give.unrefugees.org Open in urlscan Pro
52.43.199.126 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.e.unrefugees.org/?qs=dd1046c36d91544aa8ca517883bff4e029bea6a16b964ae0e0b99a1b0011c223dbdb654a93522437c758eb2bd362...
Effective URL:
https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_ca...
Submission: On December 21 via manual (December 21st 2020, 8:02:02 pm UTC) from US

Summary HTTP 115 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 46 IPs in 8 countries across 37 domains to perform 115 HTTP transactions. The main IP is 52.43.199.126, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is give.unrefugees.org.
TLS certificate: Issued by Amazon on September 9th 2020. Valid for: a year.

This is the only time give.unrefugees.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	195.138.255.17 195.138.255.17	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
13	52.43.199.126 52.43.199.126	16509 (AMAZON-02) (AMAZON-02)
6	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a04:4e42:1b:... 2a04:4e42:1b::442	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
5	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400c:c08::5c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2013	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:eb:... 2a02:26f0:eb:3af::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	18.190.88.249 18.190.88.249	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
2 2	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
3	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3031::681f:52d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:820::2014	15169 (GOOGLE) (GOOGLE)
1	104.111.224.160 104.111.224.160	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	216.58.208.38 216.58.208.38	15169 (GOOGLE) (GOOGLE)
1	2.16.177.35 2.16.177.35	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
2	35.190.72.228 35.190.72.228	15169 (GOOGLE) (GOOGLE)
1 5	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	46.228.164.11 46.228.164.11	56396 (TURN) (TURN)
1	2600:9000:220... 2600:9000:2204:ae00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1	108.128.85.176 108.128.85.176	16509 (AMAZON-02) (AMAZON-02)
1	162.247.242.21 162.247.242.21	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
1	65.9.70.139 65.9.70.139	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3034::681f:53d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
115	46

1 195.138.255.17 (Germany) 1 redirects

ASN201011 (NETZBETRIEB-GMBH, DE)

click.e.unrefugees.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.43.199.126 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-199-126.us-west-2.compute.amazonaws.com

give.unrefugees.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00::210:ba0a (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 91.235.132.130 (Netherlands)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::442 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2d4d35386f5134324f59454d3746304d5f2d6259.geotargetly.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2d4d353871566b4850442d4b666c455363313742.geotargetly.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)

g4952108375.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:eb:3af::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f34.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.190.88.249 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-190-88-249.us-east-2.compute.amazonaws.com

collector-3219.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.228.123 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::681f:52d7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.logrocket.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

geotargetly-1a441.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.224.160 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-160.deploy.static.akamaitechnologies.com

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.208.38 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f38.1e100.net

4647326.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.177.35 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-177-35.deploy.static.akamaitechnologies.com

storage.cloud.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.72.228 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 228.72.190.35.bc.googleusercontent.com

www.tp88trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.0.160.128 (Netherlands) 1 redirects

ASN54312 (ROCKETFUEL, US)

20669309p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
20826429p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
20826430p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom)

ASN56396 (TURN, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:ae00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.85.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-85-176.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.21 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (Netherlands)

ASN30286 (THM, US)

zrtzph91jjfglng3y2zxl4fof74r2qn3gyaueuclb2fbfad7e8220b85am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.70.139 (Seattle, United States)

ASN16509 (AMAZON-02, US)

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::681f:53d7 (United States)

ASN13335 (CLOUDFLARENET, US)

r.logrocket.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	online-metrix.net h.online-metrix.net zrtzph91jjfglng3y2zxl4fof74r2qn3gyaueuclb2fbfad7e8220b85am1.e.aa.online-metrix.net	54 KB
14	unrefugees.org 1 redirects click.e.unrefugees.org give.unrefugees.org	906 KB
9	google.com 1 redirects www.google.com pay.google.com adservice.google.com	32 KB
8	doubleclick.net 3 redirects ad.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net 4647326.fls.doubleclick.net	5 KB
8	google-analytics.com www.google-analytics.com	58 KB
8	paypal.com www.paypal.com t.paypal.com	89 KB
7	typekit.net use.typekit.net p.typekit.net	150 KB
5	rfihub.com 1 redirects 20669309p.rfihub.com a.rfihub.com 20826429p.rfihub.com 20826430p.rfihub.com	1 KB
4	google.de adservice.google.de www.google.de	1 KB
2	nr-data.net bam.nr-data.net	461 B
2	tp88trk.com www.tp88trk.com	17 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	appspot.com geotargetly-1a441.appspot.com	403 B
2	logrocket.io cdn.logrocket.io r.logrocket.io	115 KB
2	paypalobjects.com www.paypalobjects.com	18 KB
2	yahoo.com sp.analytics.yahoo.com	2 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	145 KB
2	facebook.com www.facebook.com	485 B
2	yimg.com s.yimg.com	7 KB
2	tvsquared.com collector-3219.tvsquared.com	9 KB
2	facebook.net connect.facebook.net	93 KB
2	bing.com bat.bing.com	9 KB
2	g4952108375.co g4952108375.co	712 B
2	geotargetly.co 2d4d35386f5134324f59454d3746304d5f2d6259.geotargetly.co 2d4d353871566b4850442d4b666c455363313742.geotargetly.co	829 B
1	cloudfront.net d6tizftlrpuof.cloudfront.net	2 KB
1	usabilla.com w.usabilla.com	11 KB
1	newrelic.com js-agent.newrelic.com	11 KB
1	quantcount.com rules.quantcount.com	1 KB
1	turn.com r.turn.com	407 B
1	kargo.com storage.cloud.kargo.com
1	rfihub.net c1.rfihub.net	7 KB
1	googleapis.com fonts.googleapis.com	960 B
1	googleadservices.com www.googleadservices.com	13 KB
1	googletagmanager.com www.googletagmanager.com	64 KB
1	plyr.io cdn.plyr.io	31 KB
1	jquery.com code.jquery.com	30 KB
0	Failed function sub() { [native code] }. Failed
115	37

	Domain	Requested by
13	h.online-metrix.net	give.unrefugees.org h.online-metrix.net
13	give.unrefugees.org	give.unrefugees.org
8	www.google-analytics.com	give.unrefugees.org www.google-analytics.com
6	www.google.com	give.unrefugees.org www.gstatic.com
6	use.typekit.net	give.unrefugees.org use.typekit.net
5	www.paypal.com	give.unrefugees.org www.paypal.com
3	t.paypal.com	give.unrefugees.org
3	www.google.de	give.unrefugees.org
3	stats.g.doubleclick.net	www.google-analytics.com give.unrefugees.org
2	bam.nr-data.net	js-agent.newrelic.com give.unrefugees.org
2	20826429p.rfihub.com	c1.rfihub.net
2	www.tp88trk.com	www.googletagmanager.com give.unrefugees.org
2	4647326.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	geotargetly-1a441.appspot.com	give.unrefugees.org
2	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
2	sp.analytics.yahoo.com	s.yimg.com
2	www.facebook.com	give.unrefugees.org connect.facebook.net
2	ad.doubleclick.net	2 redirects
2	s.yimg.com	give.unrefugees.org s.yimg.com
2	collector-3219.tvsquared.com	give.unrefugees.org
2	connect.facebook.net	give.unrefugees.org connect.facebook.net
2	bat.bing.com	www.googletagmanager.com give.unrefugees.org
2	g4952108375.co	give.unrefugees.org
2	pay.google.com	give.unrefugees.org pay.google.com
1	r.logrocket.io	cdn.logrocket.io
1	d6tizftlrpuof.cloudfront.net	give.unrefugees.org
1	zrtzph91jjfglng3y2zxl4fof74r2qn3gyaueuclb2fbfad7e8220b85am1.e.aa.online-metrix.net
1	w.usabilla.com	give.unrefugees.org
1	js-agent.newrelic.com	give.unrefugees.org
1	pixel.quantserve.com	give.unrefugees.org
1	20826430p.rfihub.com	c1.rfihub.net
1	rules.quantcount.com	secure.quantserve.com
1	a.rfihub.com	c1.rfihub.net
1	r.turn.com	give.unrefugees.org
1	20669309p.rfihub.com	1 redirects
1	secure.quantserve.com	give.unrefugees.org
1	storage.cloud.kargo.com	www.googletagmanager.com
1	c1.rfihub.net	give.unrefugees.org
1	cdn.logrocket.io	give.unrefugees.org
1	www.gstatic.com	www.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	give.unrefugees.org
1	googleads.g.doubleclick.net	www.googleadservices.com
1	adservice.google.de	give.unrefugees.org
1	adservice.google.com	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	p.typekit.net	use.typekit.net
1	2d4d353871566b4850442d4b666c455363313742.geotargetly.co	give.unrefugees.org
1	2d4d35386f5134324f59454d3746304d5f2d6259.geotargetly.co	give.unrefugees.org
1	www.googletagmanager.com	give.unrefugees.org
1	cdn.plyr.io	give.unrefugees.org
1	code.jquery.com	give.unrefugees.org
1	click.e.unrefugees.org	1 redirects
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	h.online-metrix.net
115	54

This site contains links to these domains. Also see Links.

Domain
www.unrefugees.org

Subject Issuer	Validity	Valid
*.unrefugees.org Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2020-02-20` - `2021-02-19`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
v.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-12-08` - `2021-04-25`	5 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-03-10` - `2022-03-15`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.geotargetly.co Sectigo RSA Domain Validation Secure Server CA	`2020-03-02` - `2021-03-02`	a year	crt.sh
g4952108375.co GTS CA 1D2	`2020-11-23` - `2021-02-21`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2020-10-27` - `2021-04-27`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.tvsquared.com Amazon	`2020-10-16` - `2021-11-14`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-11-15` - `2020-12-29`	a month	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-08-01` - `2021-01-28`	6 months	crt.sh
t.paypal.com DigiCert SHA2 High Assurance Server CA	`2020-07-15` - `2022-07-20`	2 years	crt.sh
logrocket.io Cloudflare Inc ECC CA-3	`2020-07-02` - `2021-07-02`	a year	crt.sh
*.appspot.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.rfihub.net DigiCert SHA2 Secure Server CA	`2020-04-01` - `2021-07-01`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
kargo.com Let's Encrypt Authority X3	`2020-10-19` - `2021-01-17`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
tp88trk.com Go Daddy Secure Certificate Authority - G2	`2020-04-03` - `2021-03-18`	a year	crt.sh
*.turn.com DigiCert SHA2 Secure Server CA	`2020-03-18` - `2021-04-19`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-12-17` - `2021-05-07`	5 months	crt.sh
w.usabilla.com Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.e.aa.online-metrix.net Go Daddy Secure Certificate Authority - G2	`2019-09-13` - `2021-09-13`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Frame ID: 76240594E4073D33BCE372EFFA64F16E
Requests: 89 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html?frameId=1ba5d1fe-4fbf-4c39-b6ac-960688e1f229&propertyId=ZXYADENKNJPZE-1&flow=visitor-info&variant=analytics&mrid=ZXYADENKNJPZE&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
Frame ID: 21418988F37431DF6B29D9D13B2BFAD7
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=normal&cb=4vzja9vlnfz7
Frame ID: 38CCA4C17FB3227C8D692F6E97C4F96E
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgive.unrefugees.org&mid=
Frame ID: E0ED0C93589C690763A62BAB25BAAF19
Requests: 1 HTTP requests in this frame

Frame: https://4647326.fls.doubleclick.net/activityi;dc_pre=CLT2wuvu3-0CFcKkdwodSrEHAw;src=4647326;type=unrefcms;cat=donfvis;ord=9839853803849;gtm=2wgbu0;auiddc=736624279.1608580904;u3=undefined;u2=undefined;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4
Frame ID: 612F5C1277E217C9622BB1F6F892D6E1
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=checkout&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJJYldSQklUTzZlRzN3eUtpV2w1VGcwM3M4bXR5MmN0MXk1aksyMjFaS3lKdXpRcnZCRVhXcTA5MTZtcEg5MWZaR1hseEZZMDlfUjE2ZW8mdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtc2RrLWludGVncmF0aW9uLXNvdXJjZSI6ImJ1dHRvbi1mYWN0b3J5IiwiZGF0YS11aWQiOiI5NDQ4NmM0MDBmX21qYTZtZGU2bmRxIn19&clientID=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&storageID=127796cf36_mja6mde6ndu&sessionID=7631ca5a48_mja6mde6ndu&buttonSessionID=4687a27d67_mja6mde6ndu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7ImZsZXgiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZX19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ==&platform=desktop&flow=purchase&currency=USD&intent=capture&commit=true&vault=true
Frame ID: 5412F335ECA0842DE1CB19888061650E
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 06B3E70EE02A4BD381968AB089C7A7D9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&cb=czvu036kbe2l
Frame ID: 5E7A2312611DAD79EC36F763869235AA
Requests: 1 HTTP requests in this frame

Frame: https://20826429p.rfihub.com/ca.html?rfiidc=1871878965518132247&rfiaid=0e651420d59a4095b9cda628195ba0cb&ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4&pf=&ra=49503791582371526
Frame ID: 6C24292295B52AE98993D5002B34E00E
Requests: 1 HTTP requests in this frame

Frame: https://20826429p.rfihub.com/ca.html?rfiidc=1871878965518132247&rfiaid=0e651420d59a4095b9cda628195ba0cb&ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4&pf=&ra=2010006840515759
Frame ID: 17739552C7D2F13C8A63294F412B1202
Requests: 1 HTTP requests in this frame

Frame: https://20826430p.rfihub.com/ca.html?rfiidc=1871878965518132247&rfiaid=0e651420d59a4095b9cda628195ba0cb&ver=9&rb=9587&ca=20826430&_o=9587&_t=20826430&pe=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4&pf=&ra=24875181278933578
Frame ID: 2FC490FD8E8C8FB24BC338C766F4EEC1
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/check.js;CIS3SID=7BD251FFC28B9A362BDAB59F1658EF57?org_id=zrtzph91&session_id=e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69&nonce=b2fbfad7e8220b85&jb=33372e24687b6f77354c6b6e75782e68736f3d44696e777a2e6a71603f4b68726f6d672532323833
Frame ID: CB7CBA0FBD17417F6407C43146A29EA8
Requests: 11 HTTP requests in this frame

Frame: https://w.usabilla.com/fa5b33ed7c80.js?lv=1
Frame ID: D24BF32633576A56642A8D8512244E11
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=7BD251FFC28B9A362BDAB59F1658EF57?org_id=zrtzph91&session_id=e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69&nonce=b2fbfad7e8220b85
Frame ID: E780471F29BE4A4B92AF94FECF0BD427
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=7BD251FFC28B9A362BDAB59F1658EF57?org_id=zrtzph91&session_id=e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69&nonce=b2fbfad7e8220b85
Frame ID: 4FEDC6781EC2C1D097AAF1C8C37345D6
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/top_fp.html;CIS3SID=7BD251FFC28B9A362BDAB59F1658EF57?org_id=zrtzph91&session_id=e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69&nonce=b2fbfad7e8220b85
Frame ID: FF7DC17AA1CA1BB77EF6A3FD5106EBDD
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/unhcr-button-ca8fba580979f02c2694fa49ed8ef52a.png
Frame ID: D077729E5A59B1154FE28EDE23CB2088
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://click.e.unrefugees.org/?qs=dd1046c36d91544aa8ca517883bff4e029bea6a16b964ae0e0b99a1b0011c223dbdb654a... HTTP 302
https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_sour... Page URL

Page Statistics

115
Requests

98 %
HTTPS

54 %
IPv6

37
Domains

54
Subdomains

46
IPs

8
Countries

1888 kB
Transfer

4551 kB
Size

31
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.unrefugees.org/privacy-policy/?SF_monthly=7011K000001GFIQQA4&SF_onetime=7011K000001GFILQA4
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.unrefugees.org/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.e.unrefugees.org/?qs=dd1046c36d91544aa8ca517883bff4e029bea6a16b964ae0e0b99a1b0011c223dbdb654a93522437c758eb2bd36211e3b6d3d82f4597447a HTTP 302
https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://ad.doubleclick.net/ddm/activity/src=4269937;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=4269937;dc_pre=CMyHl-vu3-0CFaNN5QodfFsFEQ;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/p/src=4269937;dc_pre=CMyHl-vu3-0CFaNN5QodfFsFEQ;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://give.unrefugees.org/180101yem_mainpg_d_3000%3Futm_cid%3D0031K00002xPoBbQAK%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4 HTTP 302
https://adservice.google.de/ddm/fls/p/src=4269937;dc_pre=CMyHl-vu3-0CFaNN5QodfFsFEQ;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://give.unrefugees.org/180101yem_mainpg_d_3000%3Futm_cid%3D0031K00002xPoBbQAK%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4

Request Chain 68

https://4647326.fls.doubleclick.net/activityi;src=4647326;type=unrefcms;cat=donfvis;ord=9839853803849;gtm=2wgbu0;auiddc=736624279.1608580904;u3=undefined;u2=undefined;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4 HTTP 302
https://4647326.fls.doubleclick.net/activityi;dc_pre=CLT2wuvu3-0CFcKkdwodSrEHAw;src=4647326;type=unrefcms;cat=donfvis;ord=9839853803849;gtm=2wgbu0;auiddc=736624279.1608580904;u3=undefined;u2=undefined;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4

Request Chain 74

https://20669309p.rfihub.com/ca.gif?rb=9587&ca=20669309&ra=44337420 HTTP 302
https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=

115 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 180101yem_mainpg_d_3000 Show response
give.unrefugees.org/
Redirect Chain

http://click.e.unrefugees.org/?qs=dd1046c36d91544aa8ca517883bff4e029bea6a16b964ae0e0b99a1b0011c223dbdb654a93522437c758eb2bd36211e3b6d3d82f4597447a
https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K...

41 KB
15 KB

693ms
330ms

Document
text/html

52.43.199.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.199.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-199-126.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: d71a8d890ddfbbf290c1be937cb958c38d855e7957cccee6e736d0c09f55b4fd

Request headers

:method: GET
:authority: give.unrefugees.org
:scheme: https
:path: /180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:43 GMT
content-type: text/html; charset=utf-8
content-length: 14966
cache-control: private
content-encoding: gzip
vary: Accept-Encoding

Redirect headers

Content-Type: text/html; charset=utf-8
Location: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
X-Cnection: close
Content-Length: 381
Expires: Mon, 21 Dec 2020 20:01:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 21 Dec 2020 20:01:43 GMT
Connection: keep-alive

GET
H2 200 index.css
give.unrefugees.org/css/ 119 KB
28 KB 179ms
178ms Stylesheet
text/css 52.43.199.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://give.unrefugees.org/css/index.css?v=3
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.199.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-199-126.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6f3a1b80ceca50d3628484547fdd9ca2587fe9bf6901d5ab8e66db040a6db5dd

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 16:42:08 GMT
etag: "4826bc43b7b6d61:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 28107

GET
H2 200 plyr.css
give.unrefugees.org/css/ 24 KB
4 KB 178ms
177ms Stylesheet
text/css 52.43.199.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://give.unrefugees.org/css/plyr.css
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.199.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-199-126.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 465ecd3c27cf42a3309af6bda6e2b8c4b9cb7a78788908904e0d6761a2c3102a

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
content-encoding: gzip
last-modified: Sat, 23 Feb 2019 20:10:20 GMT
etag: "09e7cdb3cbd41:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4215

GET
H2 200 hrp3szy.css
use.typekit.net/ 7 KB
1 KB 36ms
21ms Stylesheet
text/css 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/hrp3szy.css

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

998c90643c3191a22d8591472dde7e11d84ee6b8269c048689d7331199255761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Mon, 21 Dec 2020 20:01:44 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 1025

GET
H2 200 nudge_arrow.png
give.unrefugees.org/img/ 1 KB
1 KB 333ms
328ms Image
image/png 52.43.199.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/img/nudge_arrow.png
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.199.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-199-126.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 394e68bb96ac874b1a9f9b39286a16349ab781c8513ce632ce5c7ba8bb2ba0ab

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
cache-control: no-cache
last-modified: Fri, 09 Aug 2019 12:38:58 GMT
accept-ranges: bytes
etag: "553cf969af4ed51:0"
content-length: 1102
content-type: image/png

GET
H2 200 lock-secure-donation.png
give.unrefugees.org/img/ 8 KB
8 KB 333ms
329ms Image
image/png 52.43.199.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/img/lock-secure-donation.png
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.199.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-199-126.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 9b9c0898e129c8c18b79f176435c368cecfe30a903797c9feba7a82ee19902bd

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
last-modified: Mon, 12 Feb 2018 15:30:31 GMT
accept-ranges: bytes
etag: "8085af6a16a4d31:0"
content-length: 8196
content-type: image/png

GET
H2 200 susan-khadija-yemen-rf2171607x530.jpg
give.unrefugees.org/media/1167/ 76 KB
77 KB 334ms
329ms Image
image/jpeg 52.43.199.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/media/1167/susan-khadija-yemen-rf2171607x530.jpg
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.199.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-199-126.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e1591d926da917c936c1eb42a26a383abbaa276b22d3a0720b0c39bebc35304b

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
cache-control: no-cache
last-modified: Fri, 02 Nov 2018 18:55:49 GMT
accept-ranges: bytes
etag: "5db8f3abdd72d41:0"
content-length: 78125
content-type: image/jpeg

GET
H2 200 bbb-logo-173x87.png
give.unrefugees.org/media/1017/ 33 KB
33 KB 334ms
330ms Image
image/png 52.43.199.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/media/1017/bbb-logo-173x87.png
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.199.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-199-126.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 97880bcd7fcc199a008ea736ab008f7f92e9cf6c0addc2afb6c92b3e70d9c9a5

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
last-modified: Wed, 28 Mar 2018 18:24:27 GMT
accept-ranges: bytes
etag: "a937c21c2c6d31:0"
content-length: 33886
content-type: image/png

GET
H2 200 guide-star-platinum.png
give.unrefugees.org/media/1005/ 16 KB
16 KB 333ms
329ms Image
image/png 52.43.199.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/media/1005/guide-star-platinum.png
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.199.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-199-126.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 53b492f729960ead9c5779dc772534e0f00e2dcdbd1687a0d236af95417549b5

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
cache-control: no-cache
last-modified: Tue, 05 Dec 2017 18:17:59 GMT
accept-ranges: bytes
etag: "af9bd561f56dd31:0"
content-length: 16468
content-type: image/png

GET
H2 200 unhcr-visibility-horizontal-white-cmyk-v2016.svg
give.unrefugees.org/img/ 12 KB
12 KB 334ms
330ms Image
image/svg+xml 52.43.199.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/img/unhcr-visibility-horizontal-white-cmyk-v2016.svg
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.199.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-199-126.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6bfbae61daf6218548d35bd824d5299e6f0517f156050c302ddd83fa0e8abdc8

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
last-modified: Tue, 31 Oct 2017 17:19:23 GMT
accept-ranges: bytes
etag: "7170a3656c52d31:0"
content-length: 12265
content-type: image/svg+xml

GET
H/1.1 200
OK tags.js Show response
h.online-metrix.net/fp/ 49 KB
11 KB 59ms
20ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/tags.js?org_id=zrtzph91&session_id=e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69&pageid=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , Netherlands, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

97993aa9ca937320240fc80e668cbe593f3e2bdd0a4d4315a4c956eb2bf79252

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Dec 2020 20:01:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 36ms
17ms Script
application/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Origin: https://give.unrefugees.org
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
etag: W/"5cca0c33-15851"
vary: Accept-Encoding
x-hw: 1608580904.dop225.fr8.t,1608580904.cds248.fr8.hn,1608580904.cds261.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H2 200 plyr.js Show response
cdn.plyr.io/3.5.2/ 111 KB
31 KB 31ms
6ms Script
application/javascript 2a04:4e42:1b::442
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.5.2/plyr.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::442 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 15a1830c90abb4904b1d860e4bc53d25702cba2b9678e701bca6e8784814493c

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
content-encoding: gzip
age: 374983
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
content-length: 31050
x-amz-id-2: wceNBtxVBL8vZ3T+lwtz85OP2laRcgYaQonteJdiTaLjgYAq6PaWkEgIAFBJLV9VTF0I/z0kZPw=
x-served-by: cache-dca17766-DCA, cache-hhn4074-HHN
last-modified: Sun, 24 Feb 2019 01:08:29 GMT
server: AmazonS3
x-timer: S1608580904.154461,VS0,VE0
etag: "26d009457000af80d7306229fc132b15"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-request-id: 35264F4C2C75693B
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 2, 62

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
971 B 41ms
17ms Script
text/javascript 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c04cbfe21e23ceb866fae28e981a17dfe9ce6cb178943dda6f11a495255ec137

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Mon, 21 Dec 2020 20:01:44 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 265 KB
81 KB 68ms
38ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

df09534fa9a45e90d4a3e29493748382f2e6285f3441a6804ff9af3cc0b03833

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-F0r5LO+xkB8+rsof/ivuV/YGHiEQZVcGoujK2uLXJtg1blQd' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-F0r5LO+xkB8+rsof/ivuV/YGHiEQZVcGoujK2uLXJtg1blQd' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-F0r5LO+xkB8+rsof/ivuV/YGHiEQZVcGoujK2uLXJtg1blQd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-F0r5LO+xkB8+rsof/ivuV/YGHiEQZVcGoujK2uLXJtg1blQd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 8360
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
p3p: true
paypal-debug-id: cd4228bb1e8bb
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 82084
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7341-LHR, cache-fra19175-FRA
x-timer: S1608580904.166493,VS0,VE25
x-frame-options: SAMEORIGIN
date: Mon, 21 Dec 2020 20:01:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 21 Dec 2020 23:42:24 GMT
cache-control: max-age=10800
etag: W/"140a4-6Si9KXHgNiewRFfDn7+JJK6cyfE"
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 project.min.js Show response
give.unrefugees.org/scripts/lib/ 827 KB
694 KB 335ms
330ms Script
application/javascript 52.43.199.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://give.unrefugees.org/scripts/lib/project.min.js?v=5
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.199.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-199-126.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b84cd5b64dfba393aec4f7780b796ebd4cd17d740a7574ab7810e99d4a008c95

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 15:06:33 GMT
accept-ranges: bytes
etag: "cad5cb3486d4d61:0"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 89 KB
29 KB 97ms
66ms Script
application/javascript 2a00:1450:400c:c08::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f6f69584059083fba62a46775f9873390655429d2a18c065c4d8f34725b07d43

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Kjf48ogr2HouKpSdZHQPRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-Kjf48ogr2HouKpSdZHQPRA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private, max-age=600
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-Kjf48ogr2HouKpSdZHQPRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-Kjf48ogr2HouKpSdZHQPRA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 21 Dec 2020 20:01:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 244 KB
64 KB 60ms
36ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-XT4L

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82056263c7f1e2c4d64350d95f77857d6c8bc38ac413fc8751ccbda46f3639aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65361
x-xss-protection: 0
last-modified: Mon, 21 Dec 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Dec 2020 20:01:44 GMT

GET
H2 200 georedirect Show response
2d4d35386f5134324f59454d3746304d5f2d6259.geotargetly.co/ 352 B
414 B 188ms
132ms Script
application/javascript 2a00:1450:4001:825::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://2d4d35386f5134324f59454d3746304d5f2d6259.geotargetly.co/georedirect?refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: / Express
Resource Hash: cd35b04e067afec5e040e57ec3f7ad6205113daefe5d74dcdd63201c49d97c66

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
content-encoding: gzip
etag: W/"160-5am0YbjT3Wvjo/GLHLdXXvs8GcU"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 google
x-cloud-trace-context: 55618a8a8dc844cb8fc1b8a18e3267cb/33709155068742709;o=0
cache-control: private, no-cache, no-store, must-revalidate

GET
H2 200 georedirect Show response
2d4d353871566b4850442d4b666c455363313742.geotargetly.co/ 352 B
415 B 231ms
170ms Script
application/javascript 2a00:1450:4001:825::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://2d4d353871566b4850442d4b666c455363313742.geotargetly.co/georedirect?refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: / Express
Resource Hash: 2cfde1ee3862c59d7ce29514647e454d570968cbc5d2ffad631ebe45852f98ec

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
content-encoding: gzip
etag: W/"160-LUKLVp9dbshI0QIhrEI1NOY0kE8"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 google
x-cloud-trace-context: 8f7eaeeaa68f63d4445ddbec32807c32/5068623563631372746;o=0
cache-control: private, no-cache, no-store, must-revalidate

GET
H2 200 gr Show response
g4952108375.co/ 352 B
415 B 167ms
130ms Script
application/javascript 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g4952108375.co/gr?id=-MA6ZLt2hDnHRA5JdBpo&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: / Express
Resource Hash: 6f3aaa8e304edd2630593f30aad12e59e04d17612cc4e3cf85a20000336d43e7

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
content-encoding: gzip
etag: W/"160-0LeN4RMc92hFP0Sp9jfjcuy4lcg"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 google
x-cloud-trace-context: 06274011b8b286466019ddff98400da0/4953611659959383476;o=0
cache-control: private, no-cache, no-store, must-revalidate

GET
H2 200 gr Show response
g4952108375.co/ 352 B
297 B 143ms
131ms Script
application/javascript 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g4952108375.co/gr?id=-MA6_Wd7l3eHBqhINIhW&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: / Express
Resource Hash: ff302dfeb804e6f61ec9c639cce5d645062324307c46116fd314110c7dbb85ab

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
content-encoding: gzip
etag: W/"160-xwRoWwavjcuMwFq8IZhq2EEpYDw"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 google
x-cloud-trace-context: 83043439cd18a85e6a1dc649e027dafe/9619090472019149819;o=0
cache-control: private, no-cache, no-store, must-revalidate

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 7011
date: Mon, 21 Dec 2020 18:04:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 21 Dec 2020 20:04:53 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
149 B 20ms
6ms Stylesheet
text/css 2a02:26f0:eb:3af::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=hrp3szy&ht=tk&f=139.140.171.173.174.175.176.15701.15703.15705.15708&a=1630018&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:3af::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/hrp3szy.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
last-modified: Wed, 02 Sep 2020 04:03:39 GMT
server: nginx
etag: "5f4f199b-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5

GET
H2 200 l
use.typekit.net/af/925423/00000000000000003b9b038f/27/ 19 KB
20 KB 77ms
66ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/925423/00000000000000003b9b038f/27/l?subset_id=2&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b2691aa6e8dff80c0760181397a93de4b7da5706594bb540ab430095109a889a

Request headers

Origin: https://give.unrefugees.org
Referer: https://use.typekit.net/hrp3szy.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
server: nginx
etag: "af967ea1356382090341795946181a15b4b5bcf0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19892

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 107 KB
39 KB 52ms
38ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-M6SN8J6&cid=2005265684.1608580904

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6cf26bfcc5818a507b0c9cb63cf3fd1351b4bebdcff8f660274e1ae11af0cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39354
x-xss-protection: 0
expires: Mon, 21 Dec 2020 20:01:44 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
13 KB 96ms
16ms Script
text/javascript 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XT4L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f34.1e100.net

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 21 Dec 2020 20:01:44 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
9 KB 78ms
44ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XT4L
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: 9AB49235D15E4EF38BD0D3E9C8105738 Ref B: FRAEDGE1518 Ref C: 2020-12-21T20:01:44Z
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
24 KB 74ms
45ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23470
x-fb-rlafr: 0
pragma: public
x-fb-debug: r4ivTeeDbs5EqzGQJJUq6vXqXPq4qscJlhOgHdJuV5vBef66XPPuIG14XmkYyRF8Q4rJ8+6nfmxJbDuJqJPCPw==
x-fb-trip-id: 436667874
x-frame-options: DENY
date: Mon, 21 Dec 2020 20:01:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK tv2track.js Show response
collector-3219.tvsquared.com/ 20 KB
9 KB 446ms
106ms Script
application/javascript 18.190.88.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-3219.tvsquared.com/tv2track.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.190.88.249 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-190-88-249.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 21 Dec 2020 20:01:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Nov 2020 15:59:37 GMT
Server: nginx
ETag: "5fc12269-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Mon, 21 Dec 2020 20:11:44 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 106ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 19:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1029
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: EQ8JFGDV4N5V8S6R
x-amz-id-2: frVD/cX+JxA7gN01la3mS91TnwL9PTBf7g6/loRXKSRiRhN4BMmjNWsSt4JaP7o+4QxizY2KGBg=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 24 Sep 2020 23:08:16 GMT
server: ATS
etag: "49db10c8315384e8dad2e92a6841ed81-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 5581
content-type: application/javascript

GET
H2

200

180101yem_mainpg_d_3000%3Futm_cid%3D0031K00002xPoBbQAK%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4
adservice.google.de/ddm/fls/p/src=4269937;dc_pre=CMyHl-vu3-0CFaNN5QodfFsFEQ;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://give.unrefugee...
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=4269937;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=4269937;dc_pre=CMyHl-vu3-0CFaNN5QodfFsFEQ;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/p/src=4269937;dc_pre=CMyHl-vu3-0CFaNN5QodfFsFEQ;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://give....
https://adservice.google.de/ddm/fls/p/src=4269937;dc_pre=CMyHl-vu3-0CFaNN5QodfFsFEQ;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://give.u...

42 B
744 B

37ms
17ms

Image
image/gif

2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.de/ddm/fls/p/src=4269937;dc_pre=CMyHl-vu3-0CFaNN5QodfFsFEQ;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://give.unrefugees.org/180101yem_mainpg_d_3000%3Futm_cid%3D0031K00002xPoBbQAK%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 20:01:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Dec 2020 20:01:44 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://adservice.google.de/ddm/fls/p/src=4269937;dc_pre=CMyHl-vu3-0CFaNN5QodfFsFEQ;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://give.unrefugees.org/180101yem_mainpg_d_3000%3Futm_cid%3D0031K00002xPoBbQAK%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
449 B 43ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-3754388-9&cid=2005265684.1608580904&jid=789726723&gjid=458558861&_gid=1792135095.1608580904&_u=KGBAgEADQAAAAE~&z=1525885917

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 21 Dec 2020 20:01:44 GMT
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 37ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-1473340-18&cid=2005265684.1608580904&jid=905062719&gjid=183925151&_gid=1792135095.1608580904&_u=aGDAgEADQAAAAE~&z=1298492900

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 21 Dec 2020 20:01:44 GMT
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
211 B 6ms
6ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1736097780&t=pageview&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4&ul=en-us&de=UTF-8&dt=MATCH%3A%20Help%20Refugees%20in%20Yemen%20Today%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgEADQ~&jid=789726723&gjid=458558861&cid=2005265684.1608580904&tid=UA-3754388-9&_gid=1792135095.1608580904&z=1841511710

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:38:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84188
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 8ms
8ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1736097780&t=pageview&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4&ul=en-us&de=UTF-8&dt=MATCH%3A%20Help%20Refugees%20in%20Yemen%20Today%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQAAAAE~&jid=905062719&gjid=183925151&cid=2005265684.1608580904&tid=UA-1473340-18&_gid=1792135095.1608580904&gtm=2wgbu0XT4L&cd3=USA&z=958547345

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:38:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84188
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 363860773806760 Show response
connect.facebook.net/signals/config/ 239 KB
69 KB 74ms
74ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/363860773806760?v=2.9.31&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5511a863ba29dbeccb55daa00f266b9b4dbb130717b4e0a64ba21c749e568ff0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Hnb6h6X9gL3gzyTNctG7QSPGcAD1gowP8T1XuCLHStdzc4Igy5nzpt8F2oD1qIQI4s9i1iVc2oy1hpR33M23ig==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 21 Dec 2020 20:01:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 160640037
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957115417/ 3 KB
2 KB 37ms
18ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957115417/?random=1608580904391&cv=9&fst=1608580904391&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4&tiba=MATCH%3A%20Help%20Refugees%20in%20Yemen%20Today%20%7C%20USA%20for%20UNHCR&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8bcfd654f490e6d2ff0b3ed4d5fd6fc3032d144753a17303a44a6433f3159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 20:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1183
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10095779.json Show response
s.yimg.com/wi/config/ 2 B
494 B 182ms
120ms XHR
application/json 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10095779.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: D04A57E0FA5F84ED
x-amz-id-2: 9mATts9xZgAaHG3rt37zUbE8Ug9x8kw3RmFo2YZgwAjtNiKqSS3zIXqs8PW+I/iQYJyXpLzwGNA=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
483 B 61ms
46ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-3754388-9&cid=2005265684.1608580904&jid=789726723&_u=KGBAgEADQAAAAE~&z=1888648802

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 20:01:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 90ms
31ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-3754388-9&cid=2005265684.1608580904&jid=789726723&_u=KGBAgEADQAAAAE~&z=1888648802

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 20:01:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/957115417/ 42 B
112 B 66ms
64ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/957115417/?random=1608580904391&cv=9&fst=1608580800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&frm=0&url=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4&tiba=MATCH%3A%20Help%20Refugees%20in%20Yemen%20Today%20%7C%20USA%20for%20UNHCR&async=1&fmt=3&is_vtc=1&random=1457242392&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 20:01:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/957115417/ 42 B
552 B 24ms
22ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/957115417/?random=1608580904391&cv=9&fst=1608580800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&frm=0&url=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4&tiba=MATCH%3A%20Help%20Refugees%20in%20Yemen%20Today%20%7C%20USA%20for%20UNHCR&async=1&fmt=3&is_vtc=1&random=1457242392&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 20:01:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
960 B 37ms
16ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Kalam|Lato&display=swap

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dcb28ca0fcbf016b74f4c5ade3f0e20eb212ace3815ee62524055fd9716109c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/css/index.css?v=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Dec 2020 20:01:44 GMT
server: ESF
date: Mon, 21 Dec 2020 20:01:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Dec 2020 20:01:44 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
376 B 19ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=363860773806760&ev=PageView&dl=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D_removed_%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522utm_cid%2522%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1608580904493&sw=1600&sh=1200&v=2.9.31&r=stable&ec=0&o=30&fbp=fb.1.1608580904491.383888516&it=1608580904387&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 21 Dec 2020 20:01:44 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
5 KB 15ms
14ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=give.unrefugees.org&t=xo&v=5.0.187&source=payments_sdk&client_id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

05c6ad1e87f201974bc689f34c277c5f625291f40afbee955027bd70ffdfabd2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-47YrcZE2T35jJlZJbNJ+E02+QWbTWflEyTyhr0myhzE+KbzW' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline'; form-action 'self' https://.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-47YrcZE2T35jJlZJbNJ+E02+QWbTWflEyTyhr0myhzE+KbzW' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 71403
x-cache: HIT, HIT
paypal-debug-id: bb94322b3e7b8
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4860
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7335-LHR, cache-fra19175-FRA
x-timer: S1608580905.568338,VS0,VE2
x-frame-options: SAMEORIGIN
date: Mon, 21 Dec 2020 20:01:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
etag: W/"36fb-9vE58n2BZN6kIEOjvvQCT9xOeug"
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 YA9dr0Wd4kDdMthROCfhsCkA.woff2
fonts.gstatic.com/s/kalam/v11/ 14 KB
14 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kalam/v11/YA9dr0Wd4kDdMthROCfhsCkA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kalam|Lato&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81149e87be7f93d9e207c69b0e17dda3135e3c923263f551f5c3a79569f1fd33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://give.unrefugees.org
Referer: https://fonts.googleapis.com/css?family=Kalam|Lato&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Dec 2020 01:21:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:22:43 GMT
server: sffe
age: 326393
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14048
x-xss-protection: 0
expires: Sat, 18 Dec 2021 01:21:51 GMT

GET
H2 200 l
use.typekit.net/af/180254/00000000000000000001522c/27/ 45 KB
45 KB 11ms
11ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/180254/00000000000000000001522c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 947400cb0578d5d44becd19f25d99de0e786a8f7e251ffb284c10430c2e67865

Request headers

Origin: https://give.unrefugees.org
Referer: https://use.typekit.net/hrp3szy.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
server: nginx
etag: "d8f0e75543cc417069e2148d573e1b3687264d73"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 45996

GET
H2 200 checkmark-icon.svg
give.unrefugees.org/img/ 885 B
1 KB 223ms
222ms Image
image/svg+xml 52.43.199.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/img/checkmark-icon.svg
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.199.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-199-126.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 9a9de0aac198c9af22ea0b40f3f8abbaa3540f9a369b4b2328fec924968e16ad

Request headers

Referer: https://give.unrefugees.org/css/index.css?v=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
cache-control: no-cache
last-modified: Tue, 05 Dec 2017 14:45:18 GMT
accept-ranges: bytes
etag: "0d31babd76dd31:0"
content-length: 885
content-type: image/svg+xml

GET
H2 200 unhcr-visibility-horizontal-blue.svg
give.unrefugees.org/img/ 12 KB
12 KB 222ms
221ms Image
image/svg+xml 52.43.199.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://give.unrefugees.org/img/unhcr-visibility-horizontal-blue.svg
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.199.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-199-126.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e9027cbc9f2efbff37e09740f41c16a1ffd89eae8f1555f6a5955d3198d9c31d

Request headers

Referer: https://give.unrefugees.org/css/index.css?v=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
last-modified: Tue, 31 Oct 2017 17:19:01 GMT
accept-ranges: bytes
etag: "4aa739586c52d31:0"
content-length: 12267
content-type: image/svg+xml

GET
H2 200 l
use.typekit.net/af/8e11d4/00000000000000003b9b038c/27/ 19 KB
19 KB 30ms
29ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8e11d4/00000000000000003b9b038c/27/l?subset_id=2&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 53e973a71dbbd98dc8572115b4a939b3343f7406ea7f918bc8701cd92e890084

Request headers

Origin: https://give.unrefugees.org
Referer: https://use.typekit.net/hrp3szy.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
server: nginx
etag: "50fb462bb968fa8996b7f205254cfa92e534ea41"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19604

GET
H2 200 l
use.typekit.net/af/219c30/00000000000000003b9b0389/27/ 19 KB
19 KB 31ms
30ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/219c30/00000000000000003b9b0389/27/l?subset_id=2&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 087eea56d7a820a2a7a9c182616af459f127761730aeeff62c1ca82706ac02c8

Request headers

Origin: https://give.unrefugees.org
Referer: https://use.typekit.net/hrp3szy.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
server: nginx
etag: "7c243ed5f8437a6687e49316f96967fcfd3feb05"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19156

GET
H2 200 l
use.typekit.net/af/220823/000000000000000000015231/27/ 45 KB
45 KB 18ms
17ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/220823/000000000000000000015231/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e2324ad785ba5747059f48d4790a7783d6a85b04ca91d3312af124e1fb254136

Request headers

Origin: https://give.unrefugees.org
Referer: https://use.typekit.net/hrp3szy.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
server: nginx
etag: "25d9000ed11ad93413dd9fab416a1870c8ae46cd"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 46068

GET
H2 200 fontello.woff2
give.unrefugees.org/font/ 4 KB
4 KB 222ms
220ms Font
application/x-font-woff2 52.43.199.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://give.unrefugees.org/font/fontello.woff2?47325548
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.199.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-199-126.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: fd8c794bb43e5220596bc1c5d50f865268cd2655c86f0d3175875d7e1c3afcc6

Request headers

Origin: https://give.unrefugees.org
Referer: https://give.unrefugees.org/css/index.css?v=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:44 GMT
last-modified: Wed, 17 May 2017 10:53:35 GMT
accept-ranges: bytes
etag: "bc6dfed4fbced21:0"
content-length: 4328
content-type: application/x-font-woff2

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/ 334 KB
131 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://give.unrefugees.org
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 19:40:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1254
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133916
x-xss-protection: 0
last-modified: Sun, 06 Dec 2020 23:05:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Dec 2021 19:40:50 GMT

GET
H/1.1 200
OK sp.pl Show response
sp.analytics.yahoo.com/ 0
935 B 384ms
284ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2021%20Dec%202020%2020%3A01%3A44%20GMT&n=-1&b=MATCH%3A%20Help%20Refugees%20in%20Yemen%20Today%20%7C%20USA%20for%20UNHCR&.yp=10095779&f=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4&enc=UTF-8&tagmgr=gtm

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 21 Dec 2020 20:01:45 GMT
X-Content-Type-Options: nosniff
Age: 1
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Mon, 21 Dec 2020 20:01:45 GMT

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 66 KB
18 KB 37ms
22ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=give.unrefugees.org&t=xo&v=5.0.187&source=payments_sdk&client_id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

c9dc1e8b49eb87c548ec7d2cac255a9500e596cd06735084e70b7c74d87f1bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 20:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Oct 2020 22:15:18 GMT
etag: "5f7654f6-10830"
vary: Accept-Encoding
content-type: application/javascript
paypal-debug-id: 93e84017eab97
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=31536000
accept-ranges: bytes
dc: ccg11-origin-www-2.paypal.com
content-length: 17728
expires: Mon, 21 Dec 2020 20:01:44 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
685 B 199ms
167ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AZXYADENKNJPZE-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AZXYADENKNJPZE-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3f710125-e254-44cc-ba7e-5d8abc3fb13d&fltp=analytics&mrid=ZXYADENKNJPZE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=MATCH%3A%20Help%20Refugees%20in%20Yemen%20Today%20%7C%20USA%20for%20UNHCR&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1608580904678&g=-60&completeurl=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 20:01:44 GMT
via: 1.1 varnish, 1.1 varnish
server: akka-http/10.1.11
x-timer: S1608580905.720587,VS0,VE155
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
expires: Mon, 21 Dec 2020 20:01:44 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-lhr7338-LHR, cache-fra19151-FRA

GET
H2 200 index.html
www.paypalobjects.com/muse/analytics/ Frame 2141 0
0 7ms
7ms Document
text/html 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html?frameId=1ba5d1fe-4fbf-4c39-b6ac-960688e1f229&propertyId=ZXYADENKNJPZE-1&flow=visitor-info&variant=analytics&mrid=ZXYADENKNJPZE&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.paypalobjects.com
:scheme: https
:path: /muse/analytics/index.html?frameId=1ba5d1fe-4fbf-4c39-b6ac-960688e1f229&propertyId=ZXYADENKNJPZE-1&flow=visitor-info&variant=analytics&mrid=ZXYADENKNJPZE&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4

Response headers

accept-ranges: bytes
content-type: text/html
etag: "5f7654f5-474a4"
last-modified: Thu, 01 Oct 2020 22:15:17 GMT
paypal-debug-id: 3006e15f8e6c3
dc: ccg11-origin-www-2.paypal.com
content-encoding: gzip
content-length: 89663
expires: Mon, 21 Dec 2020 20:01:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 21 Dec 2020 20:01:44 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK tv2track.php
collector-3219.tvsquared.com/ 42 B
361 B 107ms
106ms Image
image/gif 18.190.88.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-3219.tvsquared.com/tv2track.php?action_name=MATCH%3A%20Help%20Refugees%20in%20Yemen%20Today%20%7C%20USA%20for%20UNHCR&idsite=TV-63728109-1&rec=1&r=964964&h=21&m=1&s=44&url=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4&_id=962a10396a66063a&_idts=1608580905&_idvc=0&_idn=1&_viewts=&cookie=1&res=1600x1200&gt_ms=331
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.190.88.249 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-190-88-249.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 21 Dec 2020 20:01:44 GMT
Server: nginx
Connection: keep-alive
Request-Id: 266c5f7c-bd47-4985-9493-8198db0f132c
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Content-Length: 42
Content-Type: image/gif

GET
H2 200 ts
t.paypal.com/ 42 B
182 B 178ms
178ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AZXYADENKNJPZE-1&page=muse%3Aoffer%3A%3A%3AZXYADENKNJPZE-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3f710125-e254-44cc-ba7e-5d8abc3fb13d&es=visitorInfoFlowStarted&mrid=ZXYADENKNJPZE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=MATCH%3A%20Help%20Refugees%20in%20Yemen%20Today%20%7C%20USA%20for%20UNHCR&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1608580904879&g=-60&completeurl=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 20:01:45 GMT
via: 1.1 varnish, 1.1 varnish
server: akka-http/10.1.11
x-timer: S1608580905.889952,VS0,VE159
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator: slca.slc
expires: Mon, 21 Dec 2020 20:01:44 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-lhr7373-LHR, cache-fra19151-FRA

GET
H2 200 logger.min.js Show response
cdn.logrocket.io/ 630 KB
114 KB 114ms
55ms Script
text/javascript 2606:4700:3031::681f:52d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.logrocket.io/logger.min.js

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/scripts/lib/project.min.js?v=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681f:52d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

766b847b4db351761b0f3d06427f3528149a0ea7c7b4e3731e895b4c0182b4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:45 GMT
content-encoding: br
vary: x-fh-requested-host, accept-encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 199
x-cache: HIT
cf-request-id: 07287dd057000096b6b29a4000000001
x-served-by: cache-fra19136-FRA
last-modified: Mon, 21 Dec 2020 19:53:46 GMT
server: cloudflare
x-timer: S1608580707.715007,VS0,VE1
etag: W/"a0497a0c4d41d253940d64c383fa270a6caaf35eba14289ce73eb5565596753d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31556926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q8LAgeORZUzSwVsiaxbMg7V1gD6HM0bQllN0Hlclulr4GBcMbS2OpdyLgqgh8pbYp2SH6Hlj0iYxxn%2FegURPHP2fUANf%2BvGkVu7EBwEk0VRW31s5n%2FDMSrNgOC9g"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 605432608fdb96b6-FRA
x-cache-hits: 1

GET
H2 200 geopopup Show response
geotargetly-1a441.appspot.com/ 0
319 B 175ms
155ms Script
application/javascript 2a00:1450:4001:820::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://geotargetly-1a441.appspot.com/geopopup?id=-LXPWq_CG-cVgJYLdmun&cw=1600&ch=1200
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:45 GMT
via: 1.1 google
x-powered-by: Express
content-type: application/javascript
x-cloud-trace-context: 8fc0288cacd3281a0a4bb8200df30d71/8794903930173850890;o=0
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 geopopup Show response
geotargetly-1a441.appspot.com/ 0
84 B 175ms
156ms Script
application/javascript 2a00:1450:4001:820::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://geotargetly-1a441.appspot.com/geopopup?id=-L_Ny2xXp1FWryzFl6qy&cw=1600&ch=1200
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:45 GMT
via: 1.1 google
x-powered-by: Express
content-type: application/javascript
x-cloud-trace-context: c848fd7bf0d98ee269224cf1b0ce360f/9468274628590495941;o=0
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame 38CC 0
0 35ms
35ms Document
text/html 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=normal&cb=4vzja9vlnfz7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sqSJ8oz8oeJI+R1La9vulg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=normal&cb=4vzja9vlnfz7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=205=XD7tEaPitVop7kdRUXQ1EZPU4N56x0YEUH2YvPBs8X8F5MsEqgvIA3jP9x-mF8_JSnYxF9GejMSah5zoIZT2581CDrp4s_bAGUv-kSVFlwEBpb173kMPQ_yByHuDmdo_hwfVq3MnHfl9QUJ0s5v-IBD1HaQ0fXZ6a5TyFQBOEkc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 21 Dec 2020 20:01:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-sqSJ8oz8oeJI+R1La9vulg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10977
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 payframe
pay.google.com/gp/p/ui/ Frame E0ED 0
0 213ms
199ms Document
text/html 2a00:1450:400c:c08::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgive.unrefugees.org&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YzZj6LTSMFJuWzJLeLt/fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-YzZj6LTSMFJuWzJLeLt/fw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pay.google.com
:scheme: https
:path: /gp/p/ui/payframe?origin=https%3A%2F%2Fgive.unrefugees.org&mid=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=205=XD7tEaPitVop7kdRUXQ1EZPU4N56x0YEUH2YvPBs8X8F5MsEqgvIA3jP9x-mF8_JSnYxF9GejMSah5zoIZT2581CDrp4s_bAGUv-kSVFlwEBpb173kMPQ_yByHuDmdo_hwfVq3MnHfl9QUJ0s5v-IBD1HaQ0fXZ6a5TyFQBOEkc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Mon, 21 Dec 2020 20:01:45 GMT
date: Mon, 21 Dec 2020 20:01:45 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
content-security-policy: script-src 'report-sample' 'nonce-YzZj6LTSMFJuWzJLeLt/fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-YzZj6LTSMFJuWzJLeLt/fw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 0
bat.bing.com/action/ 0
148 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5612726&Ver=2&mid=aac41482-657c-4eb8-b77a-acd51d6f0689&sid=59dd068043c711eba0dd13be7028fe5f&vid=59dd418043c711ebbf0e4f415fab044e&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=MATCH%3A%20Help%20Refugees%20in%20Yemen%20Today%20%7C%20USA%20for%20UNHCR&kw=Yemen,Famine&p=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4&r=&lt=2096&evt=pageLoad&msclkid=N&sv=1&rn=191085
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 21 Dec 2020 20:01:44 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: DCA6B6314E3A4FFF88BD5924893EF63D Ref B: FRAEDGE1518 Ref C: 2020-12-21T20:01:45Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
109 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary79xB7MUFO4tEAWh2

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 21 Dec 2020 20:01:45 GMT
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK tc.min.js Show response
c1.rfihub.net/js/ 20 KB
7 KB 22ms
6ms Script
application/x-javascript 104.111.224.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.224.160 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-224-160.deploy.static.akamaitechnologies.com
Software: Jetty(9.0.6.v20130930) /
Resource Hash: cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 21 Dec 2020 20:01:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Nov 2020 07:07:45 GMT
Server: Jetty(9.0.6.v20130930)
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 6375
Expires: Mon, 21 Dec 2020 21:01:45 GMT

GET
H3-Q050

200

activityi;dc_pre=CLT2wuvu3-0CFcKkdwodSrEHAw;src=4647326;type=unrefcms;cat=donfvis;ord=9839853803849;gtm=2wgbu0;auiddc=736624279.1608580904;u3=undefined;u2=undefined;~oref=https%3A%2F%2Fgive.unrefug...
4647326.fls.doubleclick.net/ Frame 612F
Redirect Chain

https://4647326.fls.doubleclick.net/activityi;src=4647326;type=unrefcms;cat=donfvis;ord=9839853803849;gtm=2wgbu0;auiddc=736624279.1608580904;u3=undefined;u2=undefined;~oref=https%3A%2F%2Fgive.unref...
https://4647326.fls.doubleclick.net/activityi;dc_pre=CLT2wuvu3-0CFcKkdwodSrEHAw;src=4647326;type=unrefcms;cat=donfvis;ord=9839853803849;gtm=2wgbu0;auiddc=736624279.1608580904;u3=undefined;u2=undefi...

0
0

157ms
143ms

Document
text/html

216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4647326.fls.doubleclick.net/activityi;dc_pre=CLT2wuvu3-0CFcKkdwodSrEHAw;src=4647326;type=unrefcms;cat=donfvis;ord=9839853803849;gtm=2wgbu0;auiddc=736624279.1608580904;u3=undefined;u2=undefined;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XT4L

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f38.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4647326.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLT2wuvu3-0CFcKkdwodSrEHAw;src=4647326;type=unrefcms;cat=donfvis;ord=9839853803849;gtm=2wgbu0;auiddc=736624279.1608580904;u3=undefined;u2=undefined;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 21 Dec 2020 20:01:45 GMT
expires: Mon, 21 Dec 2020 20:01:45 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 493
x-xss-protection: 0
set-cookie: IDE=AHWqTUlSHzb7VbPlBKYVtKe7f1IvKC9H8g-3Tb40MCCaSaTuG3P_RLf2k4tQ907k; expires=Sat, 15-Jan-2022 20:01:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 21 Dec 2020 20:01:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4647326.fls.doubleclick.net/activityi;dc_pre=CLT2wuvu3-0CFcKkdwodSrEHAw;src=4647326;type=unrefcms;cat=donfvis;ord=9839853803849;gtm=2wgbu0;auiddc=736624279.1608580904;u3=undefined;u2=undefined;~oref=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 403 kds-events-gtm.min.js
storage.cloud.kargo.com/kds/ 0
0 36ms
7ms Script
text/html 2.16.177.35
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.cloud.kargo.com/kds/kds-events-gtm.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XT4L
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.177.35 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-177-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-max-age: 86400
access-control-allow-methods: GET,POST

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 31ms
7ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:45 GMT
content-encoding: gzip
etag: "8q1rat7Mm9i+FVcOidF8/g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 28 Dec 2020 20:01:45 GMT

GET
H/1.1 200
OK sp.pl Show response
sp.analytics.yahoo.com/ 0
935 B 327ms
326ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=MATCH%3A%20Help%20Refugees%20in%20Yemen%20Today%20%7C%20USA%20for%20UNHCR&.yp=10095779&f=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4&enc=UTF-8&et=custom&ec=pageview&ea=donation_form_visit&tagmgr=gtm

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 21 Dec 2020 20:01:45 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Mon, 21 Dec 2020 20:01:45 GMT

GET
H2 200 everflow.js Show response
www.tp88trk.com/scripts/sdk/ 51 KB
16 KB 127ms
112ms Script
text/javascript 35.190.72.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tp88trk.com/scripts/sdk/everflow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XT4L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.72.228 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 228.72.190.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a7f0d0873566ae502c75a71941db791766c800a7cf5697795b69ce091ee89397

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:45 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: text/javascript
content-encoding: gzip
x-eflow-request-id: a96b258b-232f-4ecf-b2ea-b54bc9df97d8
alt-svc: clear

GET
H2 200 buttons
www.paypal.com/smart/ Frame 5412 0
0 297ms
297ms Document
text/html 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.label=checkout&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJJYldSQklUTzZlRzN3eUtpV2w1VGcwM3M4bXR5MmN0MXk1aksyMjFaS3lKdXpRcnZCRVhXcTA5MTZtcEg5MWZaR1hseEZZMDlfUjE2ZW8mdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtc2RrLWludGVncmF0aW9uLXNvdXJjZSI6ImJ1dHRvbi1mYWN0b3J5IiwiZGF0YS11aWQiOiI5NDQ4NmM0MDBmX21qYTZtZGU2bmRxIn19&clientID=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&storageID=127796cf36_mja6mde6ndu&sessionID=7631ca5a48_mja6mde6ndu&buttonSessionID=4687a27d67_mja6mde6ndu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7ImZsZXgiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZX19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ==&platform=desktop&flow=purchase&currency=USD&intent=capture&commit=true&vault=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.paypal.com
:scheme: https
:path: /smart/buttons?style.label=checkout&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJJYldSQklUTzZlRzN3eUtpV2w1VGcwM3M4bXR5MmN0MXk1aksyMjFaS3lKdXpRcnZCRVhXcTA5MTZtcEg5MWZaR1hseEZZMDlfUjE2ZW8mdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtc2RrLWludGVncmF0aW9uLXNvdXJjZSI6ImJ1dHRvbi1mYWN0b3J5IiwiZGF0YS11aWQiOiI5NDQ4NmM0MDBmX21qYTZtZGU2bmRxIn19&clientID=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&storageID=127796cf36_mja6mde6ndu&sessionID=7631ca5a48_mja6mde6ndu&buttonSessionID=4687a27d67_mja6mde6ndu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7ImZsZXgiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5SW40Ijp7ImVsaWdpYmxlIjpmYWxzZX19fSwiY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ==&platform=desktop&flow=purchase&currency=USD&intent=capture&commit=true&vault=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ts=vreXpYrS%3D1703188904%26vteXpYrS%3D1608582704%26vr%3D86e4b6f71760a6c09a4546fbffffffff%26vt%3D86e4b6f71760a6c09a4546fbfffffffe; ts_c=vr%3D86e4b6f71760a6c09a4546fbffffffff%26vt%3D86e4b6f71760a6c09a4546fbfffffffe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
etag: W/"36a60-pwszFw4VsN5tdrCuivPh9FJNxCE"
p3p: true
paypal-debug-id: bdfd90b9dc40d
set-cookie: tsrce=smartcomponentnodeweb; Domain=.paypal.com; Path=/; Expires=Thu, 24 Dec 2020 20:01:45 GMT; HttpOnly; Secure; SameSite=None l7_az=dcg13.slc; Path=/; Domain=paypal.com; Expires=Mon, 21 Dec 2020 20:31:45 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1703188905%26vteXpYrS%3D1608582705%26vr%3D86e4b6f71760a6c09a4546fbffffffff%26vt%3D86e4b6f71760a6c09a4546fbfffffffe%26vtyp%3D; Path=/; Domain=paypal.com; Expires=Thu, 21 Dec 2023 20:01:45 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D86e4b6f71760a6c09a4546fbffffffff%26vt%3D86e4b6f71760a6c09a4546fbfffffffe; Path=/; Domain=paypal.com; Expires=Thu, 21 Dec 2023 20:01:45 GMT; Secure; SameSite=None x-cdn=fastly:FRA; Domain=paypal.com; Path=/; Secure
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
date: Mon, 21 Dec 2020 20:01:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-lhr7383-LHR, cache-fra19175-FRA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1608580905.111076,VS0,VE284
vary: Accept-Encoding
content-encoding: br

GET
H2

200

beacon
r.turn.com/r/
Redirect Chain

https://20669309p.rfihub.com/ca.gif?rb=9587&ca=20669309&ra=44337420
https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=

43 B
407 B

159ms
72ms

Image
image/gif

46.228.164.11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 20:01:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

Location: https://r.turn.com/r/beacon?b2=Byl5I3NIBudQfjqNW-_fVUNVOmTxqGPcOnN4gXqFCKoeU_Oup029YVIprkeGvqSpgAfS5Jz0ytx_deRc41vz7Q&cid=
Server: Jetty(9.0.6.v20130930)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
DATA 200
OK truncated
/ Frame 06B3 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 06B3 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK idr.js Show response
a.rfihub.com/ 83 B
682 B 86ms
15ms Script
application/javascript 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://a.rfihub.com/idr.js?_callback=window.RocketfuelBCP.jsonpCallbacks.request_cmZpSWRJbkNhY2hl
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , Netherlands, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.0.6.v20130930) /
Resource Hash: 29bac53af96d8af62e15456ac1d657cd3047d88b3f3b57fb9570753e5b0870da

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: public, max-age=33696000
Content-Type: application/javascript
Server: Jetty(9.0.6.v20130930)
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length: 83
Expires: Sat, 15 Jan 2022 20:01:45 GMT

GET
H2 200 rules-p-SLcBYqRUU3yLq.js Show response
rules.quantcount.com/ 1 KB
1 KB 50ms
16ms Script
application/x-javascript 2600:9000:2204:ae00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-SLcBYqRUU3yLq.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:ae00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: abb49f99cde4315e7ad50087b6a1888b1d6e0db45625f351904fac2b1879ecf7

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 19:53:47 GMT
content-encoding: gzip
last-modified: Mon, 10 Apr 2017 23:36:03 GMT
server: AmazonS3
age: 1814
etag: "0f8ea059094652069af02158b35f2356"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 fb60efae608d5d8f2d160585f251caaf.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: vk3lQuKmgWqrPDzTX5q1lET9KQVFzYIF3ALiPz8-A78LEJXn-KqP6Q==

GET
BLOB 200
OK a0b40ef0-151f-4417-85bb-1b7da44fcf22
https://give.unrefugees.org/ 419 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://give.unrefugees.org/a0b40ef0-151f-4417-85bb-1b7da44fcf22
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1594f140bcc1ae90907f02ed45b0fd86d799233e207cfb4b8c27a2601a1dc3a7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 428727

GET
H3-Q050 200 bframe
www.google.com/recaptcha/api2/ Frame 5E7A 0
0 52ms
51ms Document
text/html 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&cb=czvu036kbe2l

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kkY9jgajCh/jEwjsuD1DfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&cb=czvu036kbe2l
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=205=XD7tEaPitVop7kdRUXQ1EZPU4N56x0YEUH2YvPBs8X8F5MsEqgvIA3jP9x-mF8_JSnYxF9GejMSah5zoIZT2581CDrp4s_bAGUv-kSVFlwEBpb173kMPQ_yByHuDmdo_hwfVq3MnHfl9QUJ0s5v-IBD1HaQ0fXZ6a5TyFQBOEkc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 21 Dec 2020 20:01:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-kkY9jgajCh/jEwjsuD1DfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1122
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK Cookie set ca.html
20826429p.rfihub.com/ Frame 6C24 0
0 141ms
21ms Document
text/html 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20826429p.rfihub.com/ca.html?rfiidc=1871878965518132247&rfiaid=0e651420d59a4095b9cda628195ba0cb&ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4&pf=&ra=49503791582371526
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , Netherlands, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.0.6.v20130930) /
Resource Hash

Request headers

Host: 20826429p.rfihub.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ruds=H4sIAAAAAAAAAOMSNrQwN7UwtDQzNDU0NzIxMrYwNhXiM9QN9XfPDAooz8rNyDIFAEtVGqIlAAAA; rud=H4sIAAAAAAAAAOMSNrQwN7UwtDQzNDU0NzIxMrYwNhXiM9QN9XfPDAooz8rNyDKV4jU0M7AwtTCwNDA1MjQCAMjE6mo0AAAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4

Response headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAJvFyGtoZmBhamFgaWBqYmmwCo1_Co3_Co3_C43fxITKn4TGn4XGX4TGX4XG34TG34XG_4SunwWVfwuNv4kVzTxuNP-g8RcJo_IfofEBODbsoUABAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 15 Jan 2022 20:01:45 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwN7UwtDQzNDU0NzIxMrYwNhXiM9QN9XfPDAooz8rNyDIFAEtVGqIlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwN7UwtDQzNDU0NzIxMrYwNhXiM9QN9XfPDAooz8rNyDKV4jU0M7AwtTCwNDA1MjQCAMjE6mo0AAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 15 Jan 2022 20:01:45 GMT; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Server: Jetty(9.0.6.v20130930)

GET
H/1.1 200
OK Cookie set ca.html
20826429p.rfihub.com/ Frame 1773 0
0 137ms
18ms Document
text/html 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20826429p.rfihub.com/ca.html?rfiidc=1871878965518132247&rfiaid=0e651420d59a4095b9cda628195ba0cb&ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4&pf=&ra=2010006840515759
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , Netherlands, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.0.6.v20130930) /
Resource Hash

Request headers

Host: 20826429p.rfihub.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ruds=H4sIAAAAAAAAAOMSNrQwN7UwtDQzNDU0NzIxMrYwNhXiM9QN9XfPDAooz8rNyDIFAEtVGqIlAAAA; rud=H4sIAAAAAAAAAOMSNrQwN7UwtDQzNDU0NzIxMrYwNhXiM9QN9XfPDAooz8rNyDKV4jU0M7AwtTCwNDA1MjQCAMjE6mo0AAAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4

Response headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAJvFyGtoZmBhamFgaWBqYmmwCo1_Co3_Co3_C43fxITKn4TGn4XGX4TGX4XG34TG34XG_4SunwWVfwuNv4kVzTxuNP-g8RcJo_IfofEBODbsoUABAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 15 Jan 2022 20:01:45 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwN7UwtDQzNDU0NzIxMrYwNhXiM9QN9XfPDAooz8rNyDIFAEtVGqIlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwN7UwtDQzNDU0NzIxMrYwNhXiM9QN9XfPDAooz8rNyDKV4jU0M7AwtTCwNDA1MjQCAMjE6mo0AAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 15 Jan 2022 20:01:45 GMT; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Server: Jetty(9.0.6.v20130930)

GET
H/1.1 200
OK Cookie set ca.html
20826430p.rfihub.com/ Frame 2FC4 0
0 133ms
18ms Document
text/html 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20826430p.rfihub.com/ca.html?rfiidc=1871878965518132247&rfiaid=0e651420d59a4095b9cda628195ba0cb&ver=9&rb=9587&ca=20826430&_o=9587&_t=20826430&pe=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4&pf=&ra=24875181278933578
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , Netherlands, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.0.6.v20130930) /
Resource Hash

Request headers

Host: 20826430p.rfihub.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ruds=H4sIAAAAAAAAAOMSNrQwN7UwtDQzNDU0NzIxMrYwNhXiM9QN9XfPDAooz8rNyDIFAEtVGqIlAAAA; rud=H4sIAAAAAAAAAOMSNrQwN7UwtDQzNDU0NzIxMrYwNhXiM9QN9XfPDAooz8rNyDKV4jU0M7AwtTCwNDA1MjQCAMjE6mo0AAAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4

Response headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAJvFyGtoZmBhamFgaWBqYmG5Co1_Co3_Co3_C43fxITKn4TGn4XGX4TGX4XG34TG34XG_4SunwWVfwuNv4kVzTxuNP-g8RcJo_IfofEBcAiS6EABAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 15 Jan 2022 20:01:45 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwN7UwtDQzNDU0NzIxMrYwNhXiM9QN9XfPDAooz8rNyDIFAEtVGqIlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwN7UwtDQzNDU0NzIxMrYwNhXiM9QN9XfPDAooz8rNyDKV4jU0M7AwtTCwNDA1MjQCAMjE6mo0AAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 15 Jan 2022 20:01:45 GMT; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Server: Jetty(9.0.6.v20130930)

GET
H2 200 pixel;r=2077200634;labels=_fp.event.Donation%20Landing%20Page%2C_fp.customer.undefined;rf=0;uht=2;a=p-SLcBYqRUU3yLq;url=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Dem...
pixel.quantserve.com/ 35 B
371 B 13ms
11ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2077200634;labels=_fp.event.Donation%20Landing%20Page%2C_fp.customer.undefined;rf=0;uht=2;a=p-SLcBYqRUU3yLq;url=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4;fpan=1;fpa=P0-172919005-1608580905365;ns=0;ce=1;qjs=1;qv=58f0669e-20201210192756;cm=;gdpr=0;ref=;d=unrefugees.org;je=0;sr=1600x1200x24;dst=1;et=1608580905365;tzo=-60;ogl=title.MATCH%3A%20Help%20Refugees%20in%20Yemen%20Today%20%7C%20USA%20for%20UNHCR%2Ctype.website%2Curl.https%3A%2F%2Fgive%252Eunrefugees%252Eorg%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D003%2Cimage.https%3A%2F%2Fgive%252Eunrefugees%252Eorg%2Fmedia%2F1166%2Fsusan-khadija-yemen-rf2171607x1200nologo%252E%2Cdescription.A%20humanitarian%20catastrophe%20is%20causing%20widespread%20hunger%20in%20Yemen%252E%20Millions%20have%20

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 20:01:45 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
457 B 195ms
195ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AZXYADENKNJPZE-1&page=muse%3Aoffer%3A%3A%3AZXYADENKNJPZE-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3f710125-e254-44cc-ba7e-5d8abc3fb13d&es=visitorInfo&cust=CW72LYA97C9X8&mrid=ZXYADENKNJPZE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=MATCH%3A%20Help%20Refugees%20in%20Yemen%20Today%20%7C%20USA%20for%20UNHCR&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&unsc=59&identifier_used=IP&e=im&t=1608580905467&g=-60&completeurl=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 20:01:45 GMT
via: 1.1 varnish, 1.1 varnish
server: akka-http/10.1.11
x-timer: S1608580905.477682,VS0,VE166
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
expires: Mon, 21 Dec 2020 20:01:45 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-lhr7361-LHR, cache-fra19151-FRA

GET
H2 200 nr-1184.min.js Show response
js-agent.newrelic.com/ 27 KB
11 KB 17ms
6ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1184.min.js
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:45 GMT
content-encoding: gzip
x-amz-request-id: A21809B1C987C063
x-cache: HIT
content-length: 10624
x-amz-id-2: 5/0iWHe8AbcxZN6Jo3BmJ2Q+tztfRSNwr+lcNTrsM79nJm6KurTN6rNwf14f8ELquc1TIDOjlf4=
x-served-by: cache-hhn4029-HHN
last-modified: Mon, 28 Sep 2020 16:34:45 GMT
server: AmazonS3
x-timer: S1608580906.984085,VS0,VE0
etag: "3d7f312be60d08a2568e311e4762f3af"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9519

GET
H/1.1 200
OK check.js;CIS3SID=7BD251FFC28B9A362BDAB59F1658EF57 Show response
h.online-metrix.net/fp/ Frame CB7C 155 KB
40 KB 29ms
28ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/check.js;CIS3SID=7BD251FFC28B9A362BDAB59F1658EF57?org_id=zrtzph91&session_id=e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69&nonce=b2fbfad7e8220b85&jb=33372e24687b6f77354c6b6e75782e68736f3d44696e777a2e6a71603f4b68726f6d672532323833

Requested by

Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/tags.js?org_id=zrtzph91&session_id=e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69&pageid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , Netherlands, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

3a60559d424915abd4423f7edf719aebc28a2c99d91cd2f01f6d3c4b7e10d4ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Dec 2020 20:01:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: b2fbfad7e8220b85
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
h.online-metrix.net/fp/ Frame CB7C 81 B
475 B 38ms
13ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69&nonce=b2fbfad7e8220b85&w=92084fcf6ed015ef&ck=0&m=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , Netherlands, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Dec 2020 20:01:46 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
h.online-metrix.net/fp/ Frame CB7C 81 B
475 B 55ms
17ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69&nonce=b2fbfad7e8220b85&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , Netherlands, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Dec 2020 20:01:46 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 click Show response
www.tp88trk.com/sdk/ 22 B
186 B 112ms
112ms Fetch
application/json 35.190.72.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tp88trk.com/sdk/click?effp=3e4bed6bbdab6b19482fd7d3b9d2d135&_ef_transaction_id=fullfile1&oid=&affid=&__cc=&async=json&uid=null&sub1=null&sub2=null&sub3=null&sub4=null&sub5=null
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/scripts/lib/project.min.js?v=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.72.228 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 228.72.190.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: aa36f7b55e498e48e34e35e18ada3035fc59a6f1c4e48ae702097cb08ada6689

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:46 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://give.unrefugees.org
access-control-allow-credentials: true
x-eflow-request-id: b4fe09f5-a605-42a1-b3de-4384320c3442
alt-svc: clear
content-length: 22

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
102 B 14ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1736097780&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4&ul=en-us&de=UTF-8&dt=MATCH%3A%20Help%20Refugees%20in%20Yemen%20Today%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F180101yem_mainpg_d_3000&el=25%25&_u=aGHACEADRAAAAG~&jid=299171762&gjid=1023243000&cid=2005265684.1608580904&tid=UA-3754388-9&_gid=1792135095.1608580904&_r=1&gtm=2wgbu0XT4L&z=263985170

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/scripts/lib/project.min.js?v=5

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 20:01:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 9ms
7ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1736097780&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4&ul=en-us&de=UTF-8&dt=MATCH%3A%20Help%20Refugees%20in%20Yemen%20Today%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F180101yem_mainpg_d_3000&el=50%25&_u=aGHACEADRAAAAG~&jid=&gjid=&cid=2005265684.1608580904&tid=UA-3754388-9&_gid=1792135095.1608580904&gtm=2wgbu0XT4L&z=25925002

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:38:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84190
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 9ms
7ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1736097780&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4&ul=en-us&de=UTF-8&dt=MATCH%3A%20Help%20Refugees%20in%20Yemen%20Today%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F180101yem_mainpg_d_3000&el=75%25&_u=aGHACEADRAAAAG~&jid=&gjid=&cid=2005265684.1608580904&tid=UA-3754388-9&_gid=1792135095.1608580904&gtm=2wgbu0XT4L&z=118185065

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:38:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84190
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 9ms
7ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1736097780&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180101yem_mainpg_d_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00002xPoBbQAK%26utm_source%3Du4u-appeal%26utm_campaign%3DUS_PS_EN_YE_APPEAL___201221%26utm_content%3Dfullfile1%26SF_onetime%3D7011K000001GFILQA4%26SF_monthly%3D7011K000001GFIQQA4&ul=en-us&de=UTF-8&dt=MATCH%3A%20Help%20Refugees%20in%20Yemen%20Today%20%7C%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F180101yem_mainpg_d_3000&el=100%25&_u=aGHACEADRAAAAG~&jid=&gjid=&cid=2005265684.1608580904&tid=UA-3754388-9&_gid=1792135095.1608580904&gtm=2wgbu0XT4L&z=1704590542

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 20:38:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84190
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fa5b33ed7c80.js Show response
w.usabilla.com/ Frame D24B 35 KB
11 KB 109ms
33ms Script
text/javascript 108.128.85.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/fa5b33ed7c80.js?lv=1
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.85.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-85-176.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 400d3200c2a3b6b39d6749e3ff00b38f16afd00245bed4d89eeb4cadd4b16d97

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 20:01:46 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "6d8987b4eee5a482efe2570cd52fb704"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 10947

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
427 B 88ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-3754388-9&cid=2005265684.1608580904&jid=299171762&gjid=1023243000&_gid=1792135095.1608580904&_u=aGHACEADRAAAAG~&z=1212012490

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/scripts/lib/project.min.js?v=5

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 21 Dec 2020 20:01:46 GMT
content-type: text/plain
access-control-allow-origin: https://give.unrefugees.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 2 B
560 B 242ms
242ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: give.unrefugees.org
URL: https://give.unrefugees.org/scripts/lib/project.min.js?v=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Mon, 21 Dec 2020 20:01:46 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-powered-by: Express
x-cache: MISS, MISS
paypal-debug-id: 23599357f3a08
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: phx-origin-www-1.paypal.com
x-served-by: cache-lhr7333-LHR, cache-fra19152-FRA
x-timer: S1608580906.229702,VS0,VE230
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://give.unrefugees.org
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 173ms
173ms Other
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://give.unrefugees.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://give.unrefugees.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
paypal-debug-id: af35469da1f16
x-content-type-options: nosniff
x-powered-by: Express
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
date: Mon, 21 Dec 2020 20:01:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-lhr7364-LHR, cache-fra19152-FRA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1608580906.056072,VS0,VE160
vary: Accept-Encoding
content-encoding: br

GET
H/1.1 200
OK cf888b8b66 Show response
bam.nr-data.net/1/ 57 B
275 B 450ms
113ms Script
text/javascript 162.247.242.21
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/cf888b8b66?a=357730915&v=1184.ab39b52&to=ZFNSZUsADUJYWxFRC10ZfWd6TjFUV1wASilFVXNeVxURXlVUAEpLfllURFUEM1BeXQ%3D%3D&rst=3155&ck=1&ref=https://give.unrefugees.org/180101yem_mainpg_d_3000&ap=6&be=1223&fe=3072&dc=2087&perf=%7B%22timing%22:%7B%22of%22:1608580902897,%22n%22:0,%22f%22:518,%22dn%22:519,%22dne%22:550,%22c%22:550,%22s%22:715,%22ce%22:882,%22rq%22:882,%22rp%22:1212,%22rpe%22:1213,%22dl%22:1215,%22di%22:2087,%22ds%22:2087,%22de%22:2096,%22dc%22:3072,%22l%22:3072,%22le%22:3080%7D,%22navigation%22:%7B%7D%7D&fp=1754&fcp=1754&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-9.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H/1.1 200
OK clear.png Show response
h.online-metrix.net/fp/ Frame CB7C 81 B
535 B 51ms
17ms XHR
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png

Requested by

Host: h.online-metrix.net
URL: https://h.online-metrix.net/fp/check.js;CIS3SID=7BD251FFC28B9A362BDAB59F1658EF57?org_id=zrtzph91&session_id=e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69&nonce=b2fbfad7e8220b85&jb=33372e24687b6f77354c6b6e75782e68736f3d44696e777a2e6a71603f4b68726f6d672532323833

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , Netherlands, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, zrtzph91/b2fbfad7e8220b85e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 21 Dec 2020 20:01:46 GMT
Last-Modified: Mon, 21 Dec 2020 20:01:46 GMT
Server: Apache
Etag: 2af0d4b6be1f47629b74ab74f0532db3
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://give.unrefugees.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sat, 20 Dec 2025 20:01:46 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=7BD251FFC28B9A362BDAB59F1658EF57
h.online-metrix.net/fp/ Frame E780 0
0 20ms
20ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/ls_fp.html;CIS3SID=7BD251FFC28B9A362BDAB59F1658EF57?org_id=zrtzph91&session_id=e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69&nonce=b2fbfad7e8220b85

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , Netherlands, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: h.online-metrix.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: thx_guid=e29ce7338208460cb0520c7eab06cd8a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4

Response headers

Date: Mon, 21 Dec 2020 20:01:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
h.online-metrix.net/fp/ Frame CB7C 0
387 B 17ms
16ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69&nonce=b2fbfad7e8220b85&jb=35322e6e71693d3b3a303b3466636e34656430393565643a3b616131333c63343966673462616661646b64303b30353e65313e61373630

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , Netherlands, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Dec 2020 20:01:46 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=7BD251FFC28B9A362BDAB59F1658EF57
h.online-metrix.net/fp/ Frame 4FED 0
0 17ms
17ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=7BD251FFC28B9A362BDAB59F1658EF57?org_id=zrtzph91&session_id=e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69&nonce=b2fbfad7e8220b85

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , Netherlands, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: h.online-metrix.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: thx_guid=e29ce7338208460cb0520c7eab06cd8a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4

Response headers

Date: Mon, 21 Dec 2020 20:01:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
h.online-metrix.net/fp/ Frame CB7C 0
387 B 14ms
12ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69&nonce=b2fbfad7e8220b85&jd=37372e24753539303839366663663e676430313d656624686e6e3f36362e6a66683d373232613630633b36613e32363c39366965603863613f3633363269393132612e6a64766c35303a33363b3a3436

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , Netherlands, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Dec 2020 20:01:46 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame CB7C 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=7BD251FFC28B9A362BDAB59F1658EF57
h.online-metrix.net/fp/ Frame FF7D 0
0 19ms
19ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/top_fp.html;CIS3SID=7BD251FFC28B9A362BDAB59F1658EF57?org_id=zrtzph91&session_id=e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69&nonce=b2fbfad7e8220b85

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , Netherlands, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: h.online-metrix.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4

Response headers

Date: Mon, 21 Dec 2020 20:01:46 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=96
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
h.online-metrix.net/fp/ Frame CB7C 0
218 B 14ms
14ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69&nonce=b2fbfad7e8220b85&ja=38373d24247f3d3b3a303b3466636e3465643039356564246b3d343224723d363026643d313430307a3932303824636e3d333e30327831323832267378713d307a322e6472703f392c313630322c313030302e393630382e333a303224313430302c393030302c393630322e393232322e382c30267361643d3034266e603d687c76727b25314925304625324e6569766526756e70676e756567677b2e6f7267273246333830333831796d6f5d65616b6670655f645f3b323030253b4675766f576d67666b7d6d253344676d616b6c25303e7574655d616164273b443230333143323030303a78506d406a514349273a3675746d5d736f777263672d33447d36772561727865636c25323e77746d5f6b616d726361676c27314c55535f50515f454c5f5947574150584743445f5d57323231323239273236757c6d5f616d6674676c762d334466756e6c666b6c65332d32365b445d676e677c696f6525334c353031314330303232383145444b4451413425303653445f6d6d667468647b273b44353831334b303038323031474e495153433c2666703f2e68683d38323763343635633c33626a66603b32376e393764663531373462626b3563612462736d3f4e616e7578266873623f436870676d652d303230332462736d753d4c616c7578266668633f333e266c666f353826747a663d4577726f726d25324e40677a6c6b66266f6174687a3f3430303b643161306a656132306d366363353430303a3261663935353c32336e64363d383a3134316c346561613a3464613b3c616460663f323331333339366326703f786c756f6b6c57666e69736a5e666164716521706475676b6c57776b6c666777735f6d676469635f706e6979657a5c64696c716d21726c7567616c5f61646762655d636b726d60637c5e66616c716521726c7565616e5f79776b6b6b76616d675e666164716521706475676b6c57736a6d6163776176655c66616e736523786c756f6b6c577267696c726c61796d705e666164736523726475656b6c57766c635f726c617b65725c6e616c7b6723786c776f696c5f64657e636c76725666616e716d21726e776f696e5f7374675f746965756d725e6e636e7b6523786c7767696e57686176615666616e716d26677a313563383466363764353639616a33376931366b32326d32663931666e3533383438636135323d613661246b63643d323230303230&jb=313531246e793d4f677a6b6c6c612d3046352e382532322a4561616b6c7c6f7368253142253030496c7c656c2d30324561612d32324f53253a325825323831305d333c5f372b273a304170706e655767624b6b7c25324e37313f2e313e253030284b40564d4c253a4325303264696967273a30476563696f292732304160726f6567273a463a3b2e322e343138312e36312d323051636e61706b273a463533372c3336

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , Netherlands, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 21 Dec 2020 20:01:46 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
zrtzph91jjfglng3y2zxl4fof74r2qn3gyaueuclb2fbfad7e8220b85am1.e.aa.online-metrix.net/fp/ Frame CB7C 81 B
438 B 64ms
16ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zrtzph91jjfglng3y2zxl4fof74r2qn3gyaueuclb2fbfad7e8220b85am1.e.aa.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69&nonce=b2fbfad7e8220b85&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , Netherlands, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Dec 2020 20:01:46 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 31ms
30ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-3754388-9&cid=2005265684.1608580904&jid=299171762&_u=aGHACEADRAAAAG~&z=490533588

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 20:01:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 33ms
32ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-3754388-9&cid=2005265684.1608580904&jid=299171762&_u=aGHACEADRAAAAG~&z=490533588

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 20:01:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK unhcr-button-ca8fba580979f02c2694fa49ed8ef52a.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame D077 2 KB
2 KB 33ms
7ms Image
image/png 65.9.70.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d6tizftlrpuof.cloudfront.net/themes/production/unhcr-button-ca8fba580979f02c2694fa49ed8ef52a.png
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.70.139 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90b232dae4b3477832ee21493d7558ace8cf6e9b8bc97f9c552f301da013f1da

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 05:34:14 GMT
Via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 05 Feb 2019 19:50:28 GMT
Server: AmazonS3
Age: 1693653
ETag: "ca8fba580979f02c2694fa49ed8ef52a"
X-Cache: Hit from cloudfront
x-amz-version-id: .SrcatzoiMfoqGSBwRAbfAVYaagZkb9i
Cache-Control: max-age=315360000, no-transform, public
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1768
X-Amz-Cf-Id: 3aHXPfS5cmro7M3DRPdJLvAnn2ga9BbFW9ri9FG_P3bIMUsGlFNGOw==

GET
H/1.1 204
204 clear1.png;CIS3SID=7BD251FFC28B9A362BDAB59F1658EF57
h.online-metrix.net/fp/ Frame CB7C 0
386 B 21ms
21ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=7BD251FFC28B9A362BDAB59F1658EF57?org_id=zrtzph91&session_id=e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69&nonce=b2fbfad7e8220b85&jf=34313e247161645d7a6e663d74647a5d4769617d7a4f6a5447564531327a365326736b645f66617467353136383a3730303b383624736964577679706535776560386d636671632e7369645f6965793f3330373133303931323e30353a613a3634386b673364303a30313234383830633a3e34386365316430313031323f30333c30323830363f66603661373a673563373039383b306d626760673f34383334613534323861303831666a31323e33313f653a3763376e366330626a3531373731616731673d656130626339643338363a3a61396c3134386566386432616564696334353638626133313f33373b613f37303736676635636361343833393d333a3c6464696524736964577169673d3b303437323a323332326c33396137673066643739333e65623f60353f343369313b3634363b613066313f62633536393435633b6a37373231316137666438333c34343f36636e63633e30303230336b323139633a3636373b393332333b6d383931626363353266643a3f62633933336d36333b313a3938646e323935356a356137603c666666603c303935613626736b66723f38

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , Netherlands, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Dec 2020 20:01:46 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
h.online-metrix.net/fp/ Frame CB7C 0
387 B 16ms
16ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=zrtzph91&session_id=e1873-a680ce0e-fd51-4e62-ac63-e4aa75020e69&nonce=b2fbfad7e8220b85&jac=1&je=31373e24247f65607a74615f65787c67726e61645f69723f3934362c353e2e3130392c33302477696f3577656a70766b5f6b667467726e61645d6d646e7b26706f3f7165712460697473743d79226c6776656e2a3a312632322422717c617675732232206368617a67696c652a7d2463776c683d66396661303b6237303966316934606e61633e66323031656b3b333435303263613738373334306d62326237633638333938363035626d64323c37636c373531

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , Netherlands, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Dec 2020 20:01:47 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 201 i Show response
r.logrocket.io/ 43 B
968 B 973ms
927ms XHR
application/json 2606:4700:3034::681f:53d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r.logrocket.io/i?a=0o0tmf%2Fdonation-form-review&r=4-2992e6a3-0242-4184-b37c-f46c9d6b82c4&t=82377bf8-31e7-4c46-921d-99e2904bde48&s=0&rs=0%2Cu

Requested by

Host: cdn.logrocket.io
URL: https://cdn.logrocket.io/logger.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681f:53d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

3d4a62de8fb075f37ee2248d2ac57539636ffc5b8329a4019c36e0cba4793104

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 20:01:49 GMT
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
content-length: 43
cf-request-id: 07287dde1c0000c29f749ed000000001
server: cloudflare
etag: W/"2b-TK/j8pf9ld3jkGL7zyxlkx/Q33c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MwwPesCe05ZnKsAEo3OM7EP1RVh8THfjDXOaoftdXZP5O7ZP306eyjP2RdOa9zV%2BLlVcSV7E0BmVT9w1Y5%2Fa1uQhjJ4BJCkBp2Qd4KoI4WfzHVJjP%2BdKpkuUyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 605432768c84c29f-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret

POST
H/1.1 200
OK cf888b8b66 Show response
bam.nr-data.net/events/1/ 24 B
186 B 538ms
136ms XHR
image/gif 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/cf888b8b66?a=357730915&v=1184.ab39b52&to=ZFNSZUsADUJYWxFRC10ZfWd6TjFUV1wASilFVXNeVxURXlVUAEpLfllURFUEM1BeXQ%3D%3D&rst=13155&ck=1&ref=https://give.unrefugees.org/180101yem_mainpg_d_3000
Requested by: Host: give.unrefugees.org
URL: https://give.unrefugees.org/scripts/lib/project.min.js?v=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://give.unrefugees.org/180101yem_mainpg_d_3000?utm_medium=email&utm_cid=0031K00002xPoBbQAK&utm_source=u4u-appeal&utm_campaign=US_PS_EN_YE_APPEAL___201221&utm_content=fullfile1&SF_onetime=7011K000001GFILQA4&SF_monthly=7011K000001GFIQQA4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://give.unrefugees.org
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAA3IywmAQAwFQBBL8SRE3v6yiXcLSXZjIZZhtXoamH258C5bvzUENZGhMVXtidwcZHe2KPAffdZspj5mKJVgUIU0kulBg1tnR8k8cSb-X6Boh_QPE423bWAAAAA
.rfihub.com/	1970-01-20 00:11:16	Name: rud Value: H4sIAAAAAAAAAOMSNrQwN7UwtDQzNDU0NzIxMrYwNhXiM9QN9XfPDAooz8rNyDKV4jU0M7AwtTCwNDA1MjQCAMjE6mo0AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNrQwN7UwtDQzNDU0NzIxMrYwNhXiM9QN9XfPDAooz8rNyDIFAEtVGqIlAAAA
.paypal.com/	1970-01-20 17:06:28	Name: ts Value: vreXpYrS%3D1703188905%26vteXpYrS%3D1608582705%26vr%3D86e4b6f71760a6c09a4546fbffffffff%26vt%3D86e4b6f71760a6c09a4546fbfffffffe
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTYwODU4MDkwNTM0NiIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-19 14:49:42	Name: l7_az Value: dcg13.slc
.paypal.com/	1970-01-19 14:54:00	Name: tsrce Value: smartcomponentnodeweb
.paypal.com/	1970-01-20 17:06:28	Name: ts_c Value: vr%3D86e4b6f71760a6c09a4546fbffffffff%26vt%3D86e4b6f71760a6c09a4546fbfffffffe
.unrefugees.org/	1970-01-20 00:14:09	Name: __qca Value: P0-172919005-1608580905365
.rfihub.com/	1970-01-20 00:11:16	Name: eud Value: H4sIAAAAAAAAAF3Qr24CQRAG8JQUwwV1FlnVZJrZvb39gyP0FAFBk6bIXW4vwZSkQFLdR0CeRJ48ySP0ESqRyJMoznVv1OSXyfclM4MRm06yt2y-OLDvzesKdrP9bsuKd_v5YbfPvQyXQyZRpxoNplLpr4AaefkQWBisiH-Jr8Q34p9e10fikvhEXBHXxGfihuYfu_4LrZSq-6QvIvdFT6owXqNgYNuHgTCKgbMOwRbc-gRdO0wTxgznN1JzjLm1xq1zbyDxEkG0S9C587CWqZIOEy5zHP-HXrQq47A0Fae4W3ohvgNaIHPU_AEAAA
.doubleclick.net/	1970-01-20 00:11:16	Name: IDE Value: AHWqTUlSHzb7VbPlBKYVtKe7f1IvKC9H8g-3Tb40MCCaSaTuG3P_RLf2k4tQ907k
give.unrefugees.org/	1970-01-20 08:20:52	Name: _tq_id.TV-63728109-1.addf Value: 962a10396a66063a.1608580905.0.1608580905..
give.unrefugees.org/	1970-01-19 14:51:07	Name: _lr_tabs_-0o0tmf%2Fdonation-form-review Value: {%22sessionID%22:0%2C%22recordingID%22:%224-2992e6a3-0242-4184-b37c-f46c9d6b82c4%22%2C%22lastActivity%22:1608580905195}
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3A_YIReqOHSc3rnqHmByETX01rFoDLso0L.fAMGUmkZGsfmycqkEoIErhvlZzQPgd31kMX23UDjqas
.give.unrefugees.org/	1970-01-20 08:20:52	Name: _ga Value: GA1.3.2005265684.1608580904
.unrefugees.org/	1970-01-19 15:13:04	Name: _uetvid Value: 59dd418043c711ebbf0e4f415fab044e
.rfihub.com/	1970-01-20 00:11:16	Name: smd Value: H4sIAAAAAAAAAOPiNTQzsDC1MLA0MDU3MQIAIf8G-A8AAAA
.unrefugees.org/	1970-01-19 14:51:07	Name: _uetsid Value: 59dd068043c711eba0dd13be7028fe5f
.unrefugees.org/	1970-01-19 14:51:07	Name: _gid Value: GA1.2.1792135095.1608580904
give.unrefugees.org/	1969-12-31 23:59:59	Name: _lr_uf_-0o0tmf Value: 98704c67-b1c9-426f-a559-765b14b4dd4a
.unrefugees.org/	1970-01-19 16:59:16	Name: _fbp Value: fb.1.1608580904491.383888516
.paypal.com/	1970-01-19 23:35:16	Name: enforce_policy Value: ccpa
.google.com/	1970-01-19 19:13:12	Name: NID Value: 205=XD7tEaPitVop7kdRUXQ1EZPU4N56x0YEUH2YvPBs8X8F5MsEqgvIA3jP9x-mF8_JSnYxF9GejMSah5zoIZT2581CDrp4s_bAGUv-kSVFlwEBpb173kMPQ_yByHuDmdo_hwfVq3MnHfl9QUJ0s5v-IBD1HaQ0fXZ6a5TyFQBOEkc
.paypal.com/	1970-01-19 14:50:12	Name: LANG Value: en_US%3BUS
.give.unrefugees.org/	1970-01-19 14:49:40	Name: _dc_gtm_UA-1473340-18 Value: 1
.give.unrefugees.org/	1970-01-19 14:51:07	Name: _gid Value: GA1.3.1792135095.1608580904
give.unrefugees.org/	1970-01-19 14:51:07	Name: _lr_hb_-0o0tmf%2Fdonation-form-review Value: {%22heartbeat%22:1608580905195}
.unrefugees.org/	1970-01-19 14:49:40	Name: _gat Value: 1
.unrefugees.org/	1970-01-19 14:51:07	Name: _opt_utmc Value: US_PS_EN_YE_APPEAL___201221
.unrefugees.org/	1970-01-19 16:59:16	Name: _gcl_au Value: 1.1.736624279.1608580904
.unrefugees.org/	1970-01-20 08:20:52	Name: _ga Value: GA1.2.2005265684.1608580904

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Removed URL query parameters due to potential violations.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20669309p.rfihub.com
20826429p.rfihub.com
20826430p.rfihub.com
2d4d35386f5134324f59454d3746304d5f2d6259.geotargetly.co
2d4d353871566b4850442d4b666c455363313742.geotargetly.co
4647326.fls.doubleclick.net
a.rfihub.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
bam.nr-data.net
bat.bing.com
c1.rfihub.net
cdn.logrocket.io
cdn.plyr.io
click.e.unrefugees.org
code.jquery.com
collector-3219.tvsquared.com
connect.facebook.net
d6tizftlrpuof.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
g4952108375.co
geotargetly-1a441.appspot.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
give.unrefugees.org
googleads.g.doubleclick.net
h.online-metrix.net
js-agent.newrelic.com
p.typekit.net
pay.google.com
pixel.quantserve.com
r.logrocket.io
r.turn.com
rules.quantcount.com
s.yimg.com
secure.quantserve.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
storage.cloud.kargo.com
t.paypal.com
use.typekit.net
w.usabilla.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.tp88trk.com
zrtzph91jjfglng3y2zxl4fof74r2qn3gyaueuclb2fbfad7e8220b85am1.e.aa.online-metrix.net
ghbmnnjooekpmoecnnnilnnbdlolhkhi
104.111.224.160
104.111.228.123
108.128.85.176
151.101.1.21
151.101.114.110
151.101.129.35
162.247.242.19
162.247.242.21
172.217.22.34
172.217.23.102
18.190.88.249
193.0.160.128
195.138.255.17
2.16.177.35
2001:4860:4802:38::15
2001:4de0:ac19::1:b:2a
212.82.100.181
216.58.208.38
2600:9000:2204:ae00:6:44e3:f8c0:93a1
2606:4700:3031::681f:52d7
2606:4700:3034::681f:53d7
2620:116:800d:21:f916:5049:f87f:108e
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:808::2008
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:817::2003
2a00:1450:4001:81a::2002
2a00:1450:4001:81d::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2014
2a00:1450:4001:824::2004
2a00:1450:4001:825::2013
2a00:1450:400c:c08::5c
2a00:1450:400c:c0c::9c
2a02:26f0:6c00::210:ba0a
2a02:26f0:eb:3af::19fd
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::442
35.190.72.228
46.228.164.11
52.43.199.126
65.9.70.139
91.235.132.130
91.235.134.131
05c6ad1e87f201974bc689f34c277c5f625291f40afbee955027bd70ffdfabd2
087eea56d7a820a2a7a9c182616af459f127761730aeeff62c1ca82706ac02c8
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1594f140bcc1ae90907f02ed45b0fd86d799233e207cfb4b8c27a2601a1dc3a7
15a1830c90abb4904b1d860e4bc53d25702cba2b9678e701bca6e8784814493c
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
29bac53af96d8af62e15456ac1d657cd3047d88b3f3b57fb9570753e5b0870da
2cfde1ee3862c59d7ce29514647e454d570968cbc5d2ffad631ebe45852f98ec
394e68bb96ac874b1a9f9b39286a16349ab781c8513ce632ce5c7ba8bb2ba0ab
3a60559d424915abd4423f7edf719aebc28a2c99d91cd2f01f6d3c4b7e10d4ea
3d4a62de8fb075f37ee2248d2ac57539636ffc5b8329a4019c36e0cba4793104
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2
400d3200c2a3b6b39d6749e3ff00b38f16afd00245bed4d89eeb4cadd4b16d97
437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
465ecd3c27cf42a3309af6bda6e2b8c4b9cb7a78788908904e0d6761a2c3102a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
53b492f729960ead9c5779dc772534e0f00e2dcdbd1687a0d236af95417549b5
53e973a71dbbd98dc8572115b4a939b3343f7406ea7f918bc8701cd92e890084
5511a863ba29dbeccb55daa00f266b9b4dbb130717b4e0a64ba21c749e568ff0
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bfbae61daf6218548d35bd824d5299e6f0517f156050c302ddd83fa0e8abdc8
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f3a1b80ceca50d3628484547fdd9ca2587fe9bf6901d5ab8e66db040a6db5dd
6f3aaa8e304edd2630593f30aad12e59e04d17612cc4e3cf85a20000336d43e7
766b847b4db351761b0f3d06427f3528149a0ea7c7b4e3731e895b4c0182b4e8
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
81149e87be7f93d9e207c69b0e17dda3135e3c923263f551f5c3a79569f1fd33
82056263c7f1e2c4d64350d95f77857d6c8bc38ac413fc8751ccbda46f3639aa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86d8bcfd654f490e6d2ff0b3ed4d5fd6fc3032d144753a17303a44a6433f3159
90b232dae4b3477832ee21493d7558ace8cf6e9b8bc97f9c552f301da013f1da
947400cb0578d5d44becd19f25d99de0e786a8f7e251ffb284c10430c2e67865
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
97880bcd7fcc199a008ea736ab008f7f92e9cf6c0addc2afb6c92b3e70d9c9a5
97993aa9ca937320240fc80e668cbe593f3e2bdd0a4d4315a4c956eb2bf79252
998c90643c3191a22d8591472dde7e11d84ee6b8269c048689d7331199255761
9a9de0aac198c9af22ea0b40f3f8abbaa3540f9a369b4b2328fec924968e16ad
9b9c0898e129c8c18b79f176435c368cecfe30a903797c9feba7a82ee19902bd
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a7f0d0873566ae502c75a71941db791766c800a7cf5697795b69ce091ee89397
aa36f7b55e498e48e34e35e18ada3035fc59a6f1c4e48ae702097cb08ada6689
abb49f99cde4315e7ad50087b6a1888b1d6e0db45625f351904fac2b1879ecf7
abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53
b2691aa6e8dff80c0760181397a93de4b7da5706594bb540ab430095109a889a
b84cd5b64dfba393aec4f7780b796ebd4cd17d740a7574ab7810e99d4a008c95
c04cbfe21e23ceb866fae28e981a17dfe9ce6cb178943dda6f11a495255ec137
c6cf26bfcc5818a507b0c9cb63cf3fd1351b4bebdcff8f660274e1ae11af0cff
c9dc1e8b49eb87c548ec7d2cac255a9500e596cd06735084e70b7c74d87f1bcc
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84
cd35b04e067afec5e040e57ec3f7ad6205113daefe5d74dcdd63201c49d97c66
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d71a8d890ddfbbf290c1be937cb958c38d855e7957cccee6e736d0c09f55b4fd
dcb28ca0fcbf016b74f4c5ade3f0e20eb212ace3815ee62524055fd9716109c2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df09534fa9a45e90d4a3e29493748382f2e6285f3441a6804ff9af3cc0b03833
e1591d926da917c936c1eb42a26a383abbaa276b22d3a0720b0c39bebc35304b
e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0
e2324ad785ba5747059f48d4790a7783d6a85b04ca91d3312af124e1fb254136
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e9027cbc9f2efbff37e09740f41c16a1ffd89eae8f1555f6a5955d3198d9c31d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f6f69584059083fba62a46775f9873390655429d2a18c065c4d8f34725b07d43
fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb
fd8c794bb43e5220596bc1c5d50f865268cd2655c86f0d3175875d7e1c3afcc6
ff302dfeb804e6f61ec9c639cce5d645062324307c46116fd314110c7dbb85ab

give.unrefugees.org Open in urlscan Pro 52.43.199.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

115 Requests

98 %HTTPS

54 %IPv6

37 Domains

54 Subdomains

46 IPs

8 Countries

1888 kBTransfer

4551 kBSize

31 Cookies

2 Outgoing links

Page URL History

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

give.unrefugees.org Open in urlscan Pro
52.43.199.126 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

98 %
HTTPS

54 %
IPv6

37
Domains

54
Subdomains

46
IPs

8
Countries

1888 kB
Transfer

4551 kB
Size

31
Cookies

115 HTTP transactions
2 data transactions