseBootstrap number| iWidth number| iHeight number| miNextLineOrthogonalCoords function| BarRating

7 Cookies

Domain/Path Name / Value
media.unhcr.org/ Name: RF1-Session__162A16FE
Value: ckjuk1klxumrt35qdxx2xvuw
media.unhcr.org/ Name: CortexCID_RF1
Value: guMQgQX6220Q3yuv
media.unhcr.org/ Name: rdrl
Value: AWIoyA5V1MW5ruNP6gzzSLs8u9BmYDwOoiWYz02bvXHl7vwqvwWEbn9Q736dHuWZ3ttt1y+5w1ur7U0BBccZOaXHPj3uZx6Q6qYTHJNWdqw=
media.unhcr.org/ Name: rdrs
Value: AWIoyA5V1MW5ruNP6gzzSLs8u9BmYDwOoiWYz02bvXHl7vwqvwWEbn9Q736dHuWZ3ttt1y+5w1ur7U0BBccZOYdTBiR1wYoEO2ak4LVkIK4=
media.unhcr.org/ Name: RF1-Session__162A16FE-Alt
Value: ckjuk1klxumrt35qdxx2xvuw
media.unhcr.org/ Name: AWSALB
Value: F5aaj0FOXVyA45EMsdZdLQEbgsOy1Wy2TaWwk8wJ5vdHmYWO5CM7m7OYJIosacSEXvQ/K4e4LxOmz3tTiJeiGBaB8GP5xScSoa6VNcqIGeYDIC50jGxxdcYENvOb
media.unhcr.org/ Name: AWSALBCORS
Value: F5aaj0FOXVyA45EMsdZdLQEbgsOy1Wy2TaWwk8wJ5vdHmYWO5CM7m7OYJIosacSEXvQ/K4e4LxOmz3tTiJeiGBaB8GP5xScSoa6VNcqIGeYDIC50jGxxdcYENvOb

3 Console Messages

Source Level URL
Text
security error URL: https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False
Message:
The Content Security Policy directive 'sandbox' is ignored when delivered in a report-only policy.
security error URL: https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False(Line 11)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='". Either the 'unsafe-inline' keyword, a hash ('sha256-XhyKpt0kJchXiZO7afAv1omwnpa3FgeJxKr2buammZ8='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://media.unhcr.org/CS.aspx?VP3=LoginRegistration&L=True&R=False(Line 11)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='". Either the 'unsafe-inline' keyword, a hash ('sha256-Jhkutf0IMquNTFRUeTFnd2Ky1SBaq04lXYqSVamMYJw='), or a nonce ('nonce-...') is required to enable inline execution.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';frame-src orangelogic-my.sharepoint.com s7.addthis.com downloads.orangelogic.com view.officeapps.live.com checkout.stripe.com js.stripe.com accounts.google.com 'self';object-src 'none';base-uri 'self';form-action 'self' ;script-src 'self' blob: *.google-analytics.com js.stripe.com checkout.stripe.com 'nonce-MTMyZWM2ZWI1YjNmZmFhMGRmOTFlNDhiOWE3ZGNlMzk='
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
media.unhcr.org
2606:4700::6812:acf
2a00:1450:4001:80b::2003
2a00:1450:4001:82f::200a
35.81.197.244
07e11652262e211b28c7aead5983d029d1aea8c57cee673119bd852bd1ecac93
1788bffa3b40e73a5dd8bda7a37c2fe51bdf381e742ba3dc258367722bbd7f1b
3c02368c0b5a99314831f8b6853fe64d936f35ac44452d334dc3747e81033dfa
418522fbeee6479a33548ad839bea435149ebbc93f563381c76d2d49eb7dc52c
503c2f076df7ef4c8ec7d753f65afa2d448b663dfb661b67460ed5d03b663f4e
59665870578859cae82c34d086e2ccc0f18e4a1c97ea4eb5efb14be4bafc24a4
59d2601966d6dac6ff711545b82d09c00c4e070c8ba7c9a9f42a5baa472e3d43
5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07
705243433505e2052c0f1ec2c85f3b1dac949338e85dfb178e0915bab7a571c7
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
859e0d54ce7aae5de46f9ac67a24313fed8bd042baa8cd3135a1395db5aef5c6
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
8a0c94f567d59c97f03ea63ba5a3336e9b548a06606da00d7ed5f895658dc915
8fb92dd9ba4672ec5714f34ec56697afefd209d80b21c3d87fff32b42b6ab0a5
99c53addc6c6081e32779304fc593a7ebad97830769cd117455d264f3a1c4e5a
b10f11e04cdcb585e127ffda10a7b66a6b69170f2d42438346db4d0c2ab3c2c1
c03648d5942c77a33eff64037c96e24ce8dbce2c877d9163e041ea2e36b83608
cc16f720b0a434ad9649225048eb212f38d07191d8b0bdf33dfa86044cf210bb
d3a051bc285e3edf10eab58d200d5cc210542b8e81760b49d4bad197b6a97d35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4ba57009f834d94ca9320bf2fd9d58392894132cb6e424503990c1ec3ae4d04
f8fb86afe5b79eaff2c4a5a44459de5444d04a7b395fd7bd627e70b95e5e5347