www.unrefugees.org Open in urlscan Pro
35.84.137.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mail.aws.org/e3t/Ctc/LY+113/cX2Gf04/MVzkqkz5YRxW59CywN2Z92mJW2v98dD4H4vZ_N67vcn93lLB3V1-WJV7CgBlVW4p-NSN3HT3T...
Effective URL:
https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8...
Submission: On March 25 via manual (March 25th 2022, 9:20:54 pm UTC) from US — Scanned from DE

Summary HTTP 135 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 55 IPs in 7 countries across 49 domains to perform 135 HTTP transactions. The main IP is 35.84.137.25, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.unrefugees.org. The Cisco Umbrella rank of the primary domain is 275800.
TLS certificate: Issued by Amazon on December 8th 2021. Valid for: a year.

This is the only time www.unrefugees.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:67fe	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
17 26	35.84.137.25 35.84.137.25	16509 (AMAZON-02) (AMAZON-02)
6	2a02:26f0:fb:... 2a02:26f0:fb::5f65:58d1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	143.204.215.125 143.204.215.125	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
1	65.9.66.36 65.9.66.36	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c0c::5c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	18.117.52.137 18.117.52.137	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	35.190.72.228 35.190.72.228	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:ec00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	52.25.243.35 52.25.243.35	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c24c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 7	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2600:9000:224... 2600:9000:224a:e000:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.48.18.21 52.48.18.21	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 2	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	52.16.70.86 52.16.70.86	16509 (AMAZON-02) (AMAZON-02)
1	3.120.214.218 3.120.214.218	16509 (AMAZON-02) (AMAZON-02)
1	23.58.216.132 23.58.216.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.28.87.55 52.28.87.55	16509 (AMAZON-02) (AMAZON-02)
1 1	65.9.66.102 65.9.66.102	16509 (AMAZON-02) (AMAZON-02)
1 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	23.21.225.74 23.21.225.74	14618 (AMAZON-AES) (AMAZON-AES)
1 2	104.102.29.65 104.102.29.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.92.72.137 104.92.72.137	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4264:35be:ace0:b22e:18d9	14618 (AMAZON-AES) (AMAZON-AES)
1	3.127.157.8 3.127.157.8	16509 (AMAZON-02) (AMAZON-02)
1	52.50.214.249 52.50.214.249	16509 (AMAZON-02) (AMAZON-02)
1 2	3.122.93.90 3.122.93.90	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
13	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	99.86.1.140 99.86.1.140	16509 (AMAZON-02) (AMAZON-02)
1	162.247.242.18 162.247.242.18	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
135	55

2 2606:2c40::c73c:67fe (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

mail.aws.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 35.84.137.25 (Boardman, United States) 17 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-137-25.us-west-2.compute.amazonaws.com

www.unrefugees.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:fb::5f65:58d1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 143.204.215.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-125.fra53.r.cloudfront.net

cdn.unrefugees.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sandbox.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-36.fra56.r.cloudfront.net

static-na.payments-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0c::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

4647326.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.117.52.137 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-117-52-137.us-east-2.compute.amazonaws.com

collector-3219.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.228 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 228.72.190.35.bc.googleusercontent.com

www.tp88trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:ec00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.25.243.35 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-243-35.us-west-2.compute.amazonaws.com

lyibja.unrefugees.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ef::5c7b:c24c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 193.0.160.128 (United States) 3 redirects

ASN54312 (ROCKETFUEL, US)

20668909p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
20826429p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:e000:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.18.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-18-21.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.249 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.70.86 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-70-86.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.214.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.58.216.132 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-216-132.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.87.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-87-55.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.102 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-102.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.225.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-225-74.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.29.65 (Milan, Italy) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.72.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-137.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:35be:ace0:b22e:18d9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.157.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-157-8.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.214.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.93.90 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-93-90.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.1.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-140.fra6.r.cloudfront.net

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.18 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	unrefugees.org 17 redirects www.unrefugees.org — Cisco Umbrella Rank: 275800 cdn.unrefugees.org — Cisco Umbrella Rank: 684671 lyibja.unrefugees.org	1 MB
24	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2999 adservice.google.com — Cisco Umbrella Rank: 57 play.google.com — Cisco Umbrella Rank: 32	389 KB
10	doubleclick.net 5 redirects 4647326.fls.doubleclick.net — Cisco Umbrella Rank: 461761 ad.doubleclick.net — Cisco Umbrella Rank: 181 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	5 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	40 KB
7	rfihub.com 3 redirects 20668909p.rfihub.com — Cisco Umbrella Rank: 812206 20826429p.rfihub.com — Cisco Umbrella Rank: 411314 a.rfihub.com — Cisco Umbrella Rank: 2770 p.rfihub.com — Cisco Umbrella Rank: 631	10 KB
7	typekit.net use.typekit.net — Cisco Umbrella Rank: 427 p.typekit.net — Cisco Umbrella Rank: 527	150 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	267 KB
6	google.de adservice.google.de — Cisco Umbrella Rank: 8832 www.google.de — Cisco Umbrella Rank: 6433	2 KB
3	rlcdn.com 1 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 281	1008 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 338	12 KB
3	paypal.com www.paypal.com — Cisco Umbrella Rank: 2527 www.sandbox.paypal.com — Cisco Umbrella Rank: 38737	99 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 490	607 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 257	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 480	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	2 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 184	2 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 205	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	428 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 394	7 KB
2	tvsquared.com collector-3219.tvsquared.com — Cisco Umbrella Rank: 400101	9 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	171 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 839 pixel.quantserve.com — Cisco Umbrella Rank: 381	10 KB
2	aws.org 1 redirects mail.aws.org	4 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 550	322 B
1	cloudfront.net d6tizftlrpuof.cloudfront.net	2 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 306	14 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 375	338 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 393	238 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 940	183 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 980	191 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1667	109 B
1	rezync.com 1 redirects live.rezync.com — Cisco Umbrella Rank: 1633	785 B
1	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1182	105 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 469	614 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 899	344 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 289	239 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 437	676 B
1	usabilla.com w.usabilla.com — Cisco Umbrella Rank: 2579	11 KB
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5644	6 KB
1	turn.com r.turn.com — Cisco Umbrella Rank: 2672	398 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 779	715 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	983 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 792	1 KB
1	tp88trk.com www.tp88trk.com — Cisco Umbrella Rank: 29177	18 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 101	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	84 KB
1	payments-amazon.com static-na.payments-amazon.com — Cisco Umbrella Rank: 11926	19 KB
1	plyr.io cdn.plyr.io — Cisco Umbrella Rank: 14030	32 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	30 KB
135	49

	Domain	Requested by
26	www.unrefugees.org	17 redirects mail.aws.org www.unrefugees.org
17	cdn.unrefugees.org	www.unrefugees.org
13	play.google.com	www.gstatic.com
8	www.google-analytics.com	www.googletagmanager.com www.unrefugees.org www.gstatic.com www.google-analytics.com
6	use.typekit.net	www.unrefugees.org use.typekit.net
5	www.gstatic.com	www.google.com pay.google.com www.gstatic.com
5	www.google.com	www.unrefugees.org
4	p.rfihub.com	2 redirects
4	www.google.de	www.unrefugees.org
4	pay.google.com	www.unrefugees.org pay.google.com mail.aws.org www.gstatic.com
3	idsync.rlcdn.com	1 redirects www.unrefugees.org
3	stats.g.doubleclick.net	www.google-analytics.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.unrefugees.org
2	www.sandbox.paypal.com	www.paypal.com
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects
2	sync.search.spotxchange.com	1 redirects www.unrefugees.org
2	dsum-sec.casalemedia.com	1 redirects www.unrefugees.org
2	dpm.demdex.net	1 redirects www.unrefugees.org
2	ib.adnxs.com	1 redirects www.unrefugees.org
2	cm.g.doubleclick.net	2 redirects
2	www.facebook.com	www.unrefugees.org
2	lyibja.unrefugees.org	connect.facebook.net
2	adservice.google.de	www.unrefugees.org adservice.google.com
2	adservice.google.com	1 redirects 4647326.fls.doubleclick.net
2	ad.doubleclick.net	2 redirects
2	s.yimg.com	mail.aws.org s.yimg.com
2	collector-3219.tvsquared.com	mail.aws.org www.unrefugees.org
2	connect.facebook.net	mail.aws.org connect.facebook.net
2	4647326.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	mail.aws.org	1 redirects
1	bam.nr-data.net	js-agent.newrelic.com
1	d6tizftlrpuof.cloudfront.net	www.unrefugees.org
1	js-agent.newrelic.com	www.unrefugees.org
1	beacon.krxd.net	www.unrefugees.org
1	aa.agkn.com	www.unrefugees.org
1	partners.tremorhub.com	www.unrefugees.org
1	x.dlx.addthis.com	www.unrefugees.org
1	bpi.rtactivate.com	www.unrefugees.org
1	live.rezync.com	1 redirects
1	bs.serving-sys.com	www.unrefugees.org
1	contextual.media.net	www.unrefugees.org
1	ps.eyeota.net	www.unrefugees.org
1	pixel.rubiconproject.com	www.unrefugees.org
1	stags.bluekai.com	1 redirects
1	a.rfihub.com	www.unrefugees.org
1	20826429p.rfihub.com	c1.rfihub.net
1	w.usabilla.com	www.unrefugees.org
1	c1.rfihub.net	mail.aws.org
1	r.turn.com	www.unrefugees.org
1	20668909p.rfihub.com	1 redirects
1	p.typekit.net	use.typekit.net
1	fonts.gstatic.com	fonts.googleapis.com
1	sp.analytics.yahoo.com	www.unrefugees.org
1	fonts.googleapis.com	www.unrefugees.org
1	pixel.quantserve.com	www.unrefugees.org
1	rules.quantcount.com	secure.quantserve.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.tp88trk.com	www.googletagmanager.com
1	secure.quantserve.com	mail.aws.org
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	www.unrefugees.org
1	static-na.payments-amazon.com	www.unrefugees.org
1	www.paypal.com	www.unrefugees.org
1	cdn.plyr.io	www.unrefugees.org
1	code.jquery.com	www.unrefugees.org
135	66

This site contains links to these domains. Also see Links.

Domain
give.unrefugees.org
www.facebook.com
twitter.com
www.youtube.com
instagram.com
donate.unrefugees.org

Subject Issuer	Validity	Valid
mail.aws.org Cloudflare Inc ECC CA-3	`2021-08-02` - `2022-08-01`	a year	crt.sh
unrefugees.org Amazon	`2021-12-08` - `2023-01-05`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-03` - `2023-03-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-02-11` - `2023-03-14`	a year	crt.sh
static-na.payments-amazon.com Amazon	`2021-07-22` - `2022-08-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-02` - `2022-04-02`	3 months	crt.sh
*.tvsquared.com Amazon	`2021-09-16` - `2022-10-14`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-14` - `2022-05-04`	2 months	crt.sh
tp88trk.com Starfield Secure Certificate Authority - G2	`2022-02-15` - `2023-02-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
lyibja.unrefugees.org R3	`2022-03-25` - `2022-06-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.rfihub.net Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
w.usabilla.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
bs.serving-sys.com Amazon	`2021-05-10` - `2022-06-08`	a year	crt.sh
rtactivate.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
www.sandbox.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-02-08` - `2023-03-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Frame ID: 153FC00D640B100D07C4B49EAF59AFCE
Requests: 87 HTTP requests in this frame

Frame: https://4647326.fls.doubleclick.net/activityi;dc_pre=CK7E8smY4vYCFRNBHQkdTqAOYg;src=4647326;type=unrefcms;cat=unrefwwd;ord=4622286478450;gtm=2wg3e0;auiddc=1047526703.1648243247;~oref=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email
Frame ID: CF848CB59C10026B9A8AB6A65DDDE968
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CK7E8smY4vYCFRNBHQkdTqAOYg;src=4647326;type=unrefcms;cat=unrefwwd;ord=4622286478450;gtm=2wg3e0;auiddc=1047526703.1648243247;~oref=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email
Frame ID: 76C0FBD76549C3249056926215145F7B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CK7E8smY4vYCFRNBHQkdTqAOYg;src=4647326;type=unrefcms;cat=unrefwwd;ord=4622286478450;gtm=2wg3e0;auiddc=1047526703.1648243247;~oref=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email
Frame ID: D8A20400B547D9E187A038BB19E74DF8
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.unrefugees.org&mid=
Frame ID: 61697A56BA6ED7C6F8D10240744451F1
Requests: 15 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6DF735CAC411A2E7E7B7B2EEC6F2C87E
Requests: 1 HTTP requests in this frame

Frame: https://w.usabilla.com/fa5b33ed7c80.js?lv=1
Frame ID: C6651721C314A5825D1B73FA2E03A255
Requests: 1 HTTP requests in this frame

Frame: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email&pf=&ra=26956974929537725
Frame ID: CC29A688C7AAC884F4EF48DCAAA6CC99
Requests: 20 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/unhcr-button-ca8fba580979f02c2694fa49ed8ef52a.png
Frame ID: F2667D9C5F1F522A2123654DC97FE71D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Aid to Refugees & Displaced People Worldwide | USA for UNHCR

Page URL History Show full URLs

https://mail.aws.org/e3t/Ctc/LY+113/cX2Gf04/MVzkqkz5YRxW59CywN2Z92mJW2v98dD4H4vZ_N67vcn93lLB3V1-W... Page URL
https://mail.aws.org/events/public/v1/encoded/track/tc/LY+113/cX2Gf04/MVzkqkz5YRxW59CywN2Z92mJW2v... HTTP 307
https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlE... Page URL

Detected technologies

Plyr (Video players) Expand

Overall confidence: 100%
Detected patterns

https://cdn\.plyr\.io/([0-9.]+)/.+\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

135
Requests

79 %
HTTPS

43 %
IPv6

49
Domains

66
Subdomains

55
IPs

7
Countries

2664 kB
Transfer

5760 kB
Size

48
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://give.unrefugees.org/
Title: SEND HELP

Search URL Search Domain Scan URL

URL: https://give.unrefugees.org/180117core_mainpg_p_3000/
Title: DONATE MONTHLY

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UNREFUGEES
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/UNRefugeeAgency
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/USAforUNHCR
Title: Youtube

Search URL Search Domain Scan URL

URL: https://instagram.com/usaforunhcr
Title: Instagram

Search URL Search Domain Scan URL

URL: https://give.unrefugees.org/170101ukr_mainpg_p_3000
Title: Donate >

Search URL Search Domain Scan URL

URL: https://donate.unrefugees.org/ea-action/action?ea.client.id=1873&ea.campaign.id=80364

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mail.aws.org/e3t/Ctc/LY+113/cX2Gf04/MVzkqkz5YRxW59CywN2Z92mJW2v98dD4H4vZ_N67vcn93lLB3V1-WJV7CgBlVW4p-NSN3HT3T2W2hM7Zh60BnzyW3BtPcV2-sW0BW4y4gGW5xT5DkW9hcNdQ65RXCHW3TT1PP8B-_pJW1_BNGp6XJNvGW6KDjK877FhlzW3cgnfN23BML0W8czyl86TKC4yW2P8f-k71NGnfW90wpnp2F_MhJW8qVvMM93s9SyW5r8L__3Hx4YDW2hTW_j3D6cHpW75Plth46wYPmW6dbxcS6FzKfhVG1FWB5sSMYxN1PwYZ3PyzvyW1mwqpK6JHBs93f3D1 Page URL
https://mail.aws.org/events/public/v1/encoded/track/tc/LY+113/cX2Gf04/MVzkqkz5YRxW59CywN2Z92mJW2v98dD4H4vZ_N67vcn93lLB3V1-WJV7CgBlVW4p-NSN3HT3T2W2hM7Zh60BnzyW3BtPcV2-sW0BW4y4gGW5xT5DkW9hcNdQ65RXCHW3TT1PP8B-_pJW1_BNGp6XJNvGW6KDjK877FhlzW3cgnfN23BML0W8czyl86TKC4yW2P8f-k71NGnfW90wpnp2F_MhJW8qVvMM93s9SyW5r8L__3Hx4YDW2hTW_j3D6cHpW75Plth46wYPmW6dbxcS6FzKfhVG1FWB5sSMYxN1PwYZ3PyzvyW1mwqpK6JHBs93f3D1?_ud=795680d2-fe1a-47e9-b944-cd66f78d54ad&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.unrefugees.org/media/1029/kid.png HTTP 301
https://cdn.unrefugees.org/u4uweb2020/media/1029/kid.png

Request Chain 5

https://www.unrefugees.org/img/unhcr-visibility-horizontal-white-cmyk-v2016.svg HTTP 301
https://cdn.unrefugees.org/u4uweb2020/img/unhcr-visibility-horizontal-white-cmyk-v2016.svg

Request Chain 6

https://www.unrefugees.org/img/unhcr-visibility-horizontal-blue-cmyk-v2016.svg HTTP 301
https://cdn.unrefugees.org/u4uweb2020/img/unhcr-visibility-horizontal-blue-cmyk-v2016.svg

Request Chain 7

https://www.unrefugees.org/img/search-icon-white.png HTTP 301
https://cdn.unrefugees.org/u4uweb2020/img/search-icon-white.png

Request Chain 18

https://www.unrefugees.org/media/1724/what-we-do-hero-rf240996-1440x400-50.jpg HTTP 301
https://cdn.unrefugees.org/u4uweb2020/media/1724/what-we-do-hero-rf240996-1440x400-50.jpg

Request Chain 19

https://www.unrefugees.org/media/1718/rf240826-310x234.jpg HTTP 301
https://cdn.unrefugees.org/u4uweb2020/media/1718/rf240826-310x234.jpg

Request Chain 20

https://www.unrefugees.org/media/1716/rf110467-310x234.jpg HTTP 301
https://cdn.unrefugees.org/u4uweb2020/media/1716/rf110467-310x234.jpg

Request Chain 21

https://www.unrefugees.org/media/1717/rf297199-310x234.jpg HTTP 301
https://cdn.unrefugees.org/u4uweb2020/media/1717/rf297199-310x234.jpg

Request Chain 22

https://www.unrefugees.org/media/1723/rf230759-310x234.jpg HTTP 301
https://cdn.unrefugees.org/u4uweb2020/media/1723/rf230759-310x234.jpg

Request Chain 25

https://www.unrefugees.org/media/1904/blue-world-map-1440x900.jpg HTTP 301
https://cdn.unrefugees.org/u4uweb2020/media/1904/blue-world-map-1440x900.jpg

Request Chain 26

https://www.unrefugees.org/media/1783/unhcr-staff-child-blanket-rf237115-352x240.jpg HTTP 301
https://cdn.unrefugees.org/u4uweb2020/media/1783/unhcr-staff-child-blanket-rf237115-352x240.jpg

Request Chain 28

https://www.unrefugees.org/media/1784/boy-with-unhcr-box-rf241515-352x240.jpg HTTP 301
https://cdn.unrefugees.org/u4uweb2020/media/1784/boy-with-unhcr-box-rf241515-352x240.jpg

Request Chain 29

https://www.unrefugees.org/media/1012/global-impact-2.png HTTP 301
https://cdn.unrefugees.org/u4uweb2020/media/1012/global-impact-2.png

Request Chain 30

https://www.unrefugees.org/media/1013/global-impact-1.png HTTP 301
https://cdn.unrefugees.org/u4uweb2020/media/1013/global-impact-1.png

Request Chain 31

https://www.unrefugees.org/media/1785/unhcr-staff-rf250299-352x240.jpg HTTP 301
https://cdn.unrefugees.org/u4uweb2020/media/1785/unhcr-staff-rf250299-352x240.jpg

Request Chain 33

https://4647326.fls.doubleclick.net/activityi;src=4647326;type=unrefcms;cat=unrefwwd;ord=4622286478450;gtm=2wg3e0;auiddc=1047526703.1648243247;~oref=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email HTTP 302
https://4647326.fls.doubleclick.net/activityi;dc_pre=CK7E8smY4vYCFRNBHQkdTqAOYg;src=4647326;type=unrefcms;cat=unrefwwd;ord=4622286478450;gtm=2wg3e0;auiddc=1047526703.1648243247;~oref=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email

Request Chain 40

https://ad.doubleclick.net/ddm/activity/src=4269937;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=4269937;dc_pre=CMK88cmY4vYCFQKDsgod4_0HBA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/p/src=4269937;dc_pre=CMK88cmY4vYCFQKDsgod4_0HBA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.unrefugees.org/ HTTP 302
https://adservice.google.de/ddm/fls/p/src=4269937;dc_pre=CMK88cmY4vYCFQKDsgod4_0HBA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.unrefugees.org/

Request Chain 63

https://www.unrefugees.org/img/left-arrow.png HTTP 301
https://cdn.unrefugees.org/u4uweb2020/img/left-arrow.png

Request Chain 65

https://www.unrefugees.org/img/search-icon.png HTTP 301
https://cdn.unrefugees.org/u4uweb2020/img/search-icon.png

Request Chain 79

https://20668909p.rfihub.com/ca.gif?rb=9587&ca=20668909&ra=125866 HTTP 302
https://r.turn.com/r/beacon?b2=2ktLc5k8nNM07yj6GA-Hrn8gtUS_nFcwtDx5qaA26AoeU_Oup029YVIprkeGvqSpoIUReErvK66MTKJfORKOtg&cid=

Request Chain 83

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyMTU0MTI4NTAxOQ==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEDksEp-tDHREikeLxTzG7hw&google_cver=1

Request Chain 84

https://ib.adnxs.com/setuid?entity=18&code=5124322321541285019 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5124322321541285019

Request Chain 85

https://stags.bluekai.com/site/4722?id=5124322321541285019&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

Request Chain 87

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5124322321541285019&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322321541285019&redir=

Request Chain 88

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5124322321541285019&bid=omt9pi0

Request Chain 91

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322321541285019&referrer=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=6c10a393-2029-4419-afde-f0241e09b856%3A1648243247.99&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D6c10a393-2029-4419-afde-f0241e09b856%253A1648243247.99 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=6c10a393-2029-4419-afde-f0241e09b856%3A1648243247.99 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECVuDjm41kZ_xDMtVguDzz4&google_cver=1

Request Chain 93

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322321541285019&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322321541285019&forward=&C=1

Request Chain 96

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322321541285019&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322321541285019&img=1&__user_check__=1&sync_id=708247bd-ac81-11ec-8d7c-180e33a50406

Request Chain 100

https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322321541285019&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322321541285019&expires=30

Request Chain 101

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Yj4yMAADkDxwcgA- HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=Yj4yMAADkDxwcgA-&_test=Yj4yMAADkDxwcgA-

135 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 MVzkqkz5YRxW59CywN2Z92mJW2v98dD4H4vZ_N67vcn93lLB3V1-WJV7CgBlVW4p-NSN3HT3T2W2hM7Zh60BnzyW3BtPcV2-sW0BW4y4gGW5xT5DkW9hcNdQ65RXCHW3TT1PP8B-_pJW1_BNGp6XJNvGW6KDjK877FhlzW3cgnfN23BML0W8czyl86TKC4yW2P8f-...
mail.aws.org/e3t/Ctc/LY+113/cX2Gf04/ 9 KB
3 KB 240ms
168ms Document
text/html 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.aws.org/e3t/Ctc/LY+113/cX2Gf04/MVzkqkz5YRxW59CywN2Z92mJW2v98dD4H4vZ_N67vcn93lLB3V1-WJV7CgBlVW4p-NSN3HT3T2W2hM7Zh60BnzyW3BtPcV2-sW0BW4y4gGW5xT5DkW9hcNdQ65RXCHW3TT1PP8B-_pJW1_BNGp6XJNvGW6KDjK877FhlzW3cgnfN23BML0W8czyl86TKC4yW2P8f-k71NGnfW90wpnp2F_MhJW8qVvMM93s9SyW5r8L__3Hx4YDW2hTW_j3D6cHpW75Plth46wYPmW6dbxcS6FzKfhVG1FWB5sSMYxN1PwYZ3PyzvyW1mwqpK6JHBs93f3D1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 25 Mar 2022 21:20:45 GMT
content-type: text/html;charset=utf-8
cf-ray: 6f1ab13a9d480225-ZRH
last-modified: Fri, 25 Mar 2022 21:20:45 GMT
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 4695136a-9f43-4f0d-ba00-827050df1002
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbX19%2FrgHj0jYX%2BJ6vILBt1nZQF6Iy1URI%2Fb78fWvirKIA9C4UuR3xnp1pRaZF57AAM3bzByCKQ6CwY9iTGLdun0FMR8omNE%2BBrZJ%2FLkKpWtd3FcGWasY7DAhD2aC9m%2B%2F%2FWozH74NK%2FV7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
www.unrefugees.org/what-we-do/
Redirect Chain

https://mail.aws.org/events/public/v1/encoded/track/tc/LY+113/cX2Gf04/MVzkqkz5YRxW59CywN2Z92mJW2v98dD4H4vZ_N67vcn93lLB3V1-WJV7CgBlVW4p-NSN3HT3T2W2hM7Zh60BnzyW3BtPcV2-sW0BW4y4gGW5xT5DkW9hcNdQ65RXCHW...
https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=20801...

39 KB
13 KB

893ms
311ms

Document
text/html

35.84.137.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Requested by: Host: mail.aws.org
URL: https://mail.aws.org/e3t/Ctc/LY+113/cX2Gf04/MVzkqkz5YRxW59CywN2Z92mJW2v98dD4H4vZ_N67vcn93lLB3V1-WJV7CgBlVW4p-NSN3HT3T2W2hM7Zh60BnzyW3BtPcV2-sW0BW4y4gGW5xT5DkW9hcNdQ65RXCHW3TT1PP8B-_pJW1_BNGp6XJNvGW6KDjK877FhlzW3cgnfN23BML0W8czyl86TKC4yW2P8f-k71NGnfW90wpnp2F_MhJW8qVvMM93s9SyW5r8L__3Hx4YDW2hTW_j3D6cHpW75Plth46wYPmW6dbxcS6FzKfhVG1FWB5sSMYxN1PwYZ3PyzvyW1mwqpK6JHBs93f3D1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.137.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-137-25.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: fb8857525b8c9120b619a094944cbee61a68878dbf190645f68aa2a837784f97

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mail.aws.org/e3t/Ctc/LY+113/cX2Gf04/MVzkqkz5YRxW59CywN2Z92mJW2v98dD4H4vZ_N67vcn93lLB3V1-WJV7CgBlVW4p-NSN3HT3T2W2hM7Zh60BnzyW3BtPcV2-sW0BW4y4gGW5xT5DkW9hcNdQ65RXCHW3TT1PP8B-_pJW1_BNGp6XJNvGW6KDjK877FhlzW3cgnfN23BML0W8czyl86TKC4yW2P8f-k71NGnfW90wpnp2F_MhJW8qVvMM93s9SyW5r8L__3Hx4YDW2hTW_j3D6cHpW75Plth46wYPmW6dbxcS6FzKfhVG1FWB5sSMYxN1PwYZ3PyzvyW1mwqpK6JHBs93f3D1

Response headers

date: Fri, 25 Mar 2022 21:20:46 GMT
content-type: text/html; charset=utf-8
content-length: 13097
cache-control: private
content-encoding: gzip
vary: Accept-Encoding

Redirect headers

date: Fri, 25 Mar 2022 21:20:45 GMT
location: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
cf-ray: 6f1ab13d29b10225-ZRH
link: <https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: cc4796d4-18f1-45f4-9019-0c07c4ff3cae
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Aj557hQU3eulmtyYV%2FBLUrfd22gyOhTs%2BH2GSGYqpJMwHD1PcGO%2Fq%2FacQBADLOe%2BXsQr%2BP%2BzN3uUP8pT6%2FzKK%2FQma2a2fAq0LwHcELCueYoPXtZEdxmh%2FI9diCamwYRKw0Z5snLXwycYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 index.css
www.unrefugees.org/css/ 187 KB
31 KB 159ms
158ms Stylesheet
text/css 35.84.137.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unrefugees.org/css/index.css?v=4
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.137.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-137-25.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e75598ce87e63a50d9bed385cf067f9a37d958b483170d32fed8ff63fda68252

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:46 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 18:08:37 GMT
etag: "8004858c3b6d61:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 31272

GET
H2 200 plyr.css
www.unrefugees.org/css/ 24 KB
5 KB 315ms
314ms Stylesheet
text/css 35.84.137.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unrefugees.org/css/plyr.css
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.137.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-137-25.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 465ecd3c27cf42a3309af6bda6e2b8c4b9cb7a78788908904e0d6761a2c3102a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:46 GMT
content-encoding: gzip
last-modified: Sat, 23 Feb 2019 20:10:20 GMT
etag: "09e7cdb3cbd41:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4215

GET
H2 200 hrp3szy.css
use.typekit.net/ 7 KB
1 KB 442ms
409ms Stylesheet
text/css 2a02:26f0:fb::5f65:58d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/hrp3szy.css

Requested by

Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f65:58d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

7cb56da908e94235a698c35dac8162e57993bfceefba669afddc29bd866b97f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
x-akamai-origin-object-size: 1032
server: nginx
date: Fri, 25 Mar 2022 21:20:47 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1032

GET
H/1.1

200
OK

kid.png
cdn.unrefugees.org/u4uweb2020/media/1029/
Redirect Chain

https://www.unrefugees.org/media/1029/kid.png
https://cdn.unrefugees.org/u4uweb2020/media/1029/kid.png

46 KB
46 KB

120ms
10ms

Image
image/png

143.204.215.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uweb2020/media/1029/kid.png
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Server: 143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-125.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e999e3af5a4c58ac36f37d566a9c23f9ff35d83a0240c66bf9deab84012fa47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-meta-local-date-modified: 131406311689821409
Date: Fri, 25 Mar 2022 07:02:48 GMT
Via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-meta-local-date-created: 132296391740079964
Last-Modified: Wed, 25 Mar 2020 19:51:12 GMT
Server: AmazonS3
Age: 51480
ETag: "ce75f90bd0a7c523c4e953a47ccdb052"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 46864
X-Amz-Cf-Id: aDlI3HnZqcFWEcD_6HKagM8YE_t1KWQVd6iFGUs2uyfeoyP2LfaeRQ==

Redirect headers

location: https://cdn.unrefugees.org/u4uweb2020/media/1029/kid.png
date: Fri, 25 Mar 2022 21:20:46 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
content-length: 179
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

unhcr-visibility-horizontal-white-cmyk-v2016.svg
cdn.unrefugees.org/u4uweb2020/img/
Redirect Chain

https://www.unrefugees.org/img/unhcr-visibility-horizontal-white-cmyk-v2016.svg
https://cdn.unrefugees.org/u4uweb2020/img/unhcr-visibility-horizontal-white-cmyk-v2016.svg

12 KB
5 KB

117ms
7ms

Image
image/svg+xml

143.204.215.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uweb2020/img/unhcr-visibility-horizontal-white-cmyk-v2016.svg
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Server: 143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-125.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6bfbae61daf6218548d35bd824d5299e6f0517f156050c302ddd83fa0e8abdc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 02:10:53 GMT
Content-Encoding: gzip
Age: 68995
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-local-date-created: 132296392572169450
x-amz-meta-local-date-modified: 131539295639031921
Last-Modified: Thu, 04 Jun 2020 18:07:00 GMT
Server: AmazonS3
ETag: W/"589ecfd0bcfdf4d702240ce70983f8fe"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: c20IkkiIRGRd-iQC71uvd38nWtQRIIUlHVyaqHKqV8d8sRfptvPRTg==

Redirect headers

location: https://cdn.unrefugees.org/u4uweb2020/img/unhcr-visibility-horizontal-white-cmyk-v2016.svg
date: Fri, 25 Mar 2022 21:20:46 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
content-length: 213
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

unhcr-visibility-horizontal-blue-cmyk-v2016.svg
cdn.unrefugees.org/u4uweb2020/img/
Redirect Chain

https://www.unrefugees.org/img/unhcr-visibility-horizontal-blue-cmyk-v2016.svg
https://cdn.unrefugees.org/u4uweb2020/img/unhcr-visibility-horizontal-blue-cmyk-v2016.svg

12 KB
5 KB

121ms
7ms

Image
image/svg+xml

143.204.215.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uweb2020/img/unhcr-visibility-horizontal-blue-cmyk-v2016.svg
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Server: 143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-125.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9027cbc9f2efbff37e09740f41c16a1ffd89eae8f1555f6a5955d3198d9c31d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 03:26:18 GMT
Content-Encoding: gzip
Age: 64470
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
x-amz-meta-local-date-created: 132296392572149491
x-amz-meta-local-date-modified: 131539295413995338
Last-Modified: Thu, 04 Jun 2020 18:06:29 GMT
Server: AmazonS3
ETag: W/"e2c31e589985c6c3dab41cf627244301"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: HfIeS8rF-a2fQM4DCdqe-OBKl0wb4Z3XHEb54xylc3Z3XNIrko33CA==

Redirect headers

location: https://cdn.unrefugees.org/u4uweb2020/img/unhcr-visibility-horizontal-blue-cmyk-v2016.svg
date: Fri, 25 Mar 2022 21:20:46 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
content-length: 212
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

search-icon-white.png
cdn.unrefugees.org/u4uweb2020/img/
Redirect Chain

https://www.unrefugees.org/img/search-icon-white.png
https://cdn.unrefugees.org/u4uweb2020/img/search-icon-white.png

1 KB
2 KB

126ms
12ms

Image
image/png

143.204.215.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uweb2020/img/search-icon-white.png
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Server: 143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-125.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc41b89e82e346d38089fb2b430ff6c1864aa655f0c5003abc35d45d8b7bb1f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-meta-local-date-modified: 132267732062509912
Date: Fri, 25 Mar 2022 07:45:18 GMT
Via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-meta-local-date-created: 132296392572099450
Last-Modified: Wed, 25 Mar 2020 20:14:47 GMT
Server: AmazonS3
Age: 48929
ETag: "799989474245d817e252ae409682a467"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 1477
X-Amz-Cf-Id: uVhc6dJu4LcHSxGOMUfaD6FmXA8BZrh4yUXhA5qyhevYyUf_RzbX_w==

Redirect headers

location: https://cdn.unrefugees.org/u4uweb2020/img/search-icon-white.png
date: Fri, 25 Mar 2022 21:20:46 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
content-length: 186
content-type: text/html; charset=UTF-8

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 30ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://www.unrefugees.org/
Origin: https://www.unrefugees.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:46 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15851"
vary: Accept-Encoding
x-hw: 1648243246.dop106.fr8.t,1648243246.cds281.fr8.hn,1648243246.cds236.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H2 200 plyr.js Show response
cdn.plyr.io/3.5.2/ 111 KB
32 KB 105ms
36ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.5.2/plyr.js
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8608c7129a24079dd332403d0aef583dcefdf0bfc02914d626a6559a3ac049ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:46 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4909318
cf-polished: origSize=113855
x-cache: HIT, HIT, HIT
x-cache-hits: 1, 1, 1
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DS2ZYH4569842HXW
x-amz-id-2: usarFaUbzVjZl0vJRPZFZQTAqnpjp4IboK7VSrBvHfHKMVqeauR2sOuvnahomRTYLbJ4oTFnhB0=
x-served-by: cache-dca17762-DCA, cache-iad-kiad7000162-IAD, cache-cdg20767-CDG
last-modified: Sun, 24 Feb 2019 01:08:29 GMT
server: cloudflare
x-timer: S1643333929.805528,VS0,VE1
etag: W/"26d009457000af80d7306229fc132b15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Edac5H2%2BpShZfzLZYZK1F1N793duxEk%2BPFJAmPT9bbhu4tcjy7ZhfXFU0T9mRsGbc77ZeXmHdSBUNSL7AFdt5aCki0sf9E4EDC2%2Fy%2BWniSn2sDfbLmAEQ6AY9l%2Fu%2F2tDHlV5cac4dVXW4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000
cf-ray: 6f1ab144784773cf-MRS
cf-bgj: minify

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
966 B 39ms
17ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a736fe6962afb8ee314e4013af5f4e4048e25ac3378528abe5408b62a2a95ebb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Fri, 25 Mar 2022 21:20:46 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 320 KB
98 KB 88ms
10ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AXR8B71wtnEZHnlsTiphl1IRoxz4ZCoV5P4_FBhZeyaRBbGZXlD1_VE1c9hd2asTUQGyWBo7nyZo-_Mi&vault=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1baf8403360cce258aa53fa39d3aa5534e341b261d01d9d0ff478fbfdf064599

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-vd82+V+0oujkRQ2T1JhI6G1IaKzbYKhPLJLQWouiPkjH8CFX' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-vd82+V+0oujkRQ2T1JhI6G1IaKzbYKhPLJLQWouiPkjH8CFX' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-vd82+V+0oujkRQ2T1JhI6G1IaKzbYKhPLJLQWouiPkjH8CFX' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-vd82+V+0oujkRQ2T1JhI6G1IaKzbYKhPLJLQWouiPkjH8CFX' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
fastly-original-body-size: 99193
age: 7613
via: 1.1 varnish
x-cache: HIT
p3p: true
paypal-debug-id: f5569400457a3
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 99193
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4070-HHN
x-timer: S1648243247.796267,VS0,VE3
x-frame-options: SAMEORIGIN
date: Fri, 25 Mar 2022 21:20:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"18379-ur8JjyNnZuDaS7qoiHTkAdIJMa8"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 checkout.js Show response
static-na.payments-amazon.com/ 70 KB
19 KB 34ms
8ms Script
application/javascript 65.9.66.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-na.payments-amazon.com/checkout.js
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-36.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f69a52c7043a0979301bf04beaea88b76095b2ad6561dc6671b2a18b58da4bef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: ml4RjSvjMCW0EK4MObjuYyO2Eex1MZMA
content-encoding: br
last-modified: Fri, 18 Feb 2022 08:09:28 GMT
server: AmazonS3
age: 69
etag: W/"ae231e2593d3856677fd2c51e7a5f85d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control: max-age=1200,public
date: Fri, 25 Mar 2022 21:20:13 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: i6-4VBZSMPpD3mfC5Gl_2xfcV3_rAJs_MVLm0DlNgZAYzYj-nttkjg==

GET
H2 200 project.min.js Show response
www.unrefugees.org/scripts/lib/ 832 KB
506 KB 311ms
309ms Script
application/javascript 35.84.137.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unrefugees.org/scripts/lib/project.min.js?v=5
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.137.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-137-25.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 58b1c5188f3f612e010e0c548763600ff7391f70ca402bba5c1e64b56f410b70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:46 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 15:54:39 GMT
etag: "80c9f27438c4d71:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 516748

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 95 KB
31 KB 133ms
73ms Script
application/javascript 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

705538a8cb2510fe61e0ff7b3876229f6d1ad9df93e9cfb2ffc542a7adc10b53

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-JhgZQdr31mhrDFbOdN5Fug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-JhgZQdr31mhrDFbOdN5Fug' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-JhgZQdr31mhrDFbOdN5Fug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-JhgZQdr31mhrDFbOdN5Fug' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
expires: Fri, 25 Mar 2022 21:20:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 285 KB
84 KB 68ms
47ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-XT4L

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

025f4eb9f744f69387d3c3746fc60e837a03584a75faad7cd95394241b3aead4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85410
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Mar 2022 21:20:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XT4L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6356
date: Fri, 25 Mar 2022 19:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 25 Mar 2022 21:34:50 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 41ms
19ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XT4L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

00359d552170386e0f9dc362a2a48ad8da908f6263810b28eb26348073b70bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14884
x-xss-protection: 0
server: cafe
etag: 4198181851688197673
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 21:20:46 GMT

GET
H/1.1

200
OK

what-we-do-hero-rf240996-1440x400-50.jpg
cdn.unrefugees.org/u4uweb2020/media/1724/
Redirect Chain

https://www.unrefugees.org/media/1724/what-we-do-hero-rf240996-1440x400-50.jpg
https://cdn.unrefugees.org/u4uweb2020/media/1724/what-we-do-hero-rf240996-1440x400-50.jpg

66 KB
67 KB

61ms
9ms

Image
image/jpeg

143.204.215.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uweb2020/media/1724/what-we-do-hero-rf240996-1440x400-50.jpg
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Server: 143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-125.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3baa9bbd8f76b4ab1e29bf6003fcf56a9530e85c83352c282f693ffd0b9da136

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-meta-local-date-modified: 131509837780878537
Date: Fri, 25 Mar 2022 05:54:54 GMT
Via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-meta-local-date-created: 132296391849589820
Last-Modified: Wed, 25 Mar 2020 19:58:40 GMT
Server: AmazonS3
Age: 55554
ETag: "47f9e7208f4d8740767958eba40b6c7d"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 67622
X-Amz-Cf-Id: zVwa2imcMBz0iZj6ttEJwVdROe7o0xO06u2KKLriNyV9tLttOH4TWA==

Redirect headers

location: https://cdn.unrefugees.org/u4uweb2020/media/1724/what-we-do-hero-rf240996-1440x400-50.jpg
date: Fri, 25 Mar 2022 21:20:46 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
content-length: 212
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

rf240826-310x234.jpg
cdn.unrefugees.org/u4uweb2020/media/1718/
Redirect Chain

https://www.unrefugees.org/media/1718/rf240826-310x234.jpg
https://cdn.unrefugees.org/u4uweb2020/media/1718/rf240826-310x234.jpg

28 KB
28 KB

79ms
28ms

Image
image/jpeg

143.204.215.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uweb2020/media/1718/rf240826-310x234.jpg
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Server: 143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-125.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f86d34e8ff9486968ff9f90ea4450dca672c5508c5a355b3772074d4d8a2507

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-meta-local-date-modified: 131509837770871986
Date: Fri, 25 Mar 2022 02:01:03 GMT
Via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-meta-local-date-created: 132296391849369849
Last-Modified: Wed, 25 Mar 2020 19:58:37 GMT
Server: AmazonS3
Age: 69585
ETag: "15b7dc80eab8a5c7863c743d56607bc7"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 28609
X-Amz-Cf-Id: 3xvssaYguf17DpGjqjGfT61yyn-trV_z_SNpBAYVR0MUYgRiic6oqg==

Redirect headers

location: https://cdn.unrefugees.org/u4uweb2020/media/1718/rf240826-310x234.jpg
date: Fri, 25 Mar 2022 21:20:46 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
content-length: 192
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

rf110467-310x234.jpg
cdn.unrefugees.org/u4uweb2020/media/1716/
Redirect Chain

https://www.unrefugees.org/media/1716/rf110467-310x234.jpg
https://cdn.unrefugees.org/u4uweb2020/media/1716/rf110467-310x234.jpg

14 KB
15 KB

60ms
9ms

Image
image/jpeg

143.204.215.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uweb2020/media/1716/rf110467-310x234.jpg
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Server: 143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-125.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5bd6bc8c8f876e7e15996f5cf5151eb9d107fb5d248c5dadef2bf8b09a2e8102

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-meta-local-date-modified: 131509837768535789
Date: Fri, 25 Mar 2022 05:54:54 GMT
Via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-meta-local-date-created: 132296391849299840
Last-Modified: Wed, 25 Mar 2020 19:58:37 GMT
Server: AmazonS3
Age: 55554
ETag: "451c07a7f2f85dc830ea6938a5e7489a"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 14447
X-Amz-Cf-Id: zQruoGXiJmePIki8QK39nxpIcnugHXlJhayVrKyT1gadqqxZpvrcZg==

Redirect headers

location: https://cdn.unrefugees.org/u4uweb2020/media/1716/rf110467-310x234.jpg
date: Fri, 25 Mar 2022 21:20:46 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
content-length: 192
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

rf297199-310x234.jpg
cdn.unrefugees.org/u4uweb2020/media/1717/
Redirect Chain

https://www.unrefugees.org/media/1717/rf297199-310x234.jpg
https://cdn.unrefugees.org/u4uweb2020/media/1717/rf297199-310x234.jpg

17 KB
17 KB

66ms
15ms

Image
image/jpeg

143.204.215.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uweb2020/media/1717/rf297199-310x234.jpg
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Server: 143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-125.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f8620d6eea70ad195b90369774b44511ce96f24ce903506343968a74505472fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-meta-local-date-modified: 131509837769698870
Date: Fri, 25 Mar 2022 21:20:47 GMT
Via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
Last-Modified: Wed, 25 Mar 2020 19:58:37 GMT
Server: AmazonS3
Age: 25750
ETag: "04d7943b1c5cf3de3d8540eb6c72b346"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA53-C1
x-amz-meta-local-date-created: 132296391849329838
Content-Length: 17118
X-Amz-Cf-Id: yOtMBVWfFk6Cz6dd3IIbqCufPbKhv6nGp2zm-mqsibqvGVOQco3VrA==

Redirect headers

location: https://cdn.unrefugees.org/u4uweb2020/media/1717/rf297199-310x234.jpg
date: Fri, 25 Mar 2022 21:20:46 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
content-length: 192
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

rf230759-310x234.jpg
cdn.unrefugees.org/u4uweb2020/media/1723/
Redirect Chain

https://www.unrefugees.org/media/1723/rf230759-310x234.jpg
https://cdn.unrefugees.org/u4uweb2020/media/1723/rf230759-310x234.jpg

23 KB
23 KB

59ms
8ms

Image
image/jpeg

143.204.215.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uweb2020/media/1723/rf230759-310x234.jpg
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Server: 143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-125.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e5314135872288e41088c916aefd471ba5956d9776f8635cd5cffe5c664e92eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-meta-local-date-modified: 131509837777629919
Date: Fri, 25 Mar 2022 09:42:50 GMT
Via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-meta-local-date-created: 132296391849559830
Last-Modified: Wed, 25 Mar 2020 19:58:39 GMT
Server: AmazonS3
Age: 41878
ETag: "0d1c15ec124547f095661d514488a826"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 23123
X-Amz-Cf-Id: cYnkqticu3IUqlgnGxAEGse8gMyIAofPYDZj3tLPVty8twP2YC2UDw==

Redirect headers

location: https://cdn.unrefugees.org/u4uweb2020/media/1723/rf230759-310x234.jpg
date: Fri, 25 Mar 2022 21:20:46 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
content-length: 192
content-type: text/html; charset=UTF-8

GET
H2 403 rf294876-310x234.jpg
www.unrefugees.org/media/1721/ 58 B
58 B 487ms
485ms Image
text/html 35.84.137.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unrefugees.org/media/1721/rf294876-310x234.jpg
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.137.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-137-25.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: c54008cfaffe2e6442ed8bfedc1c3511572980a7af2796ff3a76fedd5d4d1fba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:46 GMT
server: Microsoft-IIS/10.0
content-length: 58
content-type: text/html

GET
H2 403 fatima-1200-x-800.jpg
www.unrefugees.org/media/3641/ 58 B
58 B 486ms
485ms Image
text/html 35.84.137.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unrefugees.org/media/3641/fatima-1200-x-800.jpg
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.137.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-137-25.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: c54008cfaffe2e6442ed8bfedc1c3511572980a7af2796ff3a76fedd5d4d1fba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:46 GMT
server: Microsoft-IIS/10.0
content-length: 58
content-type: text/html

GET
H/1.1

200
OK

blue-world-map-1440x900.jpg
cdn.unrefugees.org/u4uweb2020/media/1904/
Redirect Chain

https://www.unrefugees.org/media/1904/blue-world-map-1440x900.jpg
https://cdn.unrefugees.org/u4uweb2020/media/1904/blue-world-map-1440x900.jpg

69 KB
70 KB

62ms
11ms

Image
image/jpeg

143.204.215.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uweb2020/media/1904/blue-world-map-1440x900.jpg
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Server: 143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-125.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33c7329cbd27d72df5a13bf571efbb53657869b5613df3e7f073a4ee18029b1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-meta-local-date-modified: 131523803376856039
Date: Fri, 25 Mar 2022 09:42:50 GMT
Via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
Last-Modified: Wed, 25 Mar 2020 19:59:56 GMT
Server: AmazonS3
Age: 41878
ETag: "4c0fadc7e7a1392b5c5ae7532437c111"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA53-C1
x-amz-meta-local-date-created: 132296391863219914
Content-Length: 70991
X-Amz-Cf-Id: W_ASCWE-8LI4jjAvMggS523tZg01uF3f9rS8mlJxarrjboJT_UqKng==

Redirect headers

location: https://cdn.unrefugees.org/u4uweb2020/media/1904/blue-world-map-1440x900.jpg
date: Fri, 25 Mar 2022 21:20:46 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
content-length: 199
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

unhcr-staff-child-blanket-rf237115-352x240.jpg
cdn.unrefugees.org/u4uweb2020/media/1783/
Redirect Chain

https://www.unrefugees.org/media/1783/unhcr-staff-child-blanket-rf237115-352x240.jpg
https://cdn.unrefugees.org/u4uweb2020/media/1783/unhcr-staff-child-blanket-rf237115-352x240.jpg

27 KB
28 KB

21ms
21ms

Image
image/jpeg

143.204.215.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uweb2020/media/1783/unhcr-staff-child-blanket-rf237115-352x240.jpg
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Server: 143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-125.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4164c7009b6c6e05cd484d0aa537f0b94fc7403ab9fbef31fb483dadc438ff60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-meta-local-date-modified: 131515203989293157
Date: Fri, 25 Mar 2022 09:42:50 GMT
Via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
Last-Modified: Wed, 25 Mar 2020 19:59:05 GMT
Server: AmazonS3
Age: 41878
ETag: "82539d388d52f0bf2d01321ac0a96d31"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA53-C1
x-amz-meta-local-date-created: 132296391852929910
Content-Length: 27613
X-Amz-Cf-Id: -OSJAmwmtBqc62caNT5AL5Sb5FzrK9L6DSUPxjR2uucnPHpxlMhiaA==

Redirect headers

location: https://cdn.unrefugees.org/u4uweb2020/media/1783/unhcr-staff-child-blanket-rf237115-352x240.jpg
date: Fri, 25 Mar 2022 21:20:46 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
content-length: 218
content-type: text/html; charset=UTF-8

GET
H2 403 /
www.unrefugees.org/what-we-do/ 58 B
58 B 485ms
483ms Image
text/html 35.84.137.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.137.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-137-25.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: c54008cfaffe2e6442ed8bfedc1c3511572980a7af2796ff3a76fedd5d4d1fba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:46 GMT
server: Microsoft-IIS/10.0
content-length: 58
content-type: text/html

GET
H/1.1

200
OK

boy-with-unhcr-box-rf241515-352x240.jpg
cdn.unrefugees.org/u4uweb2020/media/1784/
Redirect Chain

https://www.unrefugees.org/media/1784/boy-with-unhcr-box-rf241515-352x240.jpg
https://cdn.unrefugees.org/u4uweb2020/media/1784/boy-with-unhcr-box-rf241515-352x240.jpg

26 KB
26 KB

9ms
9ms

Image
image/jpeg

143.204.215.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uweb2020/media/1784/boy-with-unhcr-box-rf241515-352x240.jpg
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Server: 143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-125.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44e44602ef4acc66bd91940b153712c9c37227945b9955b12aef81983d88891b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-meta-local-date-modified: 131515204761251715
Date: Fri, 25 Mar 2022 09:42:50 GMT
Via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-meta-local-date-created: 132296391852969888
Last-Modified: Wed, 25 Mar 2020 19:59:05 GMT
Server: AmazonS3
Age: 41878
ETag: "bcd0e71f89403cffffbf1738d31e43b8"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 26165
X-Amz-Cf-Id: T7k_oly3OF7pERTNbzoGg1lO2j8r0WBl985wRHnoOkXUC16qUjJQHg==

Redirect headers

location: https://cdn.unrefugees.org/u4uweb2020/media/1784/boy-with-unhcr-box-rf241515-352x240.jpg
date: Fri, 25 Mar 2022 21:20:46 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
content-length: 211
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

global-impact-2.png
cdn.unrefugees.org/u4uweb2020/media/1012/
Redirect Chain

https://www.unrefugees.org/media/1012/global-impact-2.png
https://cdn.unrefugees.org/u4uweb2020/media/1012/global-impact-2.png

165 KB
166 KB

9ms
9ms

Image
image/png

143.204.215.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uweb2020/media/1012/global-impact-2.png
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Server: 143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-125.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2dd3fdd35beacdce141bfbe29edb817db20833502427305415836fbd9c5c5880

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-meta-local-date-modified: 131396607553072246
Date: Fri, 25 Mar 2022 09:42:51 GMT
Via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-meta-local-date-created: 132296391736220070
Last-Modified: Wed, 25 Mar 2020 19:50:57 GMT
Server: AmazonS3
Age: 41877
ETag: "8502ff00b60ed396d707e1fe6e19f74f"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 169313
X-Amz-Cf-Id: nv7HrZCDxaXQxz0MZXsoGjE_1KnjgH2cjhD8dAjFvELfzfW6Mih2GQ==

Redirect headers

location: https://cdn.unrefugees.org/u4uweb2020/media/1012/global-impact-2.png
date: Fri, 25 Mar 2022 21:20:46 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
content-length: 191
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

global-impact-1.png
cdn.unrefugees.org/u4uweb2020/media/1013/
Redirect Chain

https://www.unrefugees.org/media/1013/global-impact-1.png
https://cdn.unrefugees.org/u4uweb2020/media/1013/global-impact-1.png

166 KB
166 KB

21ms
21ms

Image
image/png

143.204.215.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uweb2020/media/1013/global-impact-1.png
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Server: 143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-125.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 261954db02879766d35b60612cf6c9c5f60f2cbbc506d2ac14cce439ccf67187

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-meta-local-date-modified: 131396607554813423
Date: Fri, 25 Mar 2022 05:54:54 GMT
Via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-meta-local-date-created: 132296391736379827
Last-Modified: Wed, 25 Mar 2020 19:50:57 GMT
Server: AmazonS3
Age: 55554
ETag: "3577aae7814f1b8c3bf4161871087394"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 169611
X-Amz-Cf-Id: baAenE8XooWACyLj0FXrenVVw4ohvBBHVHDUiAcItpw0dV90wNdORA==

Redirect headers

location: https://cdn.unrefugees.org/u4uweb2020/media/1013/global-impact-1.png
date: Fri, 25 Mar 2022 21:20:46 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
content-length: 191
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

unhcr-staff-rf250299-352x240.jpg
cdn.unrefugees.org/u4uweb2020/media/1785/
Redirect Chain

https://www.unrefugees.org/media/1785/unhcr-staff-rf250299-352x240.jpg
https://cdn.unrefugees.org/u4uweb2020/media/1785/unhcr-staff-rf250299-352x240.jpg

27 KB
27 KB

9ms
9ms

Image
image/jpeg

143.204.215.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uweb2020/media/1785/unhcr-staff-rf250299-352x240.jpg
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Server: 143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-125.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fafa5e96a085e14c9b1233042d2c28cc18c8388cf6f5ae84b3841a3ae5282f9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-meta-local-date-modified: 131515208842325596
Date: Fri, 25 Mar 2022 05:54:54 GMT
Via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-meta-local-date-created: 132296391853029915
Last-Modified: Wed, 25 Mar 2020 19:59:06 GMT
Server: AmazonS3
Age: 55554
ETag: "2c4bc46e900a3b8687ec34aa63814928"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 27343
X-Amz-Cf-Id: nTiFlXFUlWLRw9buR8hJG9Ip5L98jwEIBj9_6hHp0CrAPKO2OmSong==

Redirect headers

location: https://cdn.unrefugees.org/u4uweb2020/media/1785/unhcr-staff-rf250299-352x240.jpg
date: Fri, 25 Mar 2022 21:20:46 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
content-length: 204
content-type: text/html; charset=UTF-8

GET
H2 403 global-operations-1.png
www.unrefugees.org/media/3525/ 58 B
58 B 484ms
484ms Image
text/html 35.84.137.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unrefugees.org/media/3525/global-operations-1.png
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.137.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-137-25.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: c54008cfaffe2e6442ed8bfedc1c3511572980a7af2796ff3a76fedd5d4d1fba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:46 GMT
server: Microsoft-IIS/10.0
content-length: 58
content-type: text/html

GET
H3

200

activityi;dc_pre=CK7E8smY4vYCFRNBHQkdTqAOYg;src=4647326;type=unrefcms;cat=unrefwwd;ord=4622286478450;gtm=2wg3e0;auiddc=1047526703.1648243247;~oref=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3... Show response
4647326.fls.doubleclick.net/ Frame CF84
Redirect Chain

https://4647326.fls.doubleclick.net/activityi;src=4647326;type=unrefcms;cat=unrefwwd;ord=4622286478450;gtm=2wg3e0;auiddc=1047526703.1648243247;~oref=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F...
https://4647326.fls.doubleclick.net/activityi;dc_pre=CK7E8smY4vYCFRNBHQkdTqAOYg;src=4647326;type=unrefcms;cat=unrefwwd;ord=4622286478450;gtm=2wg3e0;auiddc=1047526703.1648243247;~oref=https%3A%2F%2F...

703 B
562 B

42ms
27ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4647326.fls.doubleclick.net/activityi;dc_pre=CK7E8smY4vYCFRNBHQkdTqAOYg;src=4647326;type=unrefcms;cat=unrefwwd;ord=4622286478450;gtm=2wg3e0;auiddc=1047526703.1648243247;~oref=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XT4L

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

071355f4435370e5758f3fcea64401473248bfa22350b2b95787fca4a8ab29ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 25 Mar 2022 21:20:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 537
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 25 Mar 2022 21:20:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4647326.fls.doubleclick.net/activityi;dc_pre=CK7E8smY4vYCFRNBHQkdTqAOYg;src=4647326;type=unrefcms;cat=unrefwwd;ord=4622286478450;gtm=2wg3e0;auiddc=1047526703.1648243247;~oref=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 51ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XT4L

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A6FE04402B904FE3B2FBF2A0F01712C2 Ref B: FRAEDGE1308 Ref C: 2022-03-25T21:20:46Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 25 Mar 2022 21:20:46 GMT
accept-ranges: bytes
content-length: 11333

GET
H2 200 aquant.js Show response
secure.quantserve.com/ 24 KB
10 KB 71ms
8ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/aquant.js?a=p-SLcBYqRUU3yLq
Requested by: Host: mail.aws.org
URL: https://mail.aws.org/e3t/Ctc/LY+113/cX2Gf04/MVzkqkz5YRxW59CywN2Z92mJW2v98dD4H4vZ_N67vcn93lLB3V1-WJV7CgBlVW4p-NSN3HT3T2W2hM7Zh60BnzyW3BtPcV2-sW0BW4y4gGW5xT5DkW9hcNdQ65RXCHW3TT1PP8B-_pJW1_BNGp6XJNvGW6KDjK877FhlzW3cgnfN23BML0W8czyl86TKC4yW2P8f-k71NGnfW90wpnp2F_MhJW8qVvMM93s9SyW5r8L__3Hx4YDW2hTW_j3D6cHpW75Plth46wYPmW6dbxcS6FzKfhVG1FWB5sSMYxN1PwYZ3PyzvyW1mwqpK6JHBs93f3D1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:46 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 01 Apr 2022 21:20:46 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mail.aws.org
URL: https://mail.aws.org/e3t/Ctc/LY+113/cX2Gf04/MVzkqkz5YRxW59CywN2Z92mJW2v98dD4H4vZ_N67vcn93lLB3V1-WJV7CgBlVW4p-NSN3HT3T2W2hM7Zh60BnzyW3BtPcV2-sW0BW4y4gGW5xT5DkW9hcNdQ65RXCHW3TT1PP8B-_pJW1_BNGp6XJNvGW6KDjK877FhlzW3cgnfN23BML0W8czyl86TKC4yW2P8f-k71NGnfW90wpnp2F_MhJW8qVvMM93s9SyW5r8L__3Hx4YDW2hTW_j3D6cHpW75Plth46wYPmW6dbxcS6FzKfhVG1FWB5sSMYxN1PwYZ3PyzvyW1mwqpK6JHBs93f3D1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: 1VIA/roasIoIAaYMzlnePmTpZydDO91DdPSNXEphAhqwT9mXnNmyI5Mavpbdm6aqLrrLW2BoCHln1voqLvLCQw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 25 Mar 2022 21:20:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK tv2track.js Show response
collector-3219.tvsquared.com/ 20 KB
9 KB 477ms
107ms Script
application/javascript 18.117.52.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-3219.tvsquared.com/tv2track.js
Requested by: Host: mail.aws.org
URL: https://mail.aws.org/e3t/Ctc/LY+113/cX2Gf04/MVzkqkz5YRxW59CywN2Z92mJW2v98dD4H4vZ_N67vcn93lLB3V1-WJV7CgBlVW4p-NSN3HT3T2W2hM7Zh60BnzyW3BtPcV2-sW0BW4y4gGW5xT5DkW9hcNdQ65RXCHW3TT1PP8B-_pJW1_BNGp6XJNvGW6KDjK877FhlzW3cgnfN23BML0W8czyl86TKC4yW2P8f-k71NGnfW90wpnp2F_MhJW8qVvMM93s9SyW5r8L__3Hx4YDW2hTW_j3D6cHpW75Plth46wYPmW6dbxcS6FzKfhVG1FWB5sSMYxN1PwYZ3PyzvyW1mwqpK6JHBs93f3D1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.117.52.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-117-52-137.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:20:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Mar 2022 14:24:13 GMT
Server: nginx
ETag: "6222210d-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Fri, 25 Mar 2022 21:30:47 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 71ms
22ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 25 Mar 2022 21:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 770
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5748
x-amz-id-2: QrAv0Nihe2cFC60Ics6a2tAkNcX/GP9wg2hpqSu3PTaZGSiyPFUoQA1IR6IR0owPqEfxvCC7fwk=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: KH3T794MSMABY397
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 everflow.js Show response
www.tp88trk.com/scripts/sdk/ 58 KB
18 KB 131ms
108ms Script
text/javascript 35.190.72.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tp88trk.com/scripts/sdk/everflow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XT4L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.72.228 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 228.72.190.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4d309da2d949bae921ce9aed5bdf4a3a573ad19b65d68b0a26019099942134b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:46 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: text/javascript
content-encoding: gzip
cache-control: max-age=14400
x-eflow-request-id: 029871fe-6c14-442c-bcbc-8c3d7621ebb8
alt-svc: clear

GET
H2

200

/
adservice.google.de/ddm/fls/p/src=4269937;dc_pre=CMK88cmY4vYCFQKDsgod4_0HBA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.unrefugees...
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=4269937;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=4269937;dc_pre=CMK88cmY4vYCFQKDsgod4_0HBA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/p/src=4269937;dc_pre=CMK88cmY4vYCFQKDsgod4_0HBA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.u...
https://adservice.google.de/ddm/fls/p/src=4269937;dc_pre=CMK88cmY4vYCFQKDsgod4_0HBA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.un...

42 B
737 B

64ms
43ms

Image
image/gif

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.de/ddm/fls/p/src=4269937;dc_pre=CMK88cmY4vYCFQKDsgod4_0HBA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.unrefugees.org/

Requested by

Protocol

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:47 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://adservice.google.de/ddm/fls/p/src=4269937;dc_pre=CMK88cmY4vYCFQKDsgod4_0HBA;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.unrefugees.org/
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1473340-18&cid=244993884.1648243247&jid=1946443475&gjid=1300636778&_gid=524638166.1648243247&_u=YGBAiAABBAAAAE~&z=788727853

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unrefugees.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 25 Mar 2022 21:20:46 GMT
content-type: text/plain
access-control-allow-origin: https://www.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 54ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3754388-9&cid=244993884.1648243247&jid=1917781372&gjid=1549212569&_gid=524638166.1648243247&_u=YGDAiAABBAAAAE~&z=1424697589

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unrefugees.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 25 Mar 2022 21:20:46 GMT
content-type: text/plain
access-control-allow-origin: https://www.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 6ms
6ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=211412282&t=pageview&_s=1&dl=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Aid%20to%20Refugees%20%26%20Displaced%20People%20Worldwide%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiAABB~&jid=1946443475&gjid=1300636778&cid=244993884.1648243247&tid=UA-1473340-18&_gid=524638166.1648243247&gtm=2wg3e0XT4L&cd3=USA&z=619662712

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 05:16:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57844
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 6ms
6ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=211412282&t=pageview&_s=1&dl=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Aid%20to%20Refugees%20%26%20Displaced%20People%20Worldwide%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiAABBAAAAE~&jid=1917781372&gjid=1549212569&cid=244993884.1648243247&tid=UA-3754388-9&_gid=524638166.1648243247&gtm=2wg3e0XT4L&z=1694725792

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 05:16:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57844
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957115417/ 3 KB
2 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957115417/?random=1648243247443&cv=9&fst=1648243247443&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email&tiba=Aid%20to%20Refugees%20%26%20Displaced%20People%20Worldwide%20%7C%20USA%20for%20UNHCR&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

568f1168afc63d175a5a251db2c0877edb30b5df9be4b21bae592827eb8c10b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1203
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 363860773806760 Show response
connect.facebook.net/signals/config/ 495 KB
145 KB 75ms
64ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/363860773806760?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

58b08bd1e0da9fda9f8edcf3bdb323e6dd8bfe339ac152b6e8e2e9ae975a8e26

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 1CYeVXMnvOhth/vm4Q+Zs9s4kILZgD+RZZZwhJtbsm5bKfLfaf15H3MkBD6SSgQ/islyzAvnFslQb3xiCvSHAg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 25 Mar 2022 21:20:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 5612726.js Show response
bat.bing.com/p/action/ 0
117 B 210ms
210ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5612726.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9B8094BD22164945B801B0F0AEE7A85D Ref B: FRAEDGE1308 Ref C: 2022-03-25T21:20:46Z
date: Fri, 25 Mar 2022 21:20:47 GMT
x-cache: CONFIG_NOCACHE

GET
H2 200 rules-p-SLcBYqRUU3yLq.js Show response
rules.quantcount.com/ 1 KB
1 KB 65ms
22ms Script
application/javascript 2600:9000:206f:ec00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-SLcBYqRUU3yLq.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/aquant.js?a=p-SLcBYqRUU3yLq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ec00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: abb49f99cde4315e7ad50087b6a1888b1d6e0db45625f351904fac2b1879ecf7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:05:44 GMT
content-encoding: gzip
age: 904
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 10 Apr 2017 23:36:03 GMT
server: AmazonS3
etag: W/"0f8ea059094652069af02158b35f2356"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: WkjZ3HkwE4BuUEH4EADc8-F5L5GTT6_LFmJskrM_iU61sa4HAi4cbA==

GET
H3 200 /
www.google.com/pagead/1p-user-list/957115417/ 42 B
64 B 82ms
58ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/957115417/?random=1648243247443&cv=9&fst=1648242000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email&tiba=Aid%20to%20Refugees%20%26%20Displaced%20People%20Worldwide%20%7C%20USA%20for%20UNHCR&async=1&fmt=3&is_vtc=1&random=1769363041&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/957115417/ 42 B
548 B 53ms
27ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/957115417/?random=1648243247443&cv=9&fst=1648242000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email&tiba=Aid%20to%20Refugees%20%26%20Displaced%20People%20Worldwide%20%7C%20USA%20for%20UNHCR&async=1&fmt=3&is_vtc=1&random=1769363041&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 55ms
38ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1473340-18&cid=244993884.1648243247&jid=1946443475&_u=YGBAiAABBAAAAE~&z=1662824962

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 55ms
36ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1473340-18&cid=244993884.1648243247&jid=1946443475&_u=YGBAiAABBAAAAE~&z=1662824962

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 54ms
37ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3754388-9&cid=244993884.1648243247&jid=1917781372&_u=YGDAiAABBAAAAE~&z=537607761

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 58ms
39ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3754388-9&cid=244993884.1648243247&jid=1917781372&_u=YGDAiAABBAAAAE~&z=537607761

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10095779.json Show response
s.yimg.com/wi/config/ 46 B
682 B 76ms
21ms XHR
application/octet-stream 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10095779.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

81f701abbdb3dcd7318338357add41af96a3b776549dc928c4703cf1cf9f2ffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 16:41:02 GMT
x-content-type-options: nosniff
age: 16786
x-amz-server-side-encryption: AES256
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 0DH1NS4K31FF583Q
x-amz-id-2: HI7Wf8lBxWTr5Z+1gTcDj9xO9NY8ctl99uc9rsDkP1JHJ6yCMkm3s1ia9v345QQ42o0COIRfgok=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sun, 04 Sep 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 30 Jul 2021 20:49:06 GMT
server: ATS
etag: "ca96ec3516187adbafe0fb0d4f2e4932"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: A6WkUtqwqovvPfHbvCBjlnyQPLaVaalT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 46
content-type: application/octet-stream

GET
H2 200 dc_pre=CK7E8smY4vYCFRNBHQkdTqAOYg;src=4647326;type=unrefcms;cat=unrefwwd;ord=4622286478450;gtm=2wg3e0;auiddc=1047526703.1648243247;~oref=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_mediu... Show response
adservice.google.com/ddm/fls/i/ Frame 76C0 702 B
1005 B 116ms
88ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CK7E8smY4vYCFRNBHQkdTqAOYg;src=4647326;type=unrefcms;cat=unrefwwd;ord=4622286478450;gtm=2wg3e0;auiddc=1047526703.1648243247;~oref=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email

Requested by

Host: 4647326.fls.doubleclick.net
URL: https://4647326.fls.doubleclick.net/activityi;dc_pre=CK7E8smY4vYCFRNBHQkdTqAOYg;src=4647326;type=unrefcms;cat=unrefwwd;ord=4622286478450;gtm=2wg3e0;auiddc=1047526703.1648243247;~oref=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a551822b4d117a269978cb16cfa3e43d4c4e9adf023965876f251a435544e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4647326.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 25 Mar 2022 21:20:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 536
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel;r=1705397553;labels=_fp.event.What%20We%20Do;rf=0;a=p-SLcBYqRUU3yLq;url=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j...
pixel.quantserve.com/ 35 B
371 B 41ms
12ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1705397553;labels=_fp.event.What%20We%20Do;rf=0;a=p-SLcBYqRUU3yLq;url=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email;uht=2;fpan=1;fpa=P0-1980152330-1648243247555;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=unrefugees.org;je=0;sr=1600x1200x24;dst=0;et=1648243247555;tzo=0;ogl=title.Aid%20to%20Refugees%20%26%20Displaced%20People%20Worldwide%20%7C%20USA%20for%20UNHCR%2Ctype.website%2Curl.https%3A%2F%2Fwww%252Eunrefugees%252Eorg%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp%2Cimage.https%3A%2F%2Fwww%252Eunrefugees%252Eorg%2Fmedia%2F1948%2Frefugee-mother-and-son-rf240996-1200x1200%252E%2Cdescription.USA%20for%20UNHCR%20helps%20to%20save%252C%20protect%20and%20rebuild%20the%20lives%20of%20millions%20of%20refuge

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:47 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 events Show response
lyibja.unrefugees.org/ 0
165 B 513ms
156ms XHR
text/plain 52.25.243.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lyibja.unrefugees.org/events

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/363860773806760?v=2.9.57&r=stable

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.25.243.35 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-243-35.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.unrefugees.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.unrefugees.org
date: Fri, 25 Mar 2022 21:20:47 GMT
access-control-allow-credentials: true
vary: origin
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 23ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=363860773806760&ev=PageView&dl=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email&rl=&if=false&ts=1648243247600&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1648243247595.1666509156&eid=ob3_plugin-set_d4ccfb03234c180de31b0164a011daa7a0c73141482c19d797c91e4145bbe42c&it=1648243247453&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 25 Mar 2022 21:20:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
983 B 38ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Kalam|Lato&display=swap

Requested by

Host: www.unrefugees.org
URL: https://www.unrefugees.org/css/index.css?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e9a096ea993d41984504d287daa350470a8d4127016369c337d4b593f7268883

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 21:20:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 25 Mar 2022 21:20:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Mar 2022 21:20:47 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
715 B 96ms
31ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2025%20Mar%202022%2021%3A20%3A47%20GMT&n=0&b=Aid%20to%20Refugees%20%26%20Displaced%20People%20Worldwide%20%7C%20USA%20for%20UNHCR&.yp=10095779&f=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email&enc=UTF-8&yv=1.12.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:47 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Fri, 25 Mar 2022 21:20:47 GMT

GET
H2 200 dc_pre=CK7E8smY4vYCFRNBHQkdTqAOYg;src=4647326;type=unrefcms;cat=unrefwwd;ord=4622286478450;gtm=2wg3e0;auiddc=1047526703.1648243247;~oref=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_mediu... Show response
adservice.google.de/ddm/fls/i/ Frame D8A2 194 B
306 B 56ms
44ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CK7E8smY4vYCFRNBHQkdTqAOYg;src=4647326;type=unrefcms;cat=unrefwwd;ord=4622286478450;gtm=2wg3e0;auiddc=1047526703.1648243247;~oref=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CK7E8smY4vYCFRNBHQkdTqAOYg;src=4647326;type=unrefcms;cat=unrefwwd;ord=4622286478450;gtm=2wg3e0;auiddc=1047526703.1648243247;~oref=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 25 Mar 2022 21:20:47 GMT
expires: Fri, 25 Mar 2022 21:20:47 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

left-arrow.png
cdn.unrefugees.org/u4uweb2020/img/
Redirect Chain

https://www.unrefugees.org/img/left-arrow.png
https://cdn.unrefugees.org/u4uweb2020/img/left-arrow.png

566 B
1 KB

15ms
15ms

Image
image/png

143.204.215.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uweb2020/img/left-arrow.png
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/css/index.css?v=4
Protocol: HTTP/1.1
Server: 143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-125.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc5555998c1458ba0e52e3b204a3342fbac8779cd284b51f05ce0f39d4b53d0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-meta-local-date-modified: 131395970928206697
Date: Fri, 25 Mar 2022 21:20:47 GMT
Via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
Last-Modified: Wed, 25 Mar 2020 20:14:43 GMT
Server: AmazonS3
Age: 1940
ETag: "38b9c7d7f483a25a74f5c0ef795b6506"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA53-C1
x-amz-meta-local-date-created: 132296392571759009
Content-Length: 566
X-Amz-Cf-Id: 77crIDF0a7ixjnRLz6A91vokzfhu3y_ui_QLYzQWm6xHPpuSqCFxcg==

Redirect headers

location: https://cdn.unrefugees.org/u4uweb2020/img/left-arrow.png
date: Fri, 25 Mar 2022 21:20:47 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
content-length: 179
content-type: text/html; charset=UTF-8

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
24 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kalam|Lato&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.unrefugees.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 179417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 19:30:30 GMT

GET
H/1.1

200
OK

search-icon.png
cdn.unrefugees.org/u4uweb2020/img/
Redirect Chain

https://www.unrefugees.org/img/search-icon.png
https://cdn.unrefugees.org/u4uweb2020/img/search-icon.png

714 B
1 KB

13ms
13ms

Image
image/png

143.204.215.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unrefugees.org/u4uweb2020/img/search-icon.png
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/css/index.css?v=4
Protocol: HTTP/1.1
Server: 143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-125.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba53ecfcecf61b004dd8d7bde6fcaef65c5d630bad678e83c62ef3b3c420657d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-meta-local-date-modified: 131455542136403450
Date: Fri, 25 Mar 2022 06:51:02 GMT
Via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
Last-Modified: Wed, 25 Mar 2020 20:14:48 GMT
Server: AmazonS3
Age: 52186
ETag: "e1ebd767caa00d3b958ed09216769ad3"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA53-C1
x-amz-meta-local-date-created: 132296392572109451
Content-Length: 714
X-Amz-Cf-Id: M_azy6bHbcIrFJg18E1KBOZCyGjPyg7Tl1vdfoyeHkyTXNA-uN9kNQ==

Redirect headers

location: https://cdn.unrefugees.org/u4uweb2020/img/search-icon.png
date: Fri, 25 Mar 2022 21:20:47 GMT
cache-control: no-cache
server: Microsoft-IIS/10.0
content-length: 180
content-type: text/html; charset=UTF-8

GET
H2 200 fontello.woff2
www.unrefugees.org/font/ 4 KB
5 KB 359ms
359ms Font
application/x-font-woff2 35.84.137.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unrefugees.org/font/fontello.woff2?47325548
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/css/index.css?v=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.137.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-137-25.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: fd8c794bb43e5220596bc1c5d50f865268cd2655c86f0d3175875d7e1c3afcc6

Request headers

Referer: https://www.unrefugees.org/css/index.css?v=4
Origin: https://www.unrefugees.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:47 GMT
last-modified: Wed, 17 May 2017 10:53:35 GMT
accept-ranges: bytes
etag: "bc6dfed4fbced21:0"
content-length: 4328
content-type: application/x-font-woff2

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 49ms
7ms Stylesheet
text/css 2a02:26f0:ef::5c7b:c24c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=hrp3szy&ht=tk&f=139.140.171.173.174.175.176.15701.15703.15705.15708&a=1630018&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c24c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:47 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 l
use.typekit.net/af/925423/00000000000000003b9b038f/27/ 19 KB
20 KB 42ms
16ms Font
application/font-woff2 2a02:26f0:fb::5f65:58d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/925423/00000000000000003b9b038f/27/l?subset_id=2&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb::5f65:58d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7c707b4d486575fcdf35497e30073fd70f0a9ea072e4ca1ca724da7fbab22a9b

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://www.unrefugees.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:47 GMT
server: nginx
etag: "af967ea1356382090341795946181a15b4b5bcf0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19900

GET
H2 200 l
use.typekit.net/af/219c30/00000000000000003b9b0389/27/ 19 KB
19 KB 47ms
22ms Font
application/font-woff2 2a02:26f0:fb::5f65:58d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/219c30/00000000000000003b9b0389/27/l?subset_id=2&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb::5f65:58d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 50bfd91bb65762023b74efba030d3212fef8f6261707ba8edb9e4b28d13bb5ed

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://www.unrefugees.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:47 GMT
server: nginx
etag: "7c243ed5f8437a6687e49316f96967fcfd3feb05"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19160

GET
H2 200 l
use.typekit.net/af/180254/00000000000000000001522c/27/ 45 KB
46 KB 32ms
9ms Font
application/font-woff2 2a02:26f0:fb::5f65:58d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/180254/00000000000000000001522c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb::5f65:58d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 38c9c1413e17c7a5ee87095bdb4cad0da069451ee937cb801c8f37f2c734644f

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://www.unrefugees.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:47 GMT
server: nginx
etag: "d8f0e75543cc417069e2148d573e1b3687264d73"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46404

GET
H2 200 l
use.typekit.net/af/220823/000000000000000000015231/27/ 45 KB
45 KB 30ms
8ms Font
application/font-woff2 2a02:26f0:fb::5f65:58d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/220823/000000000000000000015231/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb::5f65:58d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 73ef385046533349dbdb6264bfdb814819b44a3a7ddeedf7611db7d55f567c7c

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://www.unrefugees.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:47 GMT
server: nginx
etag: "25d9000ed11ad93413dd9fab416a1870c8ae46cd"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46076

GET
H2 200 l
use.typekit.net/af/8e11d4/00000000000000003b9b038c/27/ 19 KB
19 KB 34ms
15ms Font
application/font-woff2 2a02:26f0:fb::5f65:58d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8e11d4/00000000000000003b9b038c/27/l?subset_id=2&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb::5f65:58d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 62c0466b6e78094d8bb9b9fb50f13f3eb39e3be88dce7663ecfbcabde18b64bc

Request headers

Referer: https://use.typekit.net/hrp3szy.css
Origin: https://www.unrefugees.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:47 GMT
server: nginx
etag: "50fb462bb968fa8996b7f205254cfa92e534ea41"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19600

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ 361 KB
143 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.unrefugees.org/
Origin: https://www.unrefugees.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 19:14:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145570
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 19:14:06 GMT

GET
H/1.1 200
OK tv2track.php
collector-3219.tvsquared.com/ 42 B
276 B 108ms
107ms Image
image/gif 18.117.52.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-3219.tvsquared.com/tv2track.php?action_name=Aid%20to%20Refugees%20%26%20Displaced%20People%20Worldwide%20%7C%20USA%20for%20UNHCR&idsite=TV-63728109-1&rec=1&r=625771&h=21&m=20&s=48&url=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email&_id=86c67eb74071bcec&_idts=1648243248&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=312
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.117.52.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-117-52-137.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:20:47 GMT
Server: nginx
Connection: keep-alive
Request-Id: 177adbf7-964b-4b80-95b9-92dc6f2e69e5
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Content-Length: 42
Content-Type: image/gif

POST
H2 200 events Show response
lyibja.unrefugees.org/ 0
164 B 156ms
156ms XHR
text/plain 52.25.243.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lyibja.unrefugees.org/events

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/363860773806760?v=2.9.57&r=stable

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.25.243.35 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-243-35.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.unrefugees.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.unrefugees.org
date: Fri, 25 Mar 2022 21:20:47 GMT
access-control-allow-credentials: true
vary: origin
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 6169 18 KB
7 KB 226ms
205ms Document
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.unrefugees.org&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc42ff463696a4a680d072c60cbf71e8f55629816e76a497fc4f9ec2d8ae0607

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hBDwcPFgSvCJm4D+KOYN1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-hBDwcPFgSvCJm4D+KOYN1Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Fri, 25 Mar 2022 21:20:47 GMT
date: Fri, 25 Mar 2022 21:20:47 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
content-security-policy: script-src 'report-sample' 'nonce-hBDwcPFgSvCJm4D+KOYN1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-hBDwcPFgSvCJm4D+KOYN1Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 6DF7 0
18 B 17ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.unrefugees.org
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.unrefugees.org
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Fri, 25 Mar 2022 21:20:47 GMT

GET
H2 204 0
bat.bing.com/action/ 0
176 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5612726&tm=gtm002&Ver=2&mid=40d8918a-eb4e-4e3c-8e9b-a61e253e1f8a&sid=709dbf50ac8111ecb7045dfab59432c9&vid=709dd9f0ac8111ecae798536f758b8bc&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Aid%20to%20Refugees%20%26%20Displaced%20People%20Worldwide%20%7C%20USA%20for%20UNHCR&kw=Impact,Shelter,Water,Health,Livelihoods,Cash%20Assistance,innovation,Education,Resettlement,Refugees%20in%20America&p=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email&r=&lt=2022&evt=pageLoad&msclkid=N&sv=1&rn=800531

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DD2F52F8F63A4B8CBC27F6F0CFFDA07F Ref B: FRAEDGE1308 Ref C: 2022-03-25T21:20:47Z
date: Fri, 25 Mar 2022 21:20:47 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

beacon
r.turn.com/r/
Redirect Chain

https://20668909p.rfihub.com/ca.gif?rb=9587&ca=20668909&ra=125866
https://r.turn.com/r/beacon?b2=2ktLc5k8nNM07yj6GA-Hrn8gtUS_nFcwtDx5qaA26AoeU_Oup029YVIprkeGvqSpoIUReErvK66MTKJfORKOtg&cid=

43 B
398 B

185ms
27ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=2ktLc5k8nNM07yj6GA-Hrn8gtUS_nFcwtDx5qaA26AoeU_Oup029YVIprkeGvqSpoIUReErvK66MTKJfORKOtg&cid=
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:47 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

Location: https://r.turn.com/r/beacon?b2=2ktLc5k8nNM07yj6GA-Hrn8gtUS_nFcwtDx5qaA26AoeU_Oup029YVIprkeGvqSpoIUReErvK66MTKJfORKOtg&cid=
Date: Fri, 25 Mar 2022 21:20:47 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 73ms
9ms Script
application/x-javascript 2600:9000:224a:e000:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: mail.aws.org
URL: https://mail.aws.org/e3t/Ctc/LY+113/cX2Gf04/MVzkqkz5YRxW59CywN2Z92mJW2v98dD4H4vZ_N67vcn93lLB3V1-WJV7CgBlVW4p-NSN3HT3T2W2hM7Zh60BnzyW3BtPcV2-sW0BW4y4gGW5xT5DkW9hcNdQ65RXCHW3TT1PP8B-_pJW1_BNGp6XJNvGW6KDjK877FhlzW3cgnfN23BML0W8czyl86TKC4yW2P8f-k71NGnfW90wpnp2F_MhJW8qVvMM93s9SyW5r8L__3Hx4YDW2hTW_j3D6cHpW75Plth46wYPmW6dbxcS6FzKfhVG1FWB5sSMYxN1PwYZ3PyzvyW1mwqpK6JHBs93f3D1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:e000:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 20:59:06 GMT
content-encoding: gzip
last-modified: Fri, 25 Mar 2022 20:58:56 GMT
server: Jetty(9.3.29.v20201019)
age: 1301
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: DUS51-P1
content-type: application/x-javascript
content-length: 6162
x-amz-cf-id: QmiJmiJJediEbfvIlRbTHVcfyhuN9AFuYPnluHNYM_pF9v6HQIPwYw==
expires: Fri, 25 Mar 2022 21:59:06 GMT

GET
H2 200 fa5b33ed7c80.js Show response
w.usabilla.com/ Frame C665 37 KB
11 KB 91ms
29ms Script
text/javascript 52.48.18.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/fa5b33ed7c80.js?lv=1
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.18.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-18-21.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7592e16ad89136d51b941a7fd1b7bc293530ae784fa2d33eaa0f80de66baa599

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:47 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "15048d0ff19206fa62d38e0ed1deb98e"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 11224

GET
H/1.1 200
OK ca.html Show response
20826429p.rfihub.com/ Frame CC29 3 KB
4 KB 104ms
21ms Document
text/html 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email&pf=&ra=26956974929537725
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: adf57ae2b3a776b7717315394bc0667e36e9885a7a6600f190c04505dbeb9147

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/

Response headers

Date: Fri, 25 Mar 2022 21:20:47 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 3007
Server: Jetty(9.3.29.v20201019)

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame CC29
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyMTU0MTI4NTAxOQ==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEDksEp-tDHREikeLxTzG7hw&google_cver=1

42 B
1 KB

59ms
16ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEDksEp-tDHREikeLxTzG7hw&google_cver=1
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:20:47 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEDksEp-tDHREikeLxTzG7hw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame CC29
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5124322321541285019
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5124322321541285019

43 B
1 KB

30ms
29ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5124322321541285019

Requested by

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 21:20:47 GMT
X-Proxy-Origin: 217.64.151.32; 217.64.151.32; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 13d0e2b3-e002-4335-9a21-c0d2df184cac
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 21:20:47 GMT
X-Proxy-Origin: 217.64.151.32; 217.64.151.32; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3ff7b98a-33a5-4762-92cc-f096d8b45634
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5124322321541285019
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame CC29
Redirect Chain

https://stags.bluekai.com/site/4722?id=5124322321541285019&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

42 B
1 KB

16ms
16ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:20:48 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
Date: Fri, 25 Mar 2022 21:20:48 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame CC29 0
239 B 38ms
9ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5124322321541285019&
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame CC29
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5124322321541285019&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322321541285019&redir=

42 B
945 B

33ms
33ms

Image
image/gif

52.16.70.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322321541285019&redir=

Requested by

Protocol

HTTP/1.1

Server

52.16.70.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-70-86.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-094682b17.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 3YYIa6k2TNg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v030-0b3cdc53e.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: bZG9yCKERPI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322321541285019&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame CC29
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5124322321541285019&bid=omt9pi0

0
344 B

43ms
7ms

Image
text/plain

3.120.214.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5124322321541285019&bid=omt9pi0
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Server: 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:20:48 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5124322321541285019&bid=omt9pi0
Date: Fri, 25 Mar 2022 21:20:47 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame CC29 45 B
614 B 265ms
207ms Image
image/gif 23.58.216.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5124322321541285019

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.58.216.132 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-58-216-132.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 25 Mar 2022 21:20:48 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Fri, 25 Mar 2022 21:20:48 GMT

GET
H2 200 serving
bs.serving-sys.com/ Frame CC29 0
105 B 27ms
8ms Image
text/plain 52.28.87.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.87.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-87-55.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:47 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame CC29
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322321541285019&referrer=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%...
https://p.rfihub.com/cm?pub=39342&in=0&userid=6c10a393-2029-4419-afde-f0241e09b856%3A1648243247.99&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D6c10a393-2029-4419-afde-f0241e09b856...
https://idsync.rlcdn.com/501709.gif?partner_uid=6c10a393-2029-4419-afde-f0241e09b856%3A1648243247.99
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECVuDjm41kZ_xDMtVguDzz4&google_cver=1

42 B
300 B

15ms
15ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESECVuDjm41kZ_xDMtVguDzz4&google_cver=1
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Mar 2022 21:20:48 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESECVuDjm41kZ_xDMtVguDzz4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame CC29 43 B
109 B 378ms
140ms Image
image/gif 23.21.225.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5124322321541285019
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.225.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-225-74.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:48 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CC29
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322321541285019&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322321541285019&forward=&C=1

43 B
1006 B

53ms
53ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322321541285019&forward=&C=1
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 21:20:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 25 Mar 2022 21:20:48 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Mar 2022 21:20:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322321541285019&forward=&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Expires: Fri, 25 Mar 2022 21:20:47 GMT

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame CC29 42 B
415 B 31ms
16ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5124322321541285019
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Mar 2022 21:20:47 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame CC29 43 B
191 B 194ms
150ms Image
image/gif 104.92.72.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5124322321541285019

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.92.72.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-72-137.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:48 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 25 Mar 2022 21:20:48 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame CC29
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322321541285019&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322321541285019&img=1&__user_check__=1&sync_id=708247bd-ac81-11ec-8d7c-180e33a50406

43 B
548 B

15ms
15ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322321541285019&img=1&__user_check__=1&sync_id=708247bd-ac81-11ec-8d7c-180e33a50406
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:20:48 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 90
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 25 Mar 2022 21:20:47 GMT
Server: nginx
Location: /partner?adv_id=7180&uid=5124322321541285019&img=1&__user_check__=1&sync_id=708247bd-ac81-11ec-8d7c-180e33a50406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 59
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame CC29 43 B
183 B 305ms
92ms Image
image/gif 2600:1f18:612b:4264:35be:ace0:b22e:18d9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5124322321541285019&r=iByIxA5916CO
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:35be:ace0:b22e:18d9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:48 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame CC29 43 B
238 B 29ms
6ms Image
image/gif 3.127.157.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5124322321541285019
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.157.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-157-8.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:48 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame CC29 0
338 B 106ms
30ms Image
text/plain 52.50.214.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5124322321541285019
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 21:20:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1648243248
x-served-by: beacon-n004-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame CC29
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322321541285019&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322321541285019&expires=30

43 B
495 B

8ms
8ms

Image
image/gif

3.122.93.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322321541285019&expires=30
Protocol: HTTP/1.1
Server: 3.122.93.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-93-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:20:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322321541285019&expires=30
Date: Fri, 25 Mar 2022 21:20:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame CC29
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Yj4yMAADkDxwcgA-
https://p.rfihub.com/cm?in=1&pub=21653&userid=Yj4yMAADkDxwcgA-&_test=Yj4yMAADkDxwcgA-

42 B
1 KB

16ms
16ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=Yj4yMAADkDxwcgA-&_test=Yj4yMAADkDxwcgA-
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20826429p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 21:20:48 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:48 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1648243248.189268,VS0,VE0
x-served-by: cache-hhn4059-HHN
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=Yj4yMAADkDxwcgA-&_test=Yj4yMAADkDxwcgA-
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 6169 2 KB
2 KB 19ms
18ms Other
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: mail.aws.org
URL: https://mail.aws.org/e3t/Ctc/LY+113/cX2Gf04/MVzkqkz5YRxW59CywN2Z92mJW2v98dD4H4vZ_N67vcn93lLB3V1-WJV7CgBlVW4p-NSN3HT3T2W2hM7Zh60BnzyW3BtPcV2-sW0BW4y4gGW5xT5DkW9hcNdQ65RXCHW3TT1PP8B-_pJW1_BNGp6XJNvGW6KDjK877FhlzW3cgnfN23BML0W8czyl86TKC4yW2P8f-k71NGnfW90wpnp2F_MhJW8qVvMM93s9SyW5r8L__3Hx4YDW2hTW_j3D6cHpW75Plth46wYPmW6dbxcS6FzKfhVG1FWB5sSMYxN1PwYZ3PyzvyW1mwqpK6JHBs93f3D1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.unrefugees.org&mid=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 25 Mar 2022 21:20:47 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/am=DQAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AM... Frame 6169 147 KB
51 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/am=DQAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriQZjM8zN9_ZY2zJ_TD9f3ShTw0Gw/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.unrefugees.org&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83f037593b175cf1617a915a6614e9480b3c711a0aba16b8eebff2cbcd143ffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 16:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52674
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 01:24:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 16:19:49 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.bpW... Frame 6169 76 KB
28 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.bpWcYBnF1t8.L.B1.O/am=DQAC/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjgMvGw09b1sBLFSYPoyySGW87-5w/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/am=DQAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriQZjM8zN9_ZY2zJ_TD9f3ShTw0Gw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425146cbb961fa261ef127b2f5eec54150ea1831d108c63241b08c6c1a7309cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 16:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28422
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 01:24:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 16:19:49 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 6169 49 KB
20 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.bpWcYBnF1t8.L.B1.O/am=DQAC/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjgMvGw09b1sBLFSYPoyySGW87-5w/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6357
date: Fri, 25 Mar 2022 19:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 25 Mar 2022 21:34:50 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 6169 1 MB
346 KB 83ms
83ms XHR
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/am=DQAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriQZjM8zN9_ZY2zJ_TD9f3ShTw0Gw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

865e2877083ff21771d67f04d2fac20f9fb2ce5bd8c2af5a0b355ef526058a61

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-79Ic0TxoAjtmPh9LxVk1+w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-79Ic0TxoAjtmPh9LxVk1+w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
date: Fri, 25 Mar 2022 21:20:47 GMT
x-frame-options: DENY
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
content-security-policy: script-src 'report-sample' 'nonce-79Ic0TxoAjtmPh9LxVk1+w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-79Ic0TxoAjtmPh9LxVk1+w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Fri, 25 Mar 2022 21:20:47 GMT

POST
H3 200 log Show response
play.google.com/ Frame 6169 131 B
155 B 35ms
20ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/am=DQAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriQZjM8zN9_ZY2zJ_TD9f3ShTw0Gw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 25 Mar 2022 21:20:48 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 25 Mar 2022 21:20:48 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 39ms
16ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 25 Mar 2022 21:20:48 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Mar 2022 21:20:48 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 6169 131 B
155 B 34ms
19ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/am=DQAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriQZjM8zN9_ZY2zJ_TD9f3ShTw0Gw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 25 Mar 2022 21:20:48 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 25 Mar 2022 21:20:48 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 30ms
16ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 25 Mar 2022 21:20:48 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Mar 2022 21:20:48 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 6169 131 B
155 B 38ms
22ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/am=DQAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriQZjM8zN9_ZY2zJ_TD9f3ShTw0Gw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 25 Mar 2022 21:20:48 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 25 Mar 2022 21:20:48 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 22ms
16ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 25 Mar 2022 21:20:48 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Mar 2022 21:20:48 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 6169 131 B
155 B 32ms
18ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/am=DQAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriQZjM8zN9_ZY2zJ_TD9f3ShTw0Gw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 25 Mar 2022 21:20:48 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 25 Mar 2022 21:20:48 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 16ms
15ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 25 Mar 2022 21:20:48 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Mar 2022 21:20:48 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 6169 131 B
155 B 26ms
17ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/am=DQAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriQZjM8zN9_ZY2zJ_TD9f3ShTw0Gw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 25 Mar 2022 21:20:48 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 25 Mar 2022 21:20:48 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 16ms
16ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 25 Mar 2022 21:20:48 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Mar 2022 21:20:48 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 6169 131 B
155 B 21ms
20ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/am=DQAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriQZjM8zN9_ZY2zJ_TD9f3ShTw0Gw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 25 Mar 2022 21:20:48 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 25 Mar 2022 21:20:48 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 15ms
15ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 25 Mar 2022 21:20:48 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Mar 2022 21:20:48 GMT
cache-control: private

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.bpW... Frame 6169 18 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.bpWcYBnF1t8.L.B1.O/am=DQAC/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjgMvGw09b1sBLFSYPoyySGW87-5w/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/am=DQAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriQZjM8zN9_ZY2zJ_TD9f3ShTw0Gw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98774b047055fc42ba02c038d568140e9c142198d0598b794943d03c035fb4ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 16:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7448
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 01:24:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 16:19:49 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.bpW... Frame 6169 37 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.bpWcYBnF1t8.L.B1.O/am=DQAC/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjgMvGw09b1sBLFSYPoyySGW87-5w/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/am=DQAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriQZjM8zN9_ZY2zJ_TD9f3ShTw0Gw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d41a4acede5f8c1930e232f1e3cc7bfc4f9930f335727bbf068ea28d4ecad293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 16:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14125
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 01:24:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 16:19:49 GMT

GET
H2 200 nr-1215.min.js Show response
js-agent.newrelic.com/ 36 KB
14 KB 32ms
6ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1215.min.js
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: mrZZlI3m.d3cabi4HqLBBkr4pQ2c77UF
content-encoding: gzip
etag: "615035bb6557b191e767e19087efabaf"
x-amz-request-id: Y9GRR8Q7A1PHX2VM
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13666
x-amz-id-2: US+2OqxNM2RqgtjdVbadJ2ytJYIPCOcmHuTQgRZVylpmS5Xj7S83tYfq7mmkuUkSpoqHfzfs4oI=
x-served-by: cache-hhn4039-HHN
last-modified: Mon, 24 Jan 2022 22:13:53 GMT
server: AmazonS3
x-timer: S1648243248.055559,VS0,VE0
date: Fri, 25 Mar 2022 21:20:48 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 13745

GET
H/1.1 200
OK unhcr-button-ca8fba580979f02c2694fa49ed8ef52a.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame F266 2 KB
2 KB 25ms
8ms Image
image/png 99.86.1.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d6tizftlrpuof.cloudfront.net/themes/production/unhcr-button-ca8fba580979f02c2694fa49ed8ef52a.png
Requested by: Host: www.unrefugees.org
URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-140.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90b232dae4b3477832ee21493d7558ace8cf6e9b8bc97f9c552f301da013f1da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 01:35:11 GMT
Via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 05 Feb 2019 19:50:28 GMT
Server: AmazonS3
Age: 10525538
ETag: "ca8fba580979f02c2694fa49ed8ef52a"
X-Cache: Hit from cloudfront
x-amz-version-id: .SrcatzoiMfoqGSBwRAbfAVYaagZkb9i
Cache-Control: max-age=315360000, no-transform, public
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1768
X-Amz-Cf-Id: QptYBX-ZaqMVcNTFAX4DyYay0_vF5at7DTD0jWX4axTmyAZzEFKD4w==

POST
H3 200 log Show response
play.google.com/ Frame 6169 131 B
155 B 16ms
16ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ndXGp1yekMY.es5.O/am=DQAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriQZjM8zN9_ZY2zJ_TD9f3ShTw0Gw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 25 Mar 2022 21:20:48 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 25 Mar 2022 21:20:48 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=211412282&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Aid%20to%20Refugees%20%26%20Displaced%20People%20Worldwide%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fwhat-we-do%2F&el=25%25&_u=aGDACEABBAAAAG~&jid=1016941256&gjid=1182957497&cid=244993884.1648243247&tid=UA-3754388-9&_gid=524638166.1648243247&_r=1&gtm=2wg3e0XT4L&z=1295845018

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unrefugees.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=211412282&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Aid%20to%20Refugees%20%26%20Displaced%20People%20Worldwide%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fwhat-we-do%2F&el=50%25&_u=aGDACEABBAAAAG~&jid=&gjid=&cid=244993884.1648243247&tid=UA-3754388-9&_gid=524638166.1648243247&gtm=2wg3e0XT4L&z=654918407

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 05:16:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57846
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=211412282&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Aid%20to%20Refugees%20%26%20Displaced%20People%20Worldwide%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fwhat-we-do%2F&el=75%25&_u=aGDACEABBAAAAG~&jid=&gjid=&cid=244993884.1648243247&tid=UA-3754388-9&_gid=524638166.1648243247&gtm=2wg3e0XT4L&z=1678620199

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 05:16:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57846
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=211412282&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.unrefugees.org%2Fwhat-we-do%2F%3Futm_medium%3Demail%26_hsmi%3D208018178%26_hsenc%3Dp2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g%26utm_content%3D208018178%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Aid%20to%20Refugees%20%26%20Displaced%20People%20Worldwide%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fwhat-we-do%2F&el=100%25&_u=aGDACEABBAAAAG~&jid=&gjid=&cid=244993884.1648243247&tid=UA-3754388-9&_gid=524638166.1648243247&gtm=2wg3e0XT4L&z=2113331575

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 05:16:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57846
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 44ms
23ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3754388-9&cid=244993884.1648243247&jid=1016941256&gjid=1182957497&_gid=524638166.1648243247&_u=aGDACEABBAAAAG~&z=1349728596

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unrefugees.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 25 Mar 2022 21:20:48 GMT
content-type: text/plain
access-control-allow-origin: https://www.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 logger Show response
www.sandbox.paypal.com/xoplatform/logger/api/ 815 B
1001 B 151ms
150ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandbox.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXR8B71wtnEZHnlsTiphl1IRoxz4ZCoV5P4_FBhZeyaRBbGZXlD1_VE1c9hd2asTUQGyWBo7nyZo-_Mi&vault=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9a4fb6ac90bdf2613718046495c2d75ce382bed9840d6b0188a2143c81650739

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.unrefugees.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

date: Fri, 25 Mar 2022 21:20:48 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: 8a9c366579bed
server-timing: content-encoding;desc=br
content-encoding: br
x-served-by: cache-fra19135-FRA, cache-hhn4075-HHN
x-timer: S1648243248.309448,VS0,VE144
etag: W/"32f-bRGyNSqsHl9NLwlgi/z6OXrKFF4"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.unrefugees.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.sandbox.paypal.com/xoplatform/logger/api/ Frame 0
0 187ms
148ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandbox.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.unrefugees.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.unrefugees.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: 5ef2ee08e927e
x-content-type-options: nosniff
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Fri, 25 Mar 2022 21:20:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-fra19130-FRA, cache-hhn4075-HHN
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1648243248.160450,VS0,VE141
vary: accept-encoding
server-timing: content-encoding;desc=br

GET
H/1.1 200
OK cf888b8b66 Show response
bam.nr-data.net/1/ 57 B
322 B 432ms
107ms Script
text/javascript 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/cf888b8b66?a=357730915&v=1215.1253ab8&to=ZFNSZUsADUJYWxFRC10ZfWd6TjFUV1wASilFVXNeVxURXlVUAEpLfllURFUEM1BeXQ%3D%3D&rst=2509&ck=1&ref=https://www.unrefugees.org/what-we-do/&ap=7&be=1096&fe=2411&dc=2022&perf=%7B%22timing%22:%7B%22of%22:1648243246151,%22n%22:0,%22f%22:181,%22dn%22:182,%22dne%22:446,%22c%22:446,%22s%22:604,%22ce%22:763,%22rq%22:763,%22rp%22:1075,%22rpe%22:1075,%22dl%22:1078,%22di%22:2022,%22ds%22:2022,%22de%22:2022,%22dc%22:2410,%22l%22:2410,%22le%22:2430%7D,%22navigation%22:%7B%7D%7D&fp=1644&fcp=1644&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1215.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 34ms
33ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3754388-9&cid=244993884.1648243247&jid=1016941256&_u=aGDACEABBAAAAG~&z=832937806

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 49ms
31ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3754388-9&cid=244993884.1648243247&jid=1016941256&_u=aGDACEABBAAAAG~&z=832937806

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.unrefugees.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 21:20:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mail.aws.org/	1969-12-31 23:59:59	Name: __cfruid Value: bd9189dae610d530c762d402ae75a791a68c6ea9-1648243245
.unrefugees.org/	1970-01-20 04:00:19	Name: _gcl_au Value: 1.1.1047526703.1648243247
.google.com/	1970-01-20 06:14:14	Name: NID Value: 511=TYjgDMFVdU6cn_wmpvl3kIATwMV7Ep09lNrTBS1RigcMsKHINZapdTrywic012J7hDalf_A5m0u5oltq0_WSAZFXILw-Iq1drI5xnO4biAvZo7dZoMOEfyE-Q5eKiYm-tqvP7IDR3CHcAtSNeD76pJYkTwfGBdJ3yzLOEWjZw18
.unrefugees.org/	1970-01-20 19:21:55	Name: _ga Value: GA1.2.244993884.1648243247
.unrefugees.org/	1970-01-20 01:52:09	Name: _gid Value: GA1.2.524638166.1648243247
.unrefugees.org/	1970-01-20 01:50:43	Name: _dc_gtm_UA-1473340-18 Value: 1
.unrefugees.org/	1970-01-20 01:50:43	Name: _dc_gtm_UA-3754388-9 Value: 1
.bing.com/	1970-01-20 11:12:19	Name: MUID Value: 1D475E0DFAF169111CD04F7FFB236832
.unrefugees.org/	1970-01-20 04:00:19	Name: _fbp Value: fb.1.1648243247595.1666509156
.quantserve.com/	1970-01-20 11:20:57	Name: mc Value: 623e322f-0e397-18cba-98c50
.unrefugees.org/	1970-01-20 11:15:12	Name: __qca Value: P0-1980152330-1648243247555
.facebook.com/	1970-01-20 04:00:19	Name: fr Value: 0c7QrX02yCHDM2c6Z..BiPjIv...1.0.BiPjIv.
.yahoo.com/	1970-01-20 10:36:40	Name: A3 Value: d=AQABBC8yPmICEAWq2Xdhhc9hcU1rc3bjQ0UFEgEBAQGDP2JIYgAAAAAA_eMAAA&S=AQAAAlBUc16-MLCwaJlzwoUD3Iw
www.unrefugees.org/	1970-01-20 02:00:48	Name: AWSALB Value: a4I7/FfAk6giw765X0GICLG89wH/pd5aXkFn/NHDPAMcnUGvmFstnw6Dxc7NqB90KuXmsKMUmhd3XnTHnVWPTFD6Yzo0RAAPsCgAGFfqoT+a9PEaKau5Dk6J0N5o
www.unrefugees.org/	1970-01-20 02:00:48	Name: AWSALBCORS Value: a4I7/FfAk6giw765X0GICLG89wH/pd5aXkFn/NHDPAMcnUGvmFstnw6Dxc7NqB90KuXmsKMUmhd3XnTHnVWPTFD6Yzo0RAAPsCgAGFfqoT+a9PEaKau5Dk6J0N5o
www.unrefugees.org/	1970-01-20 19:21:55	Name: _tq_id.TV-63728109-1.cc0b Value: 86c67eb74071bcec.1648243248.0.1648243248..
.unrefugees.org/	1970-01-20 01:52:09	Name: _uetsid Value: 709dbf50ac8111ecb7045dfab59432c9
.unrefugees.org/	1970-01-20 11:12:19	Name: _uetvid Value: 709dd9f0ac8111ecae798536f758b8bc
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MjE2MjI2MjQ1MTSyMDUwtBTiM9RNNTP0Sw7P8khKtnQHAL7i71wlAAAA
.rfihub.com/	1970-01-20 11:12:19	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MjE2MjI2MjQ1MTSyMDUwtBTiM9RNNTP0Sw7P8khKtnSX4jU0M7EAKTMxtzA2BQCue6fQNAAAAA
.doubleclick.net/	1970-01-20 11:12:19	Name: IDE Value: AHWqTUlyisTVfZ2GzL_-r4m7-8GYwQXOOF_mVw-vzrQ9C2NRk3iqxPi1x9RPaRT3Nz0
.adnxs.com/	1970-01-20 04:00:19	Name: uuid2 Value: 5010081869265160299
.adnxs.com/	1970-01-20 04:00:19	Name: anj Value: dTM7k!M4/YErk#WF']wIg2E?le8km_!]tbPl1MNu::wpAk`W=me:[2Tk_?Jme9hXFjE3J2D2_=5)E7[N!_6-zQEVk`!+Or7>bPMv
.demdex.net/	1970-01-20 06:09:55	Name: demdex Value: 16625379707880258432297104662677492386
.casalemedia.com/	1970-01-20 10:36:19	Name: CMID Value: Yj4yL7DX8yJkvAdDSpwX2gAA
.casalemedia.com/	1970-01-20 04:00:19	Name: CMPS Value: 5203
.spotxchange.com/	1970-01-20 10:36:23	Name: audience Value: 70824782-ac81-11ec-8d7c-180e33a50406
.turn.com/	1970-01-20 06:09:55	Name: uid Value: 7511194246216858807
.dpm.demdex.net/	1970-01-20 06:09:55	Name: dpm Value: 16625379707880258432297104662677492386
.rezync.com/	1970-01-20 06:09:30	Name: zync-uuid Value: 6c10a393-2029-4419-afde-f0241e09b856:1648243247.99
live.rezync.com/	1970-01-20 06:09:55	Name: sd-session-id Value: .eJwVikELgjAYQP9KfGcP7tNBCR2CTS9tO6QEXqRsxNRZuAml-N9bh3d4j7dC89aTvY169JD5adYRtIMJ5iBbwZnF6h4yoATTBDFBQlOCexqTA2wROO2ceY2Nefzv3T2c0oqPKPiiSuFFd_qqSxxLxun5mtu6qHwdmmT5INhgFKtQdRwle4YmAu2syv4I2_YDl5Ywkg.FR_Drw.XFo2yBmgm4BP4wn6ZcLlSIp5zPI
.eyeota.net/	1970-01-20 01:50:43	Name: SERVERID Value: 16594~DM
.unrefugees.org/	1970-01-20 01:50:43	Name: _gat_UA-3754388-9 Value: 1
.casalemedia.com/	1970-01-20 04:00:19	Name: CMPRO Value: 1131
.casalemedia.com/	1970-01-20 10:36:19	Name: CMRUM3 Value: 39623e323027605124322321541285019
.casalemedia.com/	1970-01-20 01:52:09	Name: CMST Value: Yj4yMGI+MjAA
.media.net/	1970-01-20 10:36:19	Name: visitor-id Value: 2912448488886495000V10
.media.net/	1970-01-20 10:34:52	Name: data-rk Value: 5124322321541285019~~3
.rlcdn.com/	1970-01-20 10:36:19	Name: rlas3 Value: rtRs+jJe8+oLhIc7ppbLnceoLGqm/G9QxsWqvkaodsI=
.rlcdn.com/	1970-01-20 03:17:07	Name: pxrc Value: CLDk+JEGEgYIuuoBEAA=
.krxd.net/	1970-01-20 06:09:55	Name: _kuid_ Value: OvUW2nlq
.everesttech.net/	1970-01-20 10:36:19	Name: everest_g_v2 Value: g_surferid~Yj4yMAADkDxwcgA-
.rfihub.com/	1970-01-20 11:12:19	Name: eud Value: H4sIAAAAAAAAAFPiVIl38o4PDfV0yeI1NDOxMDIxNjKxMDQ2n8WI4JtbGFuuQuOfQuO_QuP_QuNPYkLlz0LjL0Ljr0Ljb0Lj70JXz4LKv4XMt7S0WMQqEJllUunr6OiS7VJRnpzuqLuKFcnLRgaGm1jRrOBG8xIaf5KwkVmyoUGisaWxrpGBkaWuiYmhpW5iWkqqbpqBkYlhqoFlkoWpmRVCk56l5Sxh5HA2NFskjGroIzQ-APwlEL2iAQAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA12dckudi3QLXHxCHLNzE71qQipcjfPKFfiVIl38o4PDfV0WcUoEJllUunr6OiS7VJRnpzuqNvEYmSWbGiQaGxprGtkYGSpa2JiaKmbmJaSqptmYGRimGpgmWRhamZlaGZiYWRibGRirmdpCQC_-3hCcQAAAA
.bidswitch.net/	1970-01-20 10:36:19	Name: tuuid Value: 2362b1cb-fea1-4eb6-85e3-d8e52ae5eae0
.bidswitch.net/	1970-01-20 10:36:19	Name: c Value: 1648243248
.bidswitch.net/	1970-01-20 10:36:19	Name: tuuid_lu Value: 1648243248
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 4885b0d810f2e0f4

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-XT4L(Line 82) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://www.unrefugees.org/what-we-do/?utm_medium=email&_hsmi=208018178&_hsenc=p2ANqtz-8wOuCzk9_j7JoUlEUiimIGD4G0XX3daOkeG8cC6ihIHVsaN-8HixZKcJNjD_fXakFOTqNMV4r-lIeM5KfzrIk9BGIn6g&utm_content=208018178&utm_source=hs_email Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.unrefugees.org/media/3525/global-operations-1.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.unrefugees.org/media/3641/fatima-1200-x-800.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.unrefugees.org/media/1721/rf294876-310x234.jpg Message: Failed to load resource: the server responded with a status of 403 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20668909p.rfihub.com
20826429p.rfihub.com
4647326.fls.doubleclick.net
a.rfihub.com
aa.agkn.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
bam.nr-data.net
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cdn.plyr.io
cdn.unrefugees.org
cm.g.doubleclick.net
code.jquery.com
collector-3219.tvsquared.com
connect.facebook.net
contextual.media.net
d6tizftlrpuof.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
js-agent.newrelic.com
live.rezync.com
lyibja.unrefugees.org
mail.aws.org
p.rfihub.com
p.typekit.net
partners.tremorhub.com
pay.google.com
pixel.quantserve.com
pixel.rubiconproject.com
play.google.com
ps.eyeota.net
r.turn.com
rules.quantcount.com
s.yimg.com
secure.quantserve.com
sp.analytics.yahoo.com
stags.bluekai.com
static-na.payments-amazon.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
use.typekit.net
w.usabilla.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.sandbox.paypal.com
www.tp88trk.com
www.unrefugees.org
x.bidswitch.net
x.dlx.addthis.com
104.102.29.65
104.111.215.191
104.92.72.137
142.250.185.162
142.250.185.198
142.250.186.98
142.250.74.198
143.204.215.125
151.101.129.21
151.101.130.137
151.101.194.49
162.247.242.18
18.117.52.137
185.94.180.125
193.0.160.128
2001:4de0:ac18::1:a:1a
2001:678:cb4:bbbb::11
212.82.100.181
23.21.225.74
23.58.216.132
2600:1f18:612b:4264:35be:ace0:b22e:18d9
2600:9000:206f:ec00:6:44e3:f8c0:93a1
2600:9000:224a:e000:1:76cf:fe80:93a1
2606:2c40::c73c:67fe
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200e
2a00:1450:4001:813::2004
2a00:1450:4001:813::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2003
2a00:1450:400c:c0c::5c
2a00:1450:400c:c0c::9d
2a02:26f0:ef::5c7b:c24c
2a02:26f0:fb::5f65:58d1
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3121::7
3.120.214.218
3.122.93.90
3.127.157.8
35.190.72.228
35.244.174.68
35.84.137.25
37.252.172.249
52.16.70.86
52.25.243.35
52.28.87.55
52.48.18.21
52.50.214.249
65.9.66.102
65.9.66.36
69.173.144.138
99.86.1.140
00359d552170386e0f9dc362a2a48ad8da908f6263810b28eb26348073b70bee
025f4eb9f744f69387d3c3746fc60e837a03584a75faad7cd95394241b3aead4
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
071355f4435370e5758f3fcea64401473248bfa22350b2b95787fca4a8ab29ea
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb
1baf8403360cce258aa53fa39d3aa5534e341b261d01d9d0ff478fbfdf064599
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
261954db02879766d35b60612cf6c9c5f60f2cbbc506d2ac14cce439ccf67187
2dd3fdd35beacdce141bfbe29edb817db20833502427305415836fbd9c5c5880
33c7329cbd27d72df5a13bf571efbb53657869b5613df3e7f073a4ee18029b1e
38c9c1413e17c7a5ee87095bdb4cad0da069451ee937cb801c8f37f2c734644f
3baa9bbd8f76b4ab1e29bf6003fcf56a9530e85c83352c282f693ffd0b9da136
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
4164c7009b6c6e05cd484d0aa537f0b94fc7403ab9fbef31fb483dadc438ff60
425146cbb961fa261ef127b2f5eec54150ea1831d108c63241b08c6c1a7309cc
44e44602ef4acc66bd91940b153712c9c37227945b9955b12aef81983d88891b
465ecd3c27cf42a3309af6bda6e2b8c4b9cb7a78788908904e0d6761a2c3102a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d309da2d949bae921ce9aed5bdf4a3a573ad19b65d68b0a26019099942134b6
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50bfd91bb65762023b74efba030d3212fef8f6261707ba8edb9e4b28d13bb5ed
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
568f1168afc63d175a5a251db2c0877edb30b5df9be4b21bae592827eb8c10b4
58b08bd1e0da9fda9f8edcf3bdb323e6dd8bfe339ac152b6e8e2e9ae975a8e26
58b1c5188f3f612e010e0c548763600ff7391f70ca402bba5c1e64b56f410b70
5bd6bc8c8f876e7e15996f5cf5151eb9d107fb5d248c5dadef2bf8b09a2e8102
62c0466b6e78094d8bb9b9fb50f13f3eb39e3be88dce7663ecfbcabde18b64bc
6bfbae61daf6218548d35bd824d5299e6f0517f156050c302ddd83fa0e8abdc8
6e999e3af5a4c58ac36f37d566a9c23f9ff35d83a0240c66bf9deab84012fa47
6f86d34e8ff9486968ff9f90ea4450dca672c5508c5a355b3772074d4d8a2507
705538a8cb2510fe61e0ff7b3876229f6d1ad9df93e9cfb2ffc542a7adc10b53
73ef385046533349dbdb6264bfdb814819b44a3a7ddeedf7611db7d55f567c7c
7592e16ad89136d51b941a7fd1b7bc293530ae784fa2d33eaa0f80de66baa599
7a551822b4d117a269978cb16cfa3e43d4c4e9adf023965876f251a435544e16
7c707b4d486575fcdf35497e30073fd70f0a9ea072e4ca1ca724da7fbab22a9b
7cb56da908e94235a698c35dac8162e57993bfceefba669afddc29bd866b97f8
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
81f701abbdb3dcd7318338357add41af96a3b776549dc928c4703cf1cf9f2ffe
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f037593b175cf1617a915a6614e9480b3c711a0aba16b8eebff2cbcd143ffe
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8608c7129a24079dd332403d0aef583dcefdf0bfc02914d626a6559a3ac049ad
865e2877083ff21771d67f04d2fac20f9fb2ce5bd8c2af5a0b355ef526058a61
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
90b232dae4b3477832ee21493d7558ace8cf6e9b8bc97f9c552f301da013f1da
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
98774b047055fc42ba02c038d568140e9c142198d0598b794943d03c035fb4ae
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a4fb6ac90bdf2613718046495c2d75ce382bed9840d6b0188a2143c81650739
a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a736fe6962afb8ee314e4013af5f4e4048e25ac3378528abe5408b62a2a95ebb
abb49f99cde4315e7ad50087b6a1888b1d6e0db45625f351904fac2b1879ecf7
adf57ae2b3a776b7717315394bc0667e36e9885a7a6600f190c04505dbeb9147
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba53ecfcecf61b004dd8d7bde6fcaef65c5d630bad678e83c62ef3b3c420657d
bc5555998c1458ba0e52e3b204a3342fbac8779cd284b51f05ce0f39d4b53d0e
c54008cfaffe2e6442ed8bfedc1c3511572980a7af2796ff3a76fedd5d4d1fba
cc41b89e82e346d38089fb2b430ff6c1864aa655f0c5003abc35d45d8b7bb1f0
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d41a4acede5f8c1930e232f1e3cc7bfc4f9930f335727bbf068ea28d4ecad293
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dc42ff463696a4a680d072c60cbf71e8f55629816e76a497fc4f9ec2d8ae0607
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5314135872288e41088c916aefd471ba5956d9776f8635cd5cffe5c664e92eb
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e75598ce87e63a50d9bed385cf067f9a37d958b483170d32fed8ff63fda68252
e9027cbc9f2efbff37e09740f41c16a1ffd89eae8f1555f6a5955d3198d9c31d
e9a096ea993d41984504d287daa350470a8d4127016369c337d4b593f7268883
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f69a52c7043a0979301bf04beaea88b76095b2ad6561dc6671b2a18b58da4bef
f8620d6eea70ad195b90369774b44511ce96f24ce903506343968a74505472fc
fafa5e96a085e14c9b1233042d2c28cc18c8388cf6f5ae84b3841a3ae5282f9f
fb8857525b8c9120b619a094944cbee61a68878dbf190645f68aa2a837784f97
fd8c794bb43e5220596bc1c5d50f865268cd2655c86f0d3175875d7e1c3afcc6

www.unrefugees.org Open in urlscan Pro 35.84.137.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

135 Requests

79 %HTTPS

43 %IPv6

49 Domains

66 Subdomains

55 IPs

7 Countries

2664 kBTransfer

5760 kBSize

48 Cookies

8 Outgoing links

Page URL History

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.unrefugees.org Open in urlscan Pro
35.84.137.25 Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

79 %
HTTPS

43 %
IPv6

49
Domains

66
Subdomains

55
IPs

7
Countries

2664 kB
Transfer

5760 kB
Size

48
Cookies

135 HTTP transactions
0 data transactions