urlscan.io logo urlscan.io
SecurityTrails logo

stepwithrefugees.org Open in urlscan Pro
167.99.129.42  Public Scan

Go To Rescan Add Verdict Report
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Submission: On September 09 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 27 HTTP transactions. The main IP is 167.99.129.42, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is stepwithrefugees.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 25th 2019. Valid for: 3 months.
This is the only time stepwithrefugees.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 167.99.129.42 14061 (DIGITALOC...)
5 2600:9000:205... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 147.75.84.99 54825 (PACKET)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 147.75.83.123 54825 (PACKET)
1 147.75.204.222 54825 (PACKET)
27 10
13    167.99.129.42 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
stepwithrefugees.org
5    2600:9000:2057:2e00:6:ea06:d140:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
unhcr.cdn.prismic.io
1    2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    147.75.84.99 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
static.hotjar.com
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
2    2606:4700:10::6814:8d70 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.unhcr.org
1    147.75.83.123 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-3
script.hotjar.com
1    147.75.204.222 (Chicago, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-5
vars.hotjar.com
Domain Requested by
13 stepwithrefugees.org stepwithrefugees.org
5 unhcr.cdn.prismic.io stepwithrefugees.org
2 www.unhcr.org www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
stepwithrefugees.org
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.google.de stepwithrefugees.org
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 static.hotjar.com www.googletagmanager.com
1 www.googletagmanager.com stepwithrefugees.org
27 11

This site contains links to these domains. Also see Links.

Domain
donate.unhcr.org
twitter.com
www.facebook.com
www.instagram.com
www.youtube.com
www.unhcr.org
Subject Issuer Validity Valid
*.stepwithrefugees.com
Let's Encrypt Authority X3		 2019-06-25 -
2019-09-23		 3 months crt.sh
*.cdn.prismic.io
Amazon		 2018-10-18 -
2019-11-18		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2019-08-07 -
2019-11-05		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
www.unhcr.org
Thawte EV RSA CA 2018		 2018-11-20 -
2020-11-19		 2 years crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2019-08-07 -
2019-11-05		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2019-08-07 -
2019-11-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Frame ID: 55CCE7C2FC1128815B1BC3298E4FAB74
Requests: 27 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: C2D9FB31DDA11854C92ED5C1DF706117
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^Netlify/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Page Statistics

27
Requests

100 %
HTTPS

64 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

1608 kB
Transfer

3982 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-1473340-42&cid=441738309.1568048421&jid=1020056193&gjid=1762882893&_gid=68963848.1568048421&_u=YGBAgEAB~&z=1014994899 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1473340-42&cid=441738309.1568048421&jid=1020056193&_v=j79&z=1014994899 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1473340-42&cid=441738309.1568048421&jid=1020056193&_v=j79&z=1014994899&slf_rd=1&random=3457519128

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
stepwithrefugees.org/en/ 		80 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.99.129.42 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
3a10d240d0d00067974d4ce9294ac77e55bd9d8a4658e91492962bab3e4a1958
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
stepwithrefugees.org
:scheme
https
:path
/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
content-type
text/html; charset=UTF-8
date
Mon, 09 Sep 2019 15:04:14 GMT
etag
"214945ff740e31fc49c2c560be00052b-ssl-df"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
content-encoding
gzip
age
6966
content-length
20117
server
Netlify
vary
Accept-Encoding
cache-control
public,max-age=0,must-revalidate
x-nf-request-id
8ad36687-3328-4b1b-b441-1ff161f45f67-1332934
styles.css
stepwithrefugees.org/assets/css/ 		140 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stepwithrefugees.org/assets/css/styles.css?b=1568041258278
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.99.129.42 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
4fbd84b71478d18ac359934079bcce96fb9d0a498a32beab51b71269a861c793
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
8ad36687-3328-4b1b-b441-1ff161f45f67-1333215
date
Mon, 09 Sep 2019 15:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7006
status
200
strict-transport-security
max-age=31536000; preload
content-length
20365
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Netlify
x-frame-options
SAMEORIGIN
etag
"67e93b9990b43c30cc8577fa8a337fd2-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
9b98642899794bb6f4926c0d9e07ec8c1e3ec164_unhcr_logo.png
unhcr.cdn.prismic.io/unhcr/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unhcr.cdn.prismic.io/unhcr/9b98642899794bb6f4926c0d9e07ec8c1e3ec164_unhcr_logo.png
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:2e00:6:ea06:d140:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
749eabc8ab2123235f41fee1027559700a107cf58defb2b231a1dfad103f8e52

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 06 Aug 2019 09:30:24 GMT
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
last-modified
Mon, 17 Dec 2018 13:36:04 GMT
server
AmazonS3
age
2964597
etag
"c286a9000c12d284af84f3bed46f5e99"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=315360000
content-disposition
9b98642899794bb6f4926c0d9e07ec8c1e3ec164_unhcr_logo.png
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
6455
x-amz-cf-id
2m1AOR-QDM9GgVxGzulQKPyRYI2RLsKN26Qoa6gN8K-v7n8hTS-NQg==
bebbfbd9a192be20b442b62592fba942761ddad3_unhcr_logo_white.png
unhcr.cdn.prismic.io/unhcr/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unhcr.cdn.prismic.io/unhcr/bebbfbd9a192be20b442b62592fba942761ddad3_unhcr_logo_white.png
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:2e00:6:ea06:d140:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9c814ac28cac0289f25b98e49067e5ee7f5ea97d2b4cdd1aa8342a7d04a6953

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 06 Aug 2019 09:30:24 GMT
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
last-modified
Mon, 17 Dec 2018 13:36:04 GMT
server
AmazonS3
age
2964597
etag
"b0848f96fe55b9b7038d3292a757f44b"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=315360000
content-disposition
bebbfbd9a192be20b442b62592fba942761ddad3_unhcr_logo_white.png
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
6052
x-amz-cf-id
Ah-7EzvU_iwBDd2lADFKWTccPIqp6xyu9MdjdceT6kBASXoxVAIqZA==
vendor.bundle.js
stepwithrefugees.org/assets/js/ 		324 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stepwithrefugees.org/assets/js/vendor.bundle.js?b=1568041258278
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.99.129.42 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
99a773f1f8ac855ad13e22b7d9eae683eaf7f1d352b971db532d0b6b27aa3512
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
8ad36687-3328-4b1b-b441-1ff161f45f67-1333217
date
Mon, 09 Sep 2019 15:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7006
status
200
strict-transport-security
max-age=31536000; preload
content-length
97243
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Netlify
x-frame-options
SAMEORIGIN
etag
"97dbc114c90fd6cee187e5dbc754fe86-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
app.bundle.js
stepwithrefugees.org/assets/js/ 		2 MB
437 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stepwithrefugees.org/assets/js/app.bundle.js?b=1568041258278
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.99.129.42 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
683460f01f7ed9df1432bba0eccbc6f25da2b4c0d947920f634d52659c53b095
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
8ad36687-3328-4b1b-b441-1ff161f45f67-1333220
date
Mon, 09 Sep 2019 15:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7006
status
200
strict-transport-security
max-age=31536000; preload
content-length
446630
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Netlify
x-frame-options
SAMEORIGIN
etag
"c0fb23b676bd5c6fbe4c62959d6f1ecc-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
gtm.js
www.googletagmanager.com/ 		108 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PJMVDQP
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1d26980c7b9245abbc0ceb918d62fb42a119f05142d0d5cad3e00e5a2a6ffa86
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Sep 2019 17:00:21 GMT
content-encoding
br
last-modified
Mon, 09 Sep 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
32394
x-xss-protection
0
expires
Mon, 09 Sep 2019 17:00:21 GMT
79c7bbd013fa5ce5b8fcf6837decb90d9ce4b6ed_rf294054_20170307-1728-_daz8741-da.jpg
unhcr.cdn.prismic.io/unhcr/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unhcr.cdn.prismic.io/unhcr/79c7bbd013fa5ce5b8fcf6837decb90d9ce4b6ed_rf294054_20170307-1728-_daz8741-da.jpg
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:2e00:6:ea06:d140:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
723c38dac5e07f171bcecc0d91a414db49d48f68b2d13702f57bbdc0107c6bf2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 14 Jun 2019 03:46:21 GMT
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
last-modified
Thu, 29 Mar 2018 11:27:33 GMT
server
AmazonS3
age
7564441
etag
"b093ef1a702f7b9af34a180183153321"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=315360000
content-disposition
79c7bbd013fa5ce5b8fcf6837decb90d9ce4b6ed_rf294054_20170307-1728-_daz8741-da.jpg
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
89969
x-amz-cf-id
QB3ivGzJMC-0BshHMQCmmFp6Dl5ltfvtKGlezcY06otn9zELBJQHQA==
0ba670e8b627b6b859fa1a2f3babd0b2cfb3f060_rf2135590_unhcr-rohingya-psp-1---3-nov-2017-080.jpg
unhcr.cdn.prismic.io/unhcr/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unhcr.cdn.prismic.io/unhcr/0ba670e8b627b6b859fa1a2f3babd0b2cfb3f060_rf2135590_unhcr-rohingya-psp-1---3-nov-2017-080.jpg
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:2e00:6:ea06:d140:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71bace2b97bd4c1d8d6dfd4389e5a531f253321e57f4e2e713321c82de1b8ed4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 08 Aug 2019 03:35:30 GMT
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
last-modified
Thu, 29 Mar 2018 12:13:19 GMT
server
AmazonS3
age
2813092
etag
"2ac56316f5ee8c38b47a24a6d3222fa9"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=315360000
content-disposition
0ba670e8b627b6b859fa1a2f3babd0b2cfb3f060_rf2135590_unhcr-rohingya-psp-1---3-nov-2017-080.jpg
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
67109
x-amz-cf-id
aY21aaWAtseA-eC3u8Pr6E2ifHgCGHH3UB0p8deEGVwGuEQQdmTm_g==
da1d262565ec887ad1a653b370e18e9bd5658cf3_rf2139127_20171123-0904-2017-11-24-1421-da.jpg
unhcr.cdn.prismic.io/unhcr/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unhcr.cdn.prismic.io/unhcr/da1d262565ec887ad1a653b370e18e9bd5658cf3_rf2139127_20171123-0904-2017-11-24-1421-da.jpg
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:2e00:6:ea06:d140:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5cce55cd2035de9c4575012a877e947dafb0bc4001569fc387635a2bcb8ddd51

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 05 Jul 2019 02:35:08 GMT
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
last-modified
Thu, 29 Mar 2018 12:42:02 GMT
server
AmazonS3
age
5754314
etag
"741f6d4ea3cbd78862b3048b4517b884"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=315360000
content-disposition
da1d262565ec887ad1a653b370e18e9bd5658cf3_rf2139127_20171123-0904-2017-11-24-1421-da.jpg
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
83706
x-amz-cf-id
P_JOCQATM6D_jBG204pGLxBXYSDLf2QfmGWVkiVAY0i_RHiJKokEQA==
hp-back.jpg
stepwithrefugees.org/assets/img/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stepwithrefugees.org/assets/img/hp-back.jpg
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.99.129.42 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
7c9bcdc341dadf7b7d20defa5951ecd6e265c4673cc388414ac048208c005d3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
8ad36687-3328-4b1b-b441-1ff161f45f67-1333723
date
Mon, 09 Sep 2019 15:04:14 GMT
referrer-policy
no-referrer-when-downgrade
server
Netlify
age
6967
etag
"3e97651afa0f05939ec35dae61dbb478-ssl"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
cache-control
public,max-age=0,must-revalidate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
32018
x-xss-protection
1; mode=block
hp-left.jpg
stepwithrefugees.org/assets/img/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stepwithrefugees.org/assets/img/hp-left.jpg
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.99.129.42 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
bca513665885a8c0c683542e55faf0b5f273a4972e27885a802d22ffdb21b3a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
8ad36687-3328-4b1b-b441-1ff161f45f67-1333724
date
Mon, 09 Sep 2019 15:04:14 GMT
referrer-policy
no-referrer-when-downgrade
server
Netlify
age
6967
etag
"75c9b9300fd4122075fa13081ab0097f-ssl"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
cache-control
public,max-age=0,must-revalidate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
49122
x-xss-protection
1; mode=block
hp-right.jpg
stepwithrefugees.org/assets/img/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stepwithrefugees.org/assets/img/hp-right.jpg
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.99.129.42 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
578f8300ac31042cf6085871632abfb1ac5386653eab33301685af181d57a559
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
8ad36687-3328-4b1b-b441-1ff161f45f67-1333725
date
Mon, 09 Sep 2019 15:04:14 GMT
referrer-policy
no-referrer-when-downgrade
server
Netlify
age
6967
etag
"3a2ff309382d59d08c7ff035663d3324-ssl"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
cache-control
public,max-age=0,must-revalidate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
108262
x-xss-protection
1; mode=block
truncated
/ 		144 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60fa06852fac0c595fd84a648766dd18535aea5bcda6b363a245c85c312068a3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
proximanova-bold-webfont.woff2
stepwithrefugees.org/assets/fonts/ 		90 KB
91 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stepwithrefugees.org/assets/fonts/proximanova-bold-webfont.woff2
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.99.129.42 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
3c2a004a9d9ecaa8b4bbf1ed752e61fc4d6ba660d5dcbd552ccc231df421f18d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://stepwithrefugees.org/assets/css/styles.css?b=1568041258278
Origin
https://stepwithrefugees.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
8ad36687-3328-4b1b-b441-1ff161f45f67-1333726
date
Mon, 09 Sep 2019 15:03:35 GMT
referrer-policy
no-referrer-when-downgrade
server
Netlify
age
7006
etag
"7ba28ed0a15358b31261aa32c17b2e07-ssl"
x-frame-options
SAMEORIGIN
content-type
font/woff2
status
200
cache-control
public,max-age=0,must-revalidate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
92596
x-xss-protection
1; mode=block
proximanova-boldit-webfont.woff2
stepwithrefugees.org/assets/fonts/ 		99 KB
99 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stepwithrefugees.org/assets/fonts/proximanova-boldit-webfont.woff2
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.99.129.42 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
aac9d5f42d9c276de47b55c69c7adde720f0d38bc06af1e119a3c1c926863b9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://stepwithrefugees.org/assets/css/styles.css?b=1568041258278
Origin
https://stepwithrefugees.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
8ad36687-3328-4b1b-b441-1ff161f45f67-1333727
date
Mon, 09 Sep 2019 15:03:35 GMT
referrer-policy
no-referrer-when-downgrade
server
Netlify
age
7006
etag
"b2a0496f422eb85f6fd3d05cefe8e8c3-ssl"
x-frame-options
SAMEORIGIN
content-type
font/woff2
status
200
cache-control
public,max-age=0,must-revalidate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
101024
x-xss-protection
1; mode=block
proximanova-extraboldit-webfont.woff2
stepwithrefugees.org/assets/fonts/ 		95 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stepwithrefugees.org/assets/fonts/proximanova-extraboldit-webfont.woff2
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.99.129.42 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
0351f659200c5b604512c3c574331643cb2a46c2aa0ed16f2766416a827d1c99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://stepwithrefugees.org/assets/css/styles.css?b=1568041258278
Origin
https://stepwithrefugees.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
8ad36687-3328-4b1b-b441-1ff161f45f67-1333728
date
Mon, 09 Sep 2019 15:03:35 GMT
referrer-policy
no-referrer-when-downgrade
server
Netlify
age
7006
etag
"7922225d2cde348abe27e8e31995262e-ssl"
x-frame-options
SAMEORIGIN
content-type
font/woff2
status
200
cache-control
public,max-age=0,must-revalidate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
97776
x-xss-protection
1; mode=block
proximanova-regularit-webfont.woff2
stepwithrefugees.org/assets/fonts/ 		99 KB
99 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stepwithrefugees.org/assets/fonts/proximanova-regularit-webfont.woff2
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.99.129.42 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
89ffa5105a50efe711fe645678bc401f27e5bd5732b0afedf4a12d4fef0c57b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://stepwithrefugees.org/assets/css/styles.css?b=1568041258278
Origin
https://stepwithrefugees.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
8ad36687-3328-4b1b-b441-1ff161f45f67-1333729
date
Mon, 09 Sep 2019 15:03:35 GMT
referrer-policy
no-referrer-when-downgrade
server
Netlify
age
7006
etag
"8839d879a464f3be9e14f9071d05e6ad-ssl"
x-frame-options
SAMEORIGIN
content-type
font/woff2
status
200
cache-control
public,max-age=0,must-revalidate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
101584
x-xss-protection
1; mode=block
proximanova-regular-webfont.woff2
stepwithrefugees.org/assets/fonts/ 		90 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stepwithrefugees.org/assets/fonts/proximanova-regular-webfont.woff2
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.99.129.42 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify /
Resource Hash
40e82df055769db1c7cf017f15f5a65e933ce2f8ad5b044611c9c7ce09240e25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://stepwithrefugees.org/assets/css/styles.css?b=1568041258278
Origin
https://stepwithrefugees.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
8ad36687-3328-4b1b-b441-1ff161f45f67-1333730
date
Mon, 09 Sep 2019 15:03:35 GMT
referrer-policy
no-referrer-when-downgrade
server
Netlify
age
7006
etag
"c6e3f5c942c201f1cac6b325b863a2bb-ssl"
x-frame-options
SAMEORIGIN
content-type
font/woff2
status
200
cache-control
public,max-age=0,must-revalidate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
91896
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJMVDQP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1008
date
Mon, 09 Sep 2019 16:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Mon, 09 Sep 2019 18:43:33 GMT
hotjar-1080117.js
static.hotjar.com/c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1080117.js?sv=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJMVDQP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.84.99 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
1d47eaffb0acce46cf05f17522d1c272d2b1ea517a81cd00091f9287919f3aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Sep 2019 17:00:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
section-io-tag
hotjar
age
36
status
200
section-io-cache
Hit
vary
Accept-Encoding
content-length
1686
server
openresty
cache-control
max-age=60
x-frame-options
SAMEORIGIN
etag
W/330e9fef110ece024dc41b1f4db5f8b1
access-control-max-age
600
section-io-origin-status
304
access-control-allow-origin
*
x-cache-hit
1
section-io-origin-time-seconds
0.124
section-io-id
50d3717362ccd91ac9d324dbc5beb8a6
accept-ranges
bytes
content-type
application/javascript
collect
www.google-analytics.com/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1925894360&t=pageview&_s=1&dl=https%3A%2F%2Fstepwithrefugees.org%2Fen%2F%3Futm_source%3DCAMP%26utm_medium%3Demail%26utm_campaign%3DHQ_PS_EN_CAMP_stepwithrefugees-staffsignature&ul=en-us&de=UTF-8&dt=2%20billion%20kilometres%20to%20safety&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBAgEAB~&jid=1020056193&gjid=1762882893&cid=441738309.1568048421&tid=UA-1473340-42&_gid=68963848.1568048421&gtm=2wg8l2PJMVDQP&z=364460515
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 16:11:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1558136
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-1473340-42&cid=441738309.1568048421&jid=1020056193&gjid=1762882893&_gid=68963848.1568048421&_u=YGBAgEAB~&z=1014994899
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1473340-42&cid=441738309.1568048421&jid=1020056193&_v=j79&z=1014994899
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1473340-42&cid=441738309.1568048421&jid=1020056193&_v=j79&z=1014994899&slf_rd=1&random=3457519128
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1473340-42&cid=441738309.1568048421&jid=1020056193&_v=j79&z=1014994899&slf_rd=1&random=3457519128
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Sep 2019 17:00:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Sep 2019 17:00:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1473340-42&cid=441738309.1568048421&jid=1020056193&_v=j79&z=1014994899&slf_rd=1&random=3457519128
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
totaldistance
stepwithrefugees.org/ 		92 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stepwithrefugees.org/totaldistance
Requested by
Host: stepwithrefugees.org
URL: https://stepwithrefugees.org/assets/js/app.bundle.js?b=1568041258278
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.99.129.42 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Netlify / ASP.NET
Resource Hash
edb3c31d0d9e4c4b4f3a6c0e8e70c6a42da265491f1b7a86acce6a151233edc1

Request headers

Accept
application/json, text/plain, */*
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

x-nf-request-id
8ad36687-3328-4b1b-b441-1ff161f45f67-1333975
date
Mon, 09 Sep 2019 17:00:20 GMT
content-encoding
gzip
server
Netlify
age
1
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/json; charset=utf-8
status
200
cache-control
must-revalidate, max-age=3600, private
content-length
212
cookie-consent-step-translations.js
www.unhcr.org/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.unhcr.org/assets/js/cookie-consent-step-translations.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJMVDQP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8d70 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
58e480e4a2052001c8da26d0f2b87a6f3b2f16141ed5c2c9ade419678c77ee99

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Sep 2019 17:00:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Mar 2019 13:05:55 GMT
server
cloudflare
age
944
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86400
cf-ray
513ab7cafae259a6-VIE
access-control-allow-origin
http://rsq.unhcr.org
expires
Tue, 10 Sep 2019 17:00:21 GMT
modules.4d71caa5b820d76ee739.js
script.hotjar.com/ 		426 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.4d71caa5b820d76ee739.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1080117.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.83.123 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-3
Software
/
Resource Hash
38896119b5b0007bd7b5066e7c4825ed18a0a741890546619445250cdf4efadc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Sep 2019 17:00:21 GMT
content-encoding
br
last-modified
Thu, 05 Sep 2019 12:36:45 GMT
status
200
etag
"2b450139f51541542dec21ed468002e5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.063
section-io-origin-status
200
accept-ranges
bytes
section-io-id
7c217cf23f1018725a6ffac9bddfdd84
content-length
72902
box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame C2D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1080117.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.204.222 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-5
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-90f3a29ef7448451db5af955688970d7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature

Response headers

status
200
date
Mon, 09 Sep 2019 17:00:21 GMT
content-type
text/html
content-length
787
cache-control
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Aug 2019 14:18:56 GMT
etag
"5ee1a7ca3792b75767626ba3f51572aa"
section-io-origin-status
200
section-io-origin-time-seconds
0.057
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
e24043e89f2d41d0f15f35d6f15bee87
cookie-consent-stepwithrefugees.js
www.unhcr.org/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.unhcr.org/assets/js/cookie-consent-stepwithrefugees.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PJMVDQP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8d70 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4027481aa2e9ae1c5ff8f8eccd5d30ecbd4ece40ef9f633fc6f33e4fc118acfc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://stepwithrefugees.org/en/?utm_source=CAMP&utm_medium=email&utm_campaign=HQ_PS_EN_CAMP_stepwithrefugees-staffsignature
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Sep 2019 17:00:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Mar 2019 11:02:00 GMT
server
cloudflare
age
944
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86400
cf-ray
513ab7cb7b4d59a6-VIE
access-control-allow-origin
http://rsq.unhcr.org
expires
Tue, 10 Sep 2019 17:00:21 GMT

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| __INITIAL_STATE__ object| google_tag_manager function| postscribe string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| webpackJsonp object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin object| _gsQueue function| TimelineLite function| CSSPlugin string| version number| API number| defaultTransformPerspective string| defaultSkewType boolean| defaultSmoothOrigin object| suffixMap object| _internals function| getStyle function| parseColor function| colorStringFilter function| parseComplex function| registerSpecialProp boolean| useSVGTransformAttr function| cascadeTo object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup object| __routes__ object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| setup_EN function| setup_HK function| setup_JP function| setup_DE function| setCookie function| checkCookie function| do_consent_verification

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
stepwithrefugees.org
unhcr.cdn.prismic.io
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.unhcr.org
147.75.204.222
147.75.83.123
147.75.84.99
167.99.129.42
2600:9000:2057:2e00:6:ea06:d140:93a1
2606:4700:10::6814:8d70
2a00:1450:4001:819::2008
2a00:1450:4001:819::200e
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2004
2a00:1450:400c:c0c::9a
0351f659200c5b604512c3c574331643cb2a46c2aa0ed16f2766416a827d1c99
1d26980c7b9245abbc0ceb918d62fb42a119f05142d0d5cad3e00e5a2a6ffa86
1d47eaffb0acce46cf05f17522d1c272d2b1ea517a81cd00091f9287919f3aed
38896119b5b0007bd7b5066e7c4825ed18a0a741890546619445250cdf4efadc
3a10d240d0d00067974d4ce9294ac77e55bd9d8a4658e91492962bab3e4a1958
3c2a004a9d9ecaa8b4bbf1ed752e61fc4d6ba660d5dcbd552ccc231df421f18d
4027481aa2e9ae1c5ff8f8eccd5d30ecbd4ece40ef9f633fc6f33e4fc118acfc
40e82df055769db1c7cf017f15f5a65e933ce2f8ad5b044611c9c7ce09240e25
4fbd84b71478d18ac359934079bcce96fb9d0a498a32beab51b71269a861c793
578f8300ac31042cf6085871632abfb1ac5386653eab33301685af181d57a559
58e480e4a2052001c8da26d0f2b87a6f3b2f16141ed5c2c9ade419678c77ee99
5cce55cd2035de9c4575012a877e947dafb0bc4001569fc387635a2bcb8ddd51
60fa06852fac0c595fd84a648766dd18535aea5bcda6b363a245c85c312068a3
683460f01f7ed9df1432bba0eccbc6f25da2b4c0d947920f634d52659c53b095
71bace2b97bd4c1d8d6dfd4389e5a531f253321e57f4e2e713321c82de1b8ed4
723c38dac5e07f171bcecc0d91a414db49d48f68b2d13702f57bbdc0107c6bf2
749eabc8ab2123235f41fee1027559700a107cf58defb2b231a1dfad103f8e52
7c9bcdc341dadf7b7d20defa5951ecd6e265c4673cc388414ac048208c005d3c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89ffa5105a50efe711fe645678bc401f27e5bd5732b0afedf4a12d4fef0c57b0
99a773f1f8ac855ad13e22b7d9eae683eaf7f1d352b971db532d0b6b27aa3512
aac9d5f42d9c276de47b55c69c7adde720f0d38bc06af1e119a3c1c926863b9d
b9c814ac28cac0289f25b98e49067e5ee7f5ea97d2b4cdd1aa8342a7d04a6953
bca513665885a8c0c683542e55faf0b5f273a4972e27885a802d22ffdb21b3a3
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
edb3c31d0d9e4c4b4f3a6c0e8e70c6a42da265491f1b7a86acce6a151233edc1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629