urlscan.io logo urlscan.io
SecurityTrails logo

give.unhcr.ca Open in urlscan Pro
2606:4700::6810:c9f3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.e.unrefugees.org/?qs=89b116de08ee5fda224db616fdac89c054bc45f6b5e88eebf9ad9744879efd9792b44bae8889e3cd2aee5f4851be...
Effective URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=...
Submission: On August 04 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 76 IPs in 6 countries across 63 domains to perform 329 HTTP transactions. The main IP is 2606:4700::6810:c9f3, located in United States and belongs to CLOUDFLARENET, US. The main domain is give.unhcr.ca.
TLS certificate: Issued by R3 on August 1st 2022. Valid for: 3 months.
This is the only time give.unhcr.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.228.216 22606 (EXACT-7)
14 52.25.241.154 16509 (AMAZON-02)
7 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 192.225.158.1 30286 (THM)
3 3.209.33.76 14618 (AMAZON-AES)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2606:4700:21:... 13335 (CLOUDFLAR...)
13 2607:f8b0:400... 15169 (GOOGLE)
1 151.101.1.21 54113 (FASTLY)
5 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
10 2001:4860:480... 15169 (GOOGLE)
2 142.251.41.2 15169 (GOOGLE)
1 7 2620:1ec:c11:... 8068 (MICROSOFT...)
1 13.225.63.247 16509 (AMAZON-02)
5 2a03:2880:f01... 32934 (FACEBOOK)
5 2001:4998:14:... 14777 (YAHOO)
2 3.12.240.80 16509 (AMAZON-02)
1 35.190.72.228 15169 (GOOGLE)
4 2600:1901:0:7... 15169 (GOOGLE)
4 6 142.250.80.102 15169 (GOOGLE)
1 3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 4 54.210.18.100 14618 (AMAZON-AES)
2 34.200.43.30 14618 (AMAZON-AES)
1 52.45.183.32 14618 (AMAZON-AES)
5 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
3 76.13.32.146 26101 (YAHOO-BF1)
3 2607:f8b0:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
11 2607:f8b0:400... 15169 (GOOGLE)
3 2600:9000:21d... 16509 (AMAZON-02)
5 2a03:2880:f11... 32934 (FACEBOOK)
13 173.223.57.2 16625 (AKAMAI-AS)
2 35.241.48.88 15169 (GOOGLE)
21 151.101.192.176 54113 (FASTLY)
1 44.209.237.70 14618 (AMAZON-AES)
6 54.221.96.38 14618 (AMAZON-AES)
2 54.72.98.215 16509 (AMAZON-02)
2 2620:116:800b... 27281 (QUANTCAST)
1 51.161.118.75 16276 (OVH)
2 54.230.160.114 16509 (AMAZON-02)
1 151.101.65.108 54113 (FASTLY)
2 142.251.40.130 15169 (GOOGLE)
6 15 199.38.167.130 54312 (ROCKETFUEL)
35 54.186.23.98 16509 (AMAZON-02)
3 7 68.67.160.75 29990 (ASN-APPNEX)
1 2600:9000:21d... 16509 (AMAZON-02)
5 8 15.197.193.217 16509 (AMAZON-02)
1 1 54.175.87.114 14618 (AMAZON-AES)
1 4 69.173.151.100 26667 (RUBICONPR...)
5 5 142.250.72.98 15169 (GOOGLE)
1 5 104.18.18.126 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
1 151.101.1.140 54113 (FASTLY)
1 4 35.163.125.221 16509 (AMAZON-02)
1 4 50.16.174.192 14618 (AMAZON-AES)
3 23.41.168.23 16625 (AKAMAI-AS)
3 52.44.172.31 14618 (AMAZON-AES)
3 3 13.225.63.4 16509 (AMAZON-02)
3 9 35.190.60.146 15169 (GOOGLE)
3 23.20.218.172 14618 (AMAZON-AES)
3 184.50.205.90 16625 (AKAMAI-AS)
1 4 192.35.249.127 11742 (SPOTX-IAD)
3 2600:1f18:612... 14618 (AMAZON-AES)
3 13.225.214.50 16509 (AMAZON-02)
3 107.22.22.248 14618 (AMAZON-AES)
2 5 35.211.178.172 19527 (GOOGLE-2)
4 4 151.101.130.49 54113 (FASTLY)
13 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:21e... 16509 (AMAZON-02)
1 1 8.28.7.83 62713 (AS-PUBMATIC)
2 2620:1ec:27::... 8075 (MICROSOFT...)
1 54.149.23.244 16509 (AMAZON-02)
2 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 2 20.110.81.91 8075 (MICROSOFT...)
2 20.62.48.180 8075 (MICROSOFT...)
329 76
1    13.111.228.216 (United States)

ASN22606 (EXACT-7, US)
PTR: click.e.unrefugees.org
click.e.unrefugees.org
14    52.25.241.154 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-241-154.us-west-2.compute.amazonaws.com
give.unrefugees.org
7    2600:141b:13::17d7:82eb (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    192.225.158.1 (United States)

ASN30286 (THM, US)
PTR: a-sac.h.online-metrix.net
h.online-metrix.net
3    3.209.33.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-33-76.compute-1.amazonaws.com
app.dafwidget.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2606:4700:21::681b:c258 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.plyr.io
13    2607:f8b0:4006:80d::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    151.101.1.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
5    2607:f8b0:4004:c07::5c (Washington, United States)

ASN15169 (GOOGLE, US)
pay.google.com
4    2607:f8b0:4006:824::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4006:822::200a (New York, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:141b:13::17d7:82e3 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
10    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
www.googleadservices.com
7    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    13.225.63.247 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-247.ewr53.r.cloudfront.net
sc-static.net
5    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)
s.yimg.com
2    3.12.240.80 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-240-80.us-east-2.compute.amazonaws.com
collector-3219.tvsquared.com
1    35.190.72.228 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 228.72.190.35.bc.googleusercontent.com
www.tp88trk.com
4    2600:1901:0:7d2:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
g1782759016.co
g792337342.co
6    142.250.80.102 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f6.1e100.net
ad.doubleclick.net
5340953.fls.doubleclick.net
11597836.fls.doubleclick.net
3    2607:f8b0:4006:822::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2607:f8b0:4006:81f::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
4    54.210.18.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-18-100.compute-1.amazonaws.com
trkn.us
2    34.200.43.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-43-30.compute-1.amazonaws.com
ad.ipredictive.com
1    52.45.183.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-183-32.compute-1.amazonaws.com
data.adxcel-ec2.com
5    2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2607:f8b0:4006:80e::2003 (New York, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
8    2607:f8b0:4006:823::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.ca
3    76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com
sp.analytics.yahoo.com
3    2607:f8b0:4006:81c::2002 (New York, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    2606:4700::6810:c9f3 (United States)

ASN13335 (CLOUDFLARENET, US)
give.unhcr.ca
11    2607:f8b0:4006:820::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2600:9000:21da:9e00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)
c1.rfihub.net
5    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
13    173.223.57.2 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-57-2.deploy.static.akamaitechnologies.com
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com
2    35.241.48.88 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 88.48.241.35.bc.googleusercontent.com
ws1.postescanada-canadapost.ca
21    151.101.192.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    44.209.237.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-237-70.compute-1.amazonaws.com
cdn.callrail.com
6    54.221.96.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-96-38.compute-1.amazonaws.com
tags.srv.stackadapt.com
2    54.72.98.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-98-215.eu-west-1.compute.amazonaws.com
collector-2382.tvsquared.com
2    2620:116:800b:21:f059:4f7e:28a9:1588 (United States)

ASN27281 (QUANTCAST, US)
secure.quantserve.com
pixel.quantserve.com
1    51.161.118.75 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns571686.ip-51-161-118.net
t.us1.dyntrk.com
2    54.230.160.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-160-114.ewr53.r.cloudfront.net
js.adsrvr.org
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
pubads.g.doubleclick.net
15    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
20734290p.rfihub.com
a.rfihub.com
p.rfihub.com
20734289p.rfihub.com
20824034p.rfihub.com
35    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
r.stripe.com
7    68.67.160.75 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    2600:9000:21dd:2600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
8    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
1    54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com
4    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
5    142.250.72.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
cm.g.doubleclick.net
5    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
1    2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    151.101.1.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
4    35.163.125.221 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-125-221.us-west-2.compute.amazonaws.com
dpm.demdex.net
4    50.16.174.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-174-192.compute-1.amazonaws.com
ps.eyeota.net
3    23.41.168.23 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-23.deploy.static.akamaitechnologies.com
contextual.media.net
3    52.44.172.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-172-31.compute-1.amazonaws.com
bs.serving-sys.com
3    13.225.63.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-4.ewr53.r.cloudfront.net
live.rezync.com
9    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
3    23.20.218.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-218-172.compute-1.amazonaws.com
bpi.rtactivate.com
3    184.50.205.90 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-205-90.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
4    192.35.249.127 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
3    2600:1f18:612b:4200:d8c5:6a8b:7b4a:8db (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
3    13.225.214.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-50.ewr50.r.cloudfront.net
aa.agkn.com
3    107.22.22.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-22-248.compute-1.amazonaws.com
beacon.krxd.net
5    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
4    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
13    2607:f8b0:4006:81d::200e (New York, United States)

ASN15169 (GOOGLE, US)
play.google.com
2    2600:9000:21ea:8200:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    2620:1ec:27::cafe:2008 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    54.149.23.244 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-23-244.us-west-2.compute.amazonaws.com
m.stripe.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    20.110.81.91 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
2    20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e.clarity.ms
Apex Domain
Subdomains		 Transfer
57 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1740
q.stripe.com — Cisco Umbrella Rank: 10929
r.stripe.com — Cisco Umbrella Rank: 6349
m.stripe.com — Cisco Umbrella Rank: 1565
553 KB
35 google.com
www.google.com — Cisco Umbrella Rank: 10
pay.google.com — Cisco Umbrella Rank: 3621
adservice.google.com — Cisco Umbrella Rank: 98
analytics.google.com — Cisco Umbrella Rank: 501
play.google.com — Cisco Umbrella Rank: 50
448 KB
21 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 214
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
5340953.fls.doubleclick.net
11597836.fls.doubleclick.net
pubads.g.doubleclick.net — Cisco Umbrella Rank: 489
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
10 KB
16 gstatic.com
fonts.gstatic.com
www.gstatic.com
871 KB
15 rfihub.com
20826429p.rfihub.com Failed
20734290p.rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 2838
p.rfihub.com — Cisco Umbrella Rank: 741
20734289p.rfihub.com
20824034p.rfihub.com
28 KB
15 unrefugees.org
click.e.unrefugees.org
give.unrefugees.org — Cisco Umbrella Rank: 281685
lyibja.unrefugees.org Failed
943 KB
13 rackcdn.com
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com — Cisco Umbrella Rank: 93893
311 KB
10 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1298
insight.adsrvr.org — Cisco Umbrella Rank: 619
match.adsrvr.org — Cisco Umbrella Rank: 381
9 KB
10 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
141 KB
9 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 309
797 B
9 google.ca
adservice.google.ca — Cisco Umbrella Rank: 12886
www.google.ca — Cisco Umbrella Rank: 8100
2 KB
8 adnxs.com
acdn.adnxs.com — Cisco Umbrella Rank: 584
ib.adnxs.com — Cisco Umbrella Rank: 238
10 KB
8 typekit.net
use.typekit.net — Cisco Umbrella Rank: 566
p.typekit.net — Cisco Umbrella Rank: 677
197 KB
7 bing.com
bat.bing.com — Cisco Umbrella Rank: 351
c.bing.com — Cisco Umbrella Rank: 195
25 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 547
c.clarity.ms — Cisco Umbrella Rank: 996
e.clarity.ms — Cisco Umbrella Rank: 5459
26 KB
6 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 3397
9 KB
6 unhcr.ca
give.unhcr.ca
77 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
2 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
5 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
618 B
5 yimg.com
s.yimg.com — Cisco Umbrella Rank: 385
19 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
359 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 623
782 B
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 516
2 KB
4 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1014
2 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 188
3 KB
4 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
3 KB
4 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1031
ups.analytics.yahoo.com — Cisco Umbrella Rank: 277
2 KB
4 trkn.us
trkn.us — Cisco Umbrella Rank: 1966
3 KB
4 tvsquared.com
collector-3219.tvsquared.com — Cisco Umbrella Rank: 239877
collector-2382.tvsquared.com
18 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
333 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 502
1012 B
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 451
2 KB
3 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 891
547 B
3 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1053
573 B
3 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1843
325 B
3 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1517
2 KB
3 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1037
313 B
3 media.net
contextual.media.net — Cisco Umbrella Rank: 526
1 KB
3 rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 5079
19 KB
3 g1782759016.co
g1782759016.co — Cisco Umbrella Rank: 146878
6 KB
3 dafwidget.com
app.dafwidget.com
13 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 401
764 B
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1863
16 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 983
pixel.quantserve.com — Cisco Umbrella Rank: 465
30 KB
2 postescanada-canadapost.ca
ws1.postescanada-canadapost.ca — Cisco Umbrella Rank: 77490
26 KB
2 ipredictive.com
ad.ipredictive.com — Cisco Umbrella Rank: 5088
2 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 125
30 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 610
516 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1411
157 B
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1300
8 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 953
1 KB
1 dyntrk.com
t.us1.dyntrk.com — Cisco Umbrella Rank: 31403
319 B
1 callrail.com
cdn.callrail.com — Cisco Umbrella Rank: 7568
313 B
1 adxcel-ec2.com
data.adxcel-ec2.com — Cisco Umbrella Rank: 3155
131 B
1 g792337342.co
g792337342.co — Cisco Umbrella Rank: 187417
1 KB
1 tp88trk.com
www.tp88trk.com — Cisco Umbrella Rank: 23328
18 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 952
8 KB
1 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2157
1 plyr.io
cdn.plyr.io — Cisco Umbrella Rank: 14426
32 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 615
30 KB
1 online-metrix.net
h.online-metrix.net — Cisco Umbrella Rank: 2751
12 KB
329 63
Domain Requested by
24 r.stripe.com js.stripe.com
21 js.stripe.com give.unhcr.ca
js.stripe.com
14 give.unrefugees.org give.unrefugees.org
13 play.google.com www.gstatic.com
13 aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com give.unhcr.ca
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com
13 www.google.com give.unrefugees.org
www.gstatic.com
give.unhcr.ca
www.google.com
11 q.stripe.com give.unrefugees.org
11 www.gstatic.com www.google.com
www.gstatic.com
pay.google.com
10 www.google-analytics.com www.googletagmanager.com
give.unrefugees.org
www.gstatic.com
9 idsync.rlcdn.com 3 redirects give.unhcr.ca
20734289p.rfihub.com
20824034p.rfihub.com
9 p.rfihub.com 6 redirects give.unhcr.ca
8 www.google.ca give.unrefugees.org
give.unhcr.ca
7 ib.adnxs.com 3 redirects give.unhcr.ca
20734289p.rfihub.com
20824034p.rfihub.com
7 use.typekit.net give.unrefugees.org
use.typekit.net
6 match.adsrvr.org 4 redirects js.adsrvr.org
6 tags.srv.stackadapt.com give.unrefugees.org
tags.srv.stackadapt.com
6 give.unhcr.ca g792337342.co
give.unhcr.ca
6 bat.bing.com www.googletagmanager.com
bat.bing.com
5 x.bidswitch.net 2 redirects give.unhcr.ca
20734289p.rfihub.com
20824034p.rfihub.com
5 dsum-sec.casalemedia.com 1 redirects 11597836.fls.doubleclick.net
give.unhcr.ca
20734289p.rfihub.com
20824034p.rfihub.com
5 cm.g.doubleclick.net 5 redirects
5 www.facebook.com
5 fonts.gstatic.com fonts.googleapis.com
www.google.com
5 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
5 s.yimg.com give.unrefugees.org
s.yimg.com
5 connect.facebook.net give.unrefugees.org
connect.facebook.net
5 pay.google.com give.unrefugees.org
js.stripe.com
pay.google.com
www.gstatic.com
4 sync-tm.everesttech.net 4 redirects
4 sync.search.spotxchange.com 1 redirects give.unhcr.ca
20734289p.rfihub.com
20824034p.rfihub.com
4 ps.eyeota.net 1 redirects give.unhcr.ca
4 dpm.demdex.net 1 redirects give.unhcr.ca
20734289p.rfihub.com
20824034p.rfihub.com
4 pixel.rubiconproject.com 1 redirects give.unhcr.ca
20734289p.rfihub.com
20824034p.rfihub.com
4 trkn.us 2 redirects give.unrefugees.org
4 www.googletagmanager.com give.unrefugees.org
www.googletagmanager.com
give.unhcr.ca
3 beacon.krxd.net give.unhcr.ca
3 aa.agkn.com give.unhcr.ca
20734289p.rfihub.com
20824034p.rfihub.com
3 partners.tremorhub.com give.unhcr.ca
3 x.dlx.addthis.com give.unhcr.ca
20734289p.rfihub.com
20824034p.rfihub.com
3 bpi.rtactivate.com give.unhcr.ca
20734289p.rfihub.com
20824034p.rfihub.com
3 live.rezync.com 3 redirects
3 bs.serving-sys.com give.unhcr.ca
3 contextual.media.net give.unhcr.ca
20734289p.rfihub.com
20824034p.rfihub.com
3 a.rfihub.com give.unhcr.ca
3 c1.rfihub.net give.unrefugees.org
3 googleads.g.doubleclick.net www.googleadservices.com
3 sp.analytics.yahoo.com give.unrefugees.org
give.unhcr.ca
3 adservice.google.com 1 redirects 5340953.fls.doubleclick.net
11597836.fls.doubleclick.net
3 g1782759016.co give.unrefugees.org
3 app.dafwidget.com give.unrefugees.org
app.dafwidget.com
2 e.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 gum.criteo.com 2 redirects
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 m.stripe.network js.stripe.com
m.stripe.network
2 insight.adsrvr.org 1 redirects js.adsrvr.org
2 pubads.g.doubleclick.net give.unhcr.ca
2 js.adsrvr.org www.googletagmanager.com
insight.adsrvr.org
2 collector-2382.tvsquared.com give.unrefugees.org
give.unhcr.ca
2 11597836.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 5340953.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 ws1.postescanada-canadapost.ca give.unhcr.ca
2 ad.ipredictive.com give.unrefugees.org
2 ad.doubleclick.net 2 redirects
2 collector-3219.tvsquared.com give.unrefugees.org
2 www.googleadservices.com www.googletagmanager.com
2 fonts.googleapis.com give.unrefugees.org
give.unhcr.ca
1 c.bing.com 1 redirects
1 m.stripe.com m.stripe.network
1 simage2.pubmatic.com 1 redirects
1 20824034p.rfihub.com c1.rfihub.net
1 20734289p.rfihub.com c1.rfihub.net
1 alb.reddit.com 11597836.fls.doubleclick.net
1 pixel.quantserve.com give.unhcr.ca
1 www.redditstatic.com 11597836.fls.doubleclick.net
1 ups.analytics.yahoo.com 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 20734290p.rfihub.com c1.rfihub.net
1 acdn.adnxs.com give.unrefugees.org
1 t.us1.dyntrk.com www.googletagmanager.com
1 secure.quantserve.com give.unrefugees.org
1 cdn.callrail.com www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 data.adxcel-ec2.com give.unrefugees.org
1 adservice.google.ca
1 g792337342.co give.unrefugees.org
1 www.tp88trk.com www.googletagmanager.com
1 sc-static.net www.googletagmanager.com
1 p.typekit.net use.typekit.net
1 www.paypal.com give.unrefugees.org
1 cdn.plyr.io give.unrefugees.org
1 code.jquery.com give.unrefugees.org
1 h.online-metrix.net give.unrefugees.org
1 click.e.unrefugees.org 1 redirects
0 20826429p.rfihub.com Failed c1.rfihub.net
0 lyibja.unrefugees.org Failed connect.facebook.net
329 95

This site contains links to these domains. Also see Links.

Domain
www.unhcr.ca
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com
Subject Issuer Validity Valid
unrefugees.org
Amazon		 2021-12-08 -
2023-01-05		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
h.online-metrix.net
Trustwave Organization Validation SHA256 CA, Level 1		 2021-12-28 -
2023-01-23		 a year crt.sh
app.dafwidget.com
Amazon		 2021-10-29 -
2022-11-27		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.plyr.io
GTS CA 1P5		 2022-07-05 -
2022-10-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-12 -
2023-04-12		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-06-10 -
2022-12-10		 6 months crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-01-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-13 -
2022-08-11		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-07-25 -
2022-09-14		 2 months crt.sh
*.tvsquared.com
Amazon		 2021-09-16 -
2022-10-14		 a year crt.sh
tp88trk.com
Starfield Secure Certificate Authority - G2		 2022-02-15 -
2023-02-15		 a year crt.sh
g1782759016.co
GTS CA 1D4		 2022-07-10 -
2022-10-08		 3 months crt.sh
g792337342.co
GTS CA 1D4		 2022-07-20 -
2022-10-18		 3 months crt.sh
*.ipredictive.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
adxcel-ec2.com
Amazon		 2021-11-17 -
2022-12-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-15 -
2022-09-07		 6 months crt.sh
give.unhcr.ca
R3		 2022-08-01 -
2022-10-30		 3 months crt.sh
*.rfihub.net
Amazon		 2021-12-29 -
2023-01-27		 a year crt.sh
*.ssl.cf5.rackcdn.com
DigiCert SHA2 Secure Server CA		 2022-01-30 -
2023-01-31		 a year crt.sh
ws1.postescanada-canadapost.ca
Entrust Certification Authority - L1K		 2022-03-15 -
2023-03-28		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-05-20 -
2022-09-25		 4 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
cdn.callrail.com
Amazon		 2022-02-24 -
2023-03-25		 a year crt.sh
*.srv.stackadapt.com
Amazon		 2021-11-09 -
2022-12-07		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
t.us1.dyntrk.com
R3		 2022-06-10 -
2022-09-08		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-24 -
2023-05-24		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-25 -
2022-09-08		 4 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
bs.serving-sys.com
Amazon		 2022-04-20 -
2023-05-19		 a year crt.sh
rtactivate.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-23 -
2023-06-22		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2022-05-02 -
2023-05-09		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-11 -
2022-10-19		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh

This page contains 22 frames:

Primary Page: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Frame ID: 9F00A04F01C48B5BF7B2237EEF530EF3
Requests: 169 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=en&v=gWN_U6xTIPevg0vuq7g1hct0&size=normal&cb=q89mto1oztam
Frame ID: 6A0C0CBA8BE8290ABCA09C9C225CCBC1
Requests: 3 HTTP requests in this frame

Frame: https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=&ra=5912788590262832
Frame ID: E7D241686A45D163D1CDC22BDE94F757
Requests: 1 HTTP requests in this frame

Frame: https://5340953.fls.doubleclick.net/activityi;dc_pre=CI6318arrPkCFYmhnwoducIEdQ;src=5340953;type=sitev0;cat=unhcr003;ord=1748042842981;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2;~oref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2
Frame ID: BEC76128C7122EC352D0880DD3F4D057
Requests: 2 HTTP requests in this frame

Frame: https://11597836.fls.doubleclick.net/activityi;dc_pre=CLmc2MarrPkCFXAKaAgdQwsOqA;src=11597836;type=sitev0;cat=sitev00;ord=6508839026600;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2;~oref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2
Frame ID: EE0F56B9EDFCF672622E17540E0AE7E9
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-976529e038d2fd225662e9c68e6aca56.html
Frame ID: E789227D892C5A45C7F53B13B8AF41B0
Requests: 31 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-21fdcb19b8fb7c4b5f10ed6649e6c03d.html
Frame ID: 82FB15A9E14302CD2F85CAD84BE84E4B
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-32e217d41df4072ebf962f01a65b0fa8.html
Frame ID: 66BD8806854C2F2AEAC20986BE5F17F2
Requests: 5 HTTP requests in this frame

Frame: https://20734290p.rfihub.com/ca.html?ver=9&rb=9587&ca=20734290&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=8399150037472527
Frame ID: 9BBCCB6F45D52632EA0AF99361E11934
Requests: 19 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H&co=aHR0cHM6Ly9naXZlLnVuaGNyLmNhOjQ0Mw..&hl=en&v=gWN_U6xTIPevg0vuq7g1hct0&size=normal&cb=u0qkqo8oc6br
Frame ID: F5E655AE32ED9BCB6BB74452B625E73A
Requests: 8 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 87703DFE3E0C497615A6ED486EFC710A
Requests: 15 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=gWN_U6xTIPevg0vuq7g1hct0&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H
Frame ID: EB2100D0BDC3566F3FDB5ED62251E240
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-38e06be98efd982537ac2dd58f64855a.html
Frame ID: EBB076467E983498F5ED5F50DFADF8D0
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-bca4519b2bb29ac044e776560aed95d0.html
Frame ID: A592F3346BC85B0255B0BCC42861F8BA
Requests: 4 HTTP requests in this frame

Frame: https://20734289p.rfihub.com/ca.html?ver=9&rb=9587&ca=20734289&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=1698834531576947
Frame ID: AD3B7CE857AE98C25D839530CA9504EE
Requests: 19 HTTP requests in this frame

Frame: https://20824034p.rfihub.com/ca.html?ver=9&rb=9587&ca=20824034&_o=9587&_t=20824034&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=682525955761289
Frame ID: 49AE6B474F760449B3FE07F409EF3B6D
Requests: 19 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=4bdp1oi&ref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&upid=1e4ikyp&upv=1.1.0
Frame ID: 00A9B54727504FA6983A32A5D78B2C4C
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 864C876D7F1571A5ADBFD85BCCAFCF63
Requests: 4 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Frame ID: 7D4D91ECB25C44642B15177C4034F2E6
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Frame ID: E644E98AB9513EDF9F0E1E8D21528350
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6BBBB2AAFB6B0F248D4BCB2863044F77
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C29095553F7EC71C48E2C6C16F548097
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Donate Today | UNHCR Canada

Page URL History Show full URLs

  1. https://click.e.unrefugees.org/?qs=89b116de08ee5fda224db616fdac89c054bc45f6b5e88eebf9ad9744879efd9792b44bae... HTTP 302
    https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_sou... Page URL
  2. https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=re... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • https://cdn\.plyr\.io/([0-9.]+)/.+\.js
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

329
Requests

91 %
HTTPS

39 %
IPv6

63
Domains

95
Subdomains

76
IPs

6
Countries

4656 kB
Transfer

12316 kB
Size

94
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.e.unrefugees.org/?qs=89b116de08ee5fda224db616fdac89c054bc45f6b5e88eebf9ad9744879efd9792b44bae8889e3cd2aee5f4851be64e63d971b5fd6d7dcc3 HTTP 302
    https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2 Page URL
  2. https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://click.e.unrefugees.org/?qs=89b116de08ee5fda224db616fdac89c054bc45f6b5e88eebf9ad9744879efd9792b44bae8889e3cd2aee5f4851be64e63d971b5fd6d7dcc3 HTTP 302
  • https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Request Chain 36
  • https://ad.doubleclick.net/ddm/activity/src=4269937;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=4269937;dc_pre=CJSt38WrrPkCFe4JaAgdP1YNUg;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
  • https://adservice.google.com/ddm/fls/p/src=4269937;dc_pre=CJSt38WrrPkCFe4JaAgdP1YNUg;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://give.unrefugees.org/ HTTP 302
  • https://adservice.google.ca/ddm/fls/p/src=4269937;dc_pre=CJSt38WrrPkCFe4JaAgdP1YNUg;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://give.unrefugees.org/
Request Chain 37
  • https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=1253123241 HTTP 302
  • https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=1253123241;ip=149.56.153.184;cuidchk=1
Request Chain 38
  • https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=1583912551 HTTP 302
  • https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=1583912551;ip=149.56.153.184;cuidchk=1
Request Chain 115
  • https://5340953.fls.doubleclick.net/activityi;src=5340953;type=sitev0;cat=unhcr003;ord=1748042842981;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2;~oref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2 HTTP 302
  • https://5340953.fls.doubleclick.net/activityi;dc_pre=CI6318arrPkCFYmhnwoducIEdQ;src=5340953;type=sitev0;cat=unhcr003;ord=1748042842981;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2;~oref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2
Request Chain 116
  • https://11597836.fls.doubleclick.net/activityi;src=11597836;type=sitev0;cat=sitev00;ord=6508839026600;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2;~oref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2 HTTP 302
  • https://11597836.fls.doubleclick.net/activityi;dc_pre=CLmc2MarrPkCFXAKaAgdQwsOqA;src=11597836;type=sitev0;cat=sitev00;ord=6508839026600;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2;~oref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2
Request Chain 160
  • https://insight.adsrvr.org/track/pxl/?adv=pwy7gl3&ct=0:8o30mnf&fmt=3 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=5e5c946e-be20-4bd8-bd60-8d43a05eddd1&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-71egAMJE2uKtnYYjF20ds6ddWF9proU-~A&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=5e5c946e-be20-4bd8-bd60-8d43a05eddd1 HTTP 302
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=3460980525536328209&ttd_tdid=5e5c946e-be20-4bd8-bd60-8d43a05eddd1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5e5c946e-be20-4bd8-bd60-8d43a05eddd1&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NWU1Yzk0NmUtYmUyMC00YmQ4LWJkNjAtOGQ0M2EwNWVkZGQx&gdpr=0&gdpr_consent=&ttd_tdid=5e5c946e-be20-4bd8-bd60-8d43a05eddd1 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=5e5c946e-be20-4bd8-bd60-8d43a05eddd1&google_gid=CAESEJ5EYHQ8VwNZVTEbspW23b4&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5e5c946e-be20-4bd8-bd60-8d43a05eddd1&expiration=1662179055&gdpr=0&gdpr_consent=
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTc5NzI4ODExNTExMzkzNzA5OA==&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKy_pnnGMygag5pHRthDreA&google_cver=1
Request Chain 192
  • https://ib.adnxs.com/setuid?entity=18&code=1797288115113937098 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1797288115113937098
Request Chain 194
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1797288115113937098&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1797288115113937098&redir=
Request Chain 195
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=1797288115113937098&bid=omt9pi0 HTTP 302
  • https://ps.eyeota.net/match/bounce/?uid=1797288115113937098&bid=omt9pi0
Request Chain 198
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288115113937098&referrer=https%3A%2F%2Fgive.unrefugees.org%2F HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=447a06e5-c8dc-41c5-8610-74c2a2ab948e%3A1659587054.7358584&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D447a06e5-c8dc-41c5-8610-74c2a2ab948e%253A1659587054.7358584 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=447a06e5-c8dc-41c5-8610-74c2a2ab948e%3A1659587054.7358584 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESELN2X9ctIHwS8Pp1fpgAyiQ&google_cver=1
Request Chain 200
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1797288115113937098&forward= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1797288115113937098&forward=&C=1
Request Chain 203
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1797288115113937098&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1797288115113937098&img=1&__user_check__=1&sync_id=4c50df67-13ad-11ed-b39e-13726ea10103
Request Chain 207
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1797288115113937098&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1797288115113937098&expires=30
Request Chain 208
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YutJ7gAD3QzoJwBC HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=YutJ7gAD3QzoJwBC&_test=YutJ7gAD3QzoJwBC
Request Chain 273
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=5e5c946e-be20-4bd8-bd60-8d43a05eddd1&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Request Chain 274
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5e5c946e-be20-4bd8-bd60-8d43a05eddd1&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Request Chain 286
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTc5NzI4ODExNTExMzkzNzA5OA==&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKy_pnnGMygag5pHRthDreA&google_cver=1
Request Chain 290
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=1797288115113937098&bid=omt9pi0
Request Chain 292
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288115113937098&referrer=https%3A%2F%2Fgive.unrefugees.org%2F HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=447a06e5-c8dc-41c5-8610-74c2a2ab948e%3A1659587054.7358584&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D447a06e5-c8dc-41c5-8610-74c2a2ab948e%253A1659587054.7358584 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=447a06e5-c8dc-41c5-8610-74c2a2ab948e%3A1659587054.7358584 HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3460980525536328209
Request Chain 300
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=YutJ7gAD3QzoJwBC
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTc5NzI4ODExNTExMzkzNzA5OA==&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKy_pnnGMygag5pHRthDreA&google_cver=1
Request Chain 310
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=1797288115113937098&bid=omt9pi0
Request Chain 312
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288115113937098&referrer=https%3A%2F%2Fgive.unrefugees.org%2F HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=447a06e5-c8dc-41c5-8610-74c2a2ab948e%3A1659587054.7358584&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D447a06e5-c8dc-41c5-8610-74c2a2ab948e%253A1659587054.7358584 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=447a06e5-c8dc-41c5-8610-74c2a2ab948e%3A1659587054.7358584 HTTP 307
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
  • https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=UmD4Gxcvuk6OeEO37YBBwW3CfcmpOBto
Request Chain 320
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=YutJ7gAD3QzoJwBC
Request Chain 325
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=ABB4DFECEE654281A3A846BF2F69B385&RedC=c.clarity.ms&MXFR=08F04A98872860C508CE5B6E83286EC0 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ABB4DFECEE654281A3A846BF2F69B385&MUID=38F19108F0E56CB317F080FEF1CF6DAA

329 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
180117core_mainpg_p_3000
give.unrefugees.org/
Redirect Chain
  • https://click.e.unrefugees.org/?qs=89b116de08ee5fda224db616fdac89c054bc45f6b5e88eebf9ad9744879efd9792b44bae8889e3cd2aee5f4851be64e63d971b5fd6d7dcc3
  • https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=701...
36 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.241.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-241-154.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
464c5b054103f03d2f6395a9003a8f43cf9be8c3056b42a913bfb02060f2d1fb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
14232
content-type
text/html; charset=utf-8
date
Thu, 04 Aug 2022 04:24:11 GMT
vary
Accept-Encoding

Redirect headers

Cache-Control
private
Connection
close
Content-Length
383
Content-Type
text/html; charset=utf-8
Date
Thu, 04 Aug 2022 04:24:10 GMT
Location
https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
index.css
give.unrefugees.org/css/ 		127 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://give.unrefugees.org/css/index.css?v=5
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.241.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-241-154.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
acb1891dbdbd5ba9c8cd826c361df68cf004fb702eed1b7bb2ce102b50a34be5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:11 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 19:08:13 GMT
etag
"804c694d1ddbd71:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
20347
plyr.css
give.unrefugees.org/css/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://give.unrefugees.org/css/plyr.css
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.241.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-241-154.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
465ecd3c27cf42a3309af6bda6e2b8c4b9cb7a78788908904e0d6761a2c3102a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:11 GMT
content-encoding
gzip
last-modified
Sat, 23 Feb 2019 20:10:20 GMT
etag
"09e7cdb3cbd41:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
4215
hrp3szy.css
use.typekit.net/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/hrp3szy.css
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82eb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7cb56da908e94235a698c35dac8162e57993bfceefba669afddc29bd866b97f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Thu, 04 Aug 2022 04:24:11 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1032
tags.js
h.online-metrix.net/fp/ 		91 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/tags.js?org_id=zrtzph91&session_id=e1873-86a97640-2115-4735-91b2-22ee28fa12ff&pageid=1
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
a-sac.h.online-metrix.net
Software
Apache /
Resource Hash
598f02a019e9d85920166e608e1a774c8ba85a2563bb6998eefca6dd4e4f448d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Aug 2022 04:24:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
P3P
CP=IVAa PSAa
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
Keep-Alive, Keep-Alive
Content-Type
text/javascript;charset=UTF-8
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=2, max=100
Expires
Thu, 01 Jan 1970 00:00:00 GMT
nudge_arrow.png
give.unrefugees.org/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.unrefugees.org/img/nudge_arrow.png
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.241.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-241-154.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
c55f527e536de44c7980fecece7428ae5a765647495e47008a8a54fa1e434736

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:11 GMT
server
Microsoft-IIS/10.0
content-length
1233
content-type
text/html
lock-secure-donation.png
give.unrefugees.org/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.unrefugees.org/img/lock-secure-donation.png
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.241.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-241-154.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
9b9c0898e129c8c18b79f176435c368cecfe30a903797c9feba7a82ee19902bd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:11 GMT
last-modified
Mon, 12 Feb 2018 15:30:31 GMT
accept-ranges
bytes
etag
"8085af6a16a4d31:0"
content-length
8196
content-type
image/png
little-girl-aleppo-rf111302.png
give.unrefugees.org/media/1028/ 		331 KB
331 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.unrefugees.org/media/1028/little-girl-aleppo-rf111302.png
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.241.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-241-154.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
5253cfbd80f5c18ce8a2ebb220eb3ca545813ecf1fab3ed86c1f4f1a3b69430e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:11 GMT
last-modified
Wed, 04 Apr 2018 19:24:20 GMT
accept-ranges
bytes
etag
"f9943d884accd31:0"
content-length
338478
content-type
image/png
source.js
app.dafwidget.com/api/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dafwidget.com/api/js/source.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.33.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-33-76.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
1ad2c17d074acf6294285ccca5e31aa0ba3c00e08be8b28226b5620609fbe9fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:11 GMT
last-modified
Fri, 13 Aug 2021 16:43:24 GMT
server
nginx
x-powered-by
Express
etag
W/"1810-17b40659739"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
6160
bbb-logo-173x87.png
give.unrefugees.org/media/1017/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.unrefugees.org/media/1017/bbb-logo-173x87.png
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.241.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-241-154.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
97880bcd7fcc199a008ea736ab008f7f92e9cf6c0addc2afb6c92b3e70d9c9a5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:11 GMT
last-modified
Wed, 28 Mar 2018 18:24:27 GMT
accept-ranges
bytes
etag
"a937c21c2c6d31:0"
content-length
33886
content-type
image/png
guide-star-platinum.png
give.unrefugees.org/media/1005/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.unrefugees.org/media/1005/guide-star-platinum.png
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.241.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-241-154.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
53b492f729960ead9c5779dc772534e0f00e2dcdbd1687a0d236af95417549b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:11 GMT
last-modified
Tue, 05 Dec 2017 18:17:59 GMT
accept-ranges
bytes
etag
"af9bd561f56dd31:0"
content-length
16468
content-type
image/png
unhcr-visibility-horizontal-white-cmyk-v2016.svg
give.unrefugees.org/img/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.unrefugees.org/img/unhcr-visibility-horizontal-white-cmyk-v2016.svg
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.241.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-241-154.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6bfbae61daf6218548d35bd824d5299e6f0517f156050c302ddd83fa0e8abdc8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:11 GMT
content-encoding
gzip
last-modified
Tue, 31 Oct 2017 17:19:23 GMT
etag
"809f19656c52d31:0"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
4074
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://give.unrefugees.org/
Origin
https://give.unrefugees.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:11 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15851"
vary
Accept-Encoding
x-hw
1659587051.dop048.dc2.t,1659587051.cds102.dc2.hn,1659587051.cds166.dc2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
plyr.js
cdn.plyr.io/3.5.2/ 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.plyr.io/3.5.2/plyr.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:c258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8608c7129a24079dd332403d0aef583dcefdf0bfc02914d626a6559a3ac049ad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:11 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4859928
cf-polished
origSize=113855
x-cache
HIT, HIT
x-cache-hits
1, 1
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
0BGH19J295HQC8ZD
x-amz-id-2
6swq/hWYO2XpqV/wMGScS/FaI+wsJDh0FrmI0IETfwToGnlVOJFK7h6TntGWTOoPzEue19Nv8hg=
x-served-by
cache-iad-kcgs7200169-IAD, cache-yul12825-YUL
last-modified
Sun, 24 Feb 2019 01:08:29 GMT
server
cloudflare
x-timer
S1654727123.282138,VS0,VE1
etag
W/"26d009457000af80d7306229fc132b15"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4KutI71Q3YDlvUno502z3ZJ5zeIDqkw5rFbr6ARNupxA2Wuj57E6ubst0LYGMElJrJzEFU7duJuwumOq%2BsKmDrvdmf2BsCnb5xUdmHy1uqUtYanXAfhwxQh58bosqabVzuKzR%2FjDhcP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control
max-age=31536000
cf-ray
735485a1afe0ca67-YUL
cf-bgj
minify
api.js
www.google.com/recaptcha/ 		850 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fa8632fc4e2e47f0eb22b9f49dc24f43b08f8862c843fee3d88d9f4209bb42da
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
553
x-xss-protection
1; mode=block
expires
Thu, 04 Aug 2022 04:24:11 GMT
js
www.paypal.com/sdk/ 		313 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AbIbWRBITO6eG3wyKiWl5Tg03s8mty2ct1y5jK221ZKyJuzQrvBEXWq0916mpH91fZGXlxFY09_R16eo&vault=true
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-dGosKdue4+zaM+Mk52/7ssh2FUrJugHxiaLG5WVtm82k8tp/' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-dGosKdue4+zaM+Mk52/7ssh2FUrJugHxiaLG5WVtm82k8tp/' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-dGosKdue4+zaM+Mk52/7ssh2FUrJugHxiaLG5WVtm82k8tp/' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-dGosKdue4+zaM+Mk52/7ssh2FUrJugHxiaLG5WVtm82k8tp/' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
age
0
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
p3p
true
paypal-debug-id
f672086c145a4
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
95380
x-xss-protection
1; mode=block
x-served-by
cache-lax10678-LGB, cache-yul12834-YUL
traceparent
00-0000000000000000000f672086c145a4-0550964634ff148e-01
x-timer
S1659587052.827246,VS0,VE487
x-frame-options
SAMEORIGIN
date
Thu, 04 Aug 2022 04:24:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=10800
etag
W/"17494-Z8HgkKLZ+6JIM4uEmkDHEZR0OHc"
accept-ranges
bytes
x-cache-hits
0, 0
index.min.js
give.unrefugees.org/scripts/lib/ 		756 KB
485 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://give.unrefugees.org/scripts/lib/index.min.js?v=5_1
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.241.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-241-154.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
f13f98e520f9dc93425fcc355818a48e869864c61a744587d41675d0abd5316d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:11 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 18:18:03 GMT
etag
"803f1a19ad76d81:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
495193
commerce.min.js
give.unrefugees.org/scripts/lib/ 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://give.unrefugees.org/scripts/lib/commerce.min.js?v=5_1
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.241.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-241-154.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
0b81e1a8ae623dcac68161213a47de8b01e2cbbe82874efd04f767cefbc09f68

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:11 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 19:01:18 GMT
etag
"05352226a7bd81:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
12472
pay.js
pay.google.com/gp/p/js/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b6f87e7eb7e27cb769f7552282850747393fd7d3d374ab20f28a3326d7280d0
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-jYrbumnsADWWQYhfA-KAcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-jYrbumnsADWWQYhfA-KAcQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-jYrbumnsADWWQYhfA-KAcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-jYrbumnsADWWQYhfA-KAcQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
expires
Thu, 04 Aug 2022 04:24:11 GMT
gtm.js
www.googletagmanager.com/ 		370 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e0e7e9457804741780b597cafabef6fb2b66ace4fd2d86e32ac13f5ed968d317
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98383
x-xss-protection
0
last-modified
Thu, 04 Aug 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Aug 2022 04:24:11 GMT
css
fonts.googleapis.com/ 		2 KB
984 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Kalam|Lato&display=swap
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d08c52cc003c28f266bcdf1924c340b183c1f32fb96da57550f6973f5fbe50a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Aug 2022 04:24:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 04 Aug 2022 04:24:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Aug 2022 04:24:11 GMT
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=hrp3szy&ht=tk&f=139.140.171.173.174.175.176.15701.15703.15705.15708&a=1630018&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82e3 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:11 GMT
last-modified
Sat, 02 Oct 2021 08:25:28 GMT
server
nginx
etag
"61581778-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
js
www.googletagmanager.com/gtag/ 		208 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P9YZZV758Y&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2e64f77b3e866b92e2e61fc934c8b458b7cb2ab52a5e0a8ab9dc2d09ba5fa775
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:11 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74933
x-xss-protection
0
expires
Thu, 04 Aug 2022 04:24:11 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
989
date
Thu, 04 Aug 2022 04:07:43 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 04 Aug 2022 06:07:43 GMT
optimize.js
www.google-analytics.com/gtm/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-M6SN8J6
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a94db74844ff029d1f094ed919b925b9009b6c42841a86ea1df26e1cf159078e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41320
x-xss-protection
0
last-modified
Thu, 04 Aug 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Aug 2022 04:24:12 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
406e6ea57a19595b0e6786f2774801bf150aa9adea1c102abd6127632fcbdc5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15165
x-xss-protection
0
server
cafe
etag
6365998374961989006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 04:24:12 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DCFEC95922584C23A278AAE54AA10975 Ref B: YTO01EDGE0806 Ref C: 2022-08-04T04:24:12Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Thu, 04 Aug 2022 04:24:11 GMT
accept-ranges
bytes
content-length
11367
scevent.min.js
sc-static.net/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-247.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
37890dea5b2726064a174b28b90faf16d51fed898d0f37e2fb0342161593d68c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
EWR53-C1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
7821
via
1.1 876e92db01d9014c2ee242623ecd97ee.cloudfront.net (CloudFront)
x-amz-cf-id
ETsUBguihZCW_kAx-7DVI4GwpMn6TiILl9MIswyZOcsMDpR30V5Y9g==
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
97d2d7795d8696da8f15abfbc4ed528f5d97767966a23ad602f276c8d6680de9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26222
x-xss-protection
0
pragma
public
x-fb-debug
/YLVypyJikXSINO00balUH3aIjEbMbY1BFXuB2z/X8knJxMo7tX24zhK+eiytmhW3Bcn3R4Pla/mZtZA3gtc/g==
x-fb-trip-id
1512268381
x-frame-options
DENY
date
Thu, 04 Aug 2022 04:24:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ytc.js
s.yimg.com/wi/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
x-amz-request-id
PXBA7GYBKFJ6QNPM
x-amz-id-2
rYouZwVLcdueyC8AuxIqbuuSc/kbPgtkVpfMgHK4EsCQcPUlPrKeDrgy7JTpkPggPuNUgBIngIE=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 14 Jun 2022 12:21:31 GMT
server
ATS
etag
"6a624022b5d271dcefb070b0b6670abc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-version-id
.QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
accept-ranges
bytes
content-type
application/javascript
tv2track.js
collector-3219.tvsquared.com/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collector-3219.tvsquared.com/tv2track.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.240.80 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-240-80.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jul 2022 16:08:49 GMT
Server
nginx
ETag
"62d6d711-2133"
Content-Type
application/javascript
Cache-Control
max-age=600
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
8499
Expires
Thu, 04 Aug 2022 04:34:12 GMT
everflow.js
www.tp88trk.com/scripts/sdk/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tp88trk.com/scripts/sdk/everflow.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9KWLLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.228 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
228.72.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a72806e7ecf829960274016cfa7c3b84dd3f89fbba960f8e0e2b2fddfa743df

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
text/javascript
content-encoding
gzip
cache-control
max-age=14400
x-eflow-request-id
b3fae533-c98f-4796-857f-e77158b327c9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gp
g1782759016.co/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g1782759016.co/gp?id=-L_Ny2xXp1FWryzFl6qy&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&cw=1600&ch=1200
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7d2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
9c3af65d5e5445fc7cd531e09d46f573708820398bee7282395378a89c8d0bf1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
via
1.1 google
etag
W/"15e4-asKVmabmRUlTliehIEpx7OzSptQ"
server
Google Frontend
x-powered-by
Express
content-type
application/javascript; charset=utf-8
x-cloud-trace-context
09325e9c41fbb8cfbbd83e2937573b34
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5604
gp
g1782759016.co/ 		0
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g1782759016.co/gp?id=-LXPWq_CG-cVgJYLdmun&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&cw=1600&ch=1200
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7d2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
via
1.1 google
server
Google Frontend
x-powered-by
Express
content-type
application/javascript
x-cloud-trace-context
5d8b0dad4f11f96d653cfffe344d7a64
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gp
g1782759016.co/ 		0
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g1782759016.co/gp?id=-LFI9dAMttdUZNQm4p8O&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&cw=1600&ch=1200
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7d2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
via
1.1 google
server
Google Frontend
x-powered-by
Express
content-type
application/javascript
x-cloud-trace-context
004693ca52eff0336abbfb5a0472e280
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gr
g792337342.co/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g792337342.co/gr?id=-MSFZ9mVsW_sBFR61ki3&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7d2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
6ef6d1ff44da935e6144e2bd902e5d4ac672a7442f96377ca7d1a5f90175e412

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
via
1.1 google
etag
W/"47d-lk+P7Ibyz0rlSyveV1UNrfxh5jg"
server
Google Frontend
x-powered-by
Express
content-type
application/javascript; charset=utf-8
x-cloud-trace-context
db3b7b044793f9c07bfa5b0e6aca893e
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1149
/
adservice.google.ca/ddm/fls/p/src=4269937;dc_pre=CJSt38WrrPkCFe4JaAgdP1YNUg;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://give.unrefugee...
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=4269937;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
  • https://ad.doubleclick.net/ddm/activity/src=4269937;dc_pre=CJSt38WrrPkCFe4JaAgdP1YNUg;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
  • https://adservice.google.com/ddm/fls/p/src=4269937;dc_pre=CJSt38WrrPkCFe4JaAgdP1YNUg;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://give....
  • https://adservice.google.ca/ddm/fls/p/src=4269937;dc_pre=CJSt38WrrPkCFe4JaAgdP1YNUg;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://give.u...
42 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.ca/ddm/fls/p/src=4269937;dc_pre=CJSt38WrrPkCFe4JaAgdP1YNUg;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://give.unrefugees.org/
Protocol
H2
Server
2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:12 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://adservice.google.ca/ddm/fls/p/src=4269937;dc_pre=CJSt38WrrPkCFe4JaAgdP1YNUg;type=invmedia;cat=unhcr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://give.unrefugees.org/
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]
trkn.us/pixel/conv/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=1253123241
  • https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=1253123241;ip=149.56.153.184;cuidchk=1
42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=1253123241;ip=149.56.153.184;cuidchk=1
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Server
54.210.18.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-18-100.compute-1.amazonaws.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Aug 2022 04:24:12 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Thu, 04 Aug 2022 04:24:12 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/pixel/conv/ppt=18384;g=sitewide;gid=42298;ord=[uniqueid]?gtmcb=1253123241;ip=149.56.153.184;cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
ppt=18676;g=sitewide;gid=43404;ord=undefined
trkn.us/pixel/conv/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=1583912551
  • https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=1583912551;ip=149.56.153.184;cuidchk=1
42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=1583912551;ip=149.56.153.184;cuidchk=1
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Server
54.210.18.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-18-100.compute-1.amazonaws.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Aug 2022 04:24:12 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Thu, 04 Aug 2022 04:24:12 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/pixel/conv/ppt=18676;g=sitewide;gid=43404;ord=undefined?gtmcb=1583912551;ip=149.56.153.184;cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
pixel
ad.ipredictive.com/d/rt/ 		631 B
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.ipredictive.com/d/rt/pixel?rtsite_id=60700&uuid=d5534c09-ec00-4f6f-9451-54fa79df98bb&rr=CACHE_BUSTER&gtmcb=182805820
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.43.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-43-30.compute-1.amazonaws.com
Software
/
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:12 GMT
Content-Encoding
gzip
X-CI-RTID
5727f178-5ea7-4d57-a0a7-dcdfef4acaa0
Connection
keep-alive
Content-Length
479
Content-Type
image/jpeg
pixel
ad.ipredictive.com/d/track/cvt/ 		631 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.ipredictive.com/d/track/cvt/pixel?acct_id=58684&cache_buster=[timestamp]&gtmcb=2128946516
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.43.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-43-30.compute-1.amazonaws.com
Software
/
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:12 GMT
Content-Encoding
gzip
X-CI-RTID
b41cb606-9f28-40d2-8f43-faf6cbc07fae
Connection
keep-alive
Content-Length
479
Content-Type
image/jpeg
/
data.adxcel-ec2.com/pixel/ 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=content&pixid=f2fb3240-c0e1-432f-91c7-686941e6de69
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.183.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-183-32.compute-1.amazonaws.com
Software
/
Resource Hash
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
43
Content-Type
image/gif
collect
stats.g.doubleclick.net/j/ 		4 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3754388-9&cid=1546007794.1659587052&jid=422275184&gjid=1590007219&_gid=1013644406.1659587052&_u=YGBAiAABRAAAAE~&z=1244081691
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.unrefugees.org/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 04 Aug 2022 04:24:12 GMT
content-type
text/plain
access-control-allow-origin
https://give.unrefugees.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=502679291&t=pageview&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&ul=en-us&de=UTF-8&dt=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiAABR~&jid=422275184&gjid=1590007219&cid=1546007794.1659587052&tid=UA-3754388-9&_gid=1013644406.1659587052&gtm=2wg811N9KWLLF&cd1=7011K0000023DTOQA2&cd2=7011K0000023DTTQA2&z=21302001
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 22:57:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
19604
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
363860773806760
connect.facebook.net/signals/config/ 		475 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/363860773806760?v=2.9.70&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
NqnhnDZQxF+QO9CqdVsRJnSBFcFvWP4lq3jJkhqcXm8i9MUBDSgPtZqtkBuT4Y0wO/+/VXM6FRFl+rf2loj2aw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 04 Aug 2022 04:24:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1659587052143
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
l
use.typekit.net/af/180254/00000000000000000001522c/27/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/180254/00000000000000000001522c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82eb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
38c9c1413e17c7a5ee87095bdb4cad0da069451ee937cb801c8f37f2c734644f

Request headers

Referer
https://use.typekit.net/hrp3szy.css
Origin
https://give.unrefugees.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
server
nginx
etag
"d8f0e75543cc417069e2148d573e1b3687264d73"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
46404
l
use.typekit.net/af/925423/00000000000000003b9b038f/27/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/925423/00000000000000003b9b038f/27/l?subset_id=2&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82eb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7c707b4d486575fcdf35497e30073fd70f0a9ea072e4ca1ca724da7fbab22a9b

Request headers

Referer
https://use.typekit.net/hrp3szy.css
Origin
https://give.unrefugees.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
server
nginx
etag
"af967ea1356382090341795946181a15b4b5bcf0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19900
l
use.typekit.net/af/220823/000000000000000000015231/27/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/220823/000000000000000000015231/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82eb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
73ef385046533349dbdb6264bfdb814819b44a3a7ddeedf7611db7d55f567c7c

Request headers

Referer
https://use.typekit.net/hrp3szy.css
Origin
https://give.unrefugees.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
server
nginx
etag
"25d9000ed11ad93413dd9fab416a1870c8ae46cd"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
46076
YA9dr0Wd4kDdMthROCc.woff2
fonts.gstatic.com/s/kalam/v16/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kalam/v16/YA9dr0Wd4kDdMthROCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kalam|Lato&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
954410601a823f37e219f7930b7446f86afa15621326a7078d56fb9c910135cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.unrefugees.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 10:24:53 GMT
x-content-type-options
nosniff
age
496759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22336
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:47:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Jul 2023 10:24:53 GMT
css.escape.js
app.dafwidget.com/api/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.dafwidget.com/api/js/css.escape.js
Requested by
Host: app.dafwidget.com
URL: https://app.dafwidget.com/api/js/source.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.33.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-33-76.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
1c1a744432792356c2e9d9abdaa97182f3757a89b4cb5be5a3aa13c20cdd802b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
last-modified
Fri, 16 Jul 2021 11:59:36 GMT
server
nginx
x-powered-by
Express
etag
W/"c51-17aaf2fb1dd"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
3153
source.css
app.dafwidget.com/api/js/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.dafwidget.com/api/js/source.css
Requested by
Host: app.dafwidget.com
URL: https://app.dafwidget.com/api/js/source.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.33.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-33-76.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
eaf0ec8226518eb627f5fade801052a1ea281c506ebce8ce8ae99a27138ba2e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
last-modified
Fri, 16 Jul 2021 11:59:36 GMT
server
nginx
x-powered-by
Express
etag
W/"e14-17aaf2fb115"
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
3604
checkmark-icon.svg
give.unrefugees.org/img/ 		885 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.unrefugees.org/img/checkmark-icon.svg
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.241.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-241-154.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
9a9de0aac198c9af22ea0b40f3f8abbaa3540f9a369b4b2328fec924968e16ad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/css/index.css?v=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
last-modified
Tue, 05 Dec 2017 14:45:18 GMT
accept-ranges
bytes
etag
"0d31babd76dd31:0"
content-length
885
content-type
image/svg+xml
fontello.woff2
give.unrefugees.org/font/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://give.unrefugees.org/font/fontello.woff2?47325548
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.241.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-241-154.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
fd8c794bb43e5220596bc1c5d50f865268cd2655c86f0d3175875d7e1c3afcc6

Request headers

Referer
https://give.unrefugees.org/css/index.css?v=5
Origin
https://give.unrefugees.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
last-modified
Wed, 17 May 2017 10:53:35 GMT
accept-ranges
bytes
etag
"bc6dfed4fbced21:0"
content-length
4328
content-type
application/x-font-woff2
l
use.typekit.net/af/8e11d4/00000000000000003b9b038c/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/8e11d4/00000000000000003b9b038c/27/l?subset_id=2&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82eb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
62c0466b6e78094d8bb9b9fb50f13f3eb39e3be88dce7663ecfbcabde18b64bc

Request headers

Referer
https://use.typekit.net/hrp3szy.css
Origin
https://give.unrefugees.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
server
nginx
etag
"50fb462bb968fa8996b7f205254cfa92e534ea41"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19600
10095779.json
s.yimg.com/wi/config/ 		46 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10095779.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
81f701abbdb3dcd7318338357add41af96a3b776549dc928c4703cf1cf9f2ffe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:18:12 GMT
x-content-type-options
nosniff
age
21961
x-amz-server-side-encryption
AES256
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
WV5QCTZFWJNDD9XB
x-amz-id-2
G4L4vmOi8vBGDgr9biWherJ3kq4brMbXd98xtsQENsMPXJsiJ4T99ppRSS20if7fKht8a2jv/0k=
accept-ranges
bytes
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sun, 04 Sep 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Fri, 30 Jul 2021 20:49:06 GMT
server
ATS
etag
"ca96ec3516187adbafe0fb0d4f2e4932"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
x-amz-version-id
A6WkUtqwqovvPfHbvCBjlnyQPLaVaalT
access-control-allow-origin
*
x-xss-protection
1; mode=block
content-length
46
content-type
application/octet-stream
5612726.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5612726.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 606A2F82C6E24490AEBEC2C63470D684 Ref B: YTO01EDGE0806 Ref C: 2022-08-04T04:24:12Z
date
Thu, 04 Aug 2022 04:24:11 GMT
x-cache
CONFIG_NOCACHE
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1473340-18&cid=1546007794.1659587052&jid=1641861541&gjid=551111105&_gid=1013644406.1659587052&_u=aGDAiAABRAAAAE~&z=1241445137
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.unrefugees.org/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 04 Aug 2022 04:24:12 GMT
content-type
text/plain
access-control-allow-origin
https://give.unrefugees.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=502679291&t=pageview&_s=1&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&ul=en-us&de=UTF-8&dt=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiAABRAAAAE~&jid=1641861541&gjid=551111105&cid=1546007794.1659587052&tid=UA-1473340-18&_gid=1013644406.1659587052&gtm=2wg811N9KWLLF&cd3=USA&z=303384856
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 22:57:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
19604
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-P9YZZV758Y&gtm=2oe811&_p=502679291&_z=ccd.v9B&_gaz=1&cid=1546007794.1659587052&ul=en-us&sr=1600x1200&_s=1&sid=1659587052&sct=1&seg=0&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&dt=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P9YZZV758Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.unrefugees.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P9YZZV758Y&cid=1546007794.1659587052&gtm=2oe811&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P9YZZV758Y&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.unrefugees.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P9YZZV758Y&cid=1546007794.1659587052&gtm=2oe811&aip=1&z=1418758488
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3754388-9&cid=1546007794.1659587052&jid=422275184&_u=YGBAiAABRAAAAE~&z=694652539
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3754388-9&cid=1546007794.1659587052&jid=422275184&_u=YGBAiAABRAAAAE~&z=694652539
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2004%20Aug%202022%2004%3A24%3A12%20GMT&n=0&b=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&.yp=10095779&f=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&enc=UTF-8&yv=1.13.0&tagmgr=gtm
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
spdc.pbp.vip.bf1.yahoo.com
Software
ATS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:12 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Thu, 04 Aug 2022 04:24:12 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1473340-18&cid=1546007794.1659587052&jid=1641861541&_u=aGDAiAABRAAAAE~&z=682813571
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1473340-18&cid=1546007794.1659587052&jid=1641861541&_u=aGDAiAABRAAAAE~&z=682813571
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/957115417/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957115417/?random=1659587052256&cv=9&fst=1659587052256&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&tiba=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1190
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tv2track.php
collector-3219.tvsquared.com/ 		42 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector-3219.tvsquared.com/tv2track.php?action_name=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&idsite=TV-63728109-1&rec=1&r=917960&h=4&m=24&s=12&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&_id=db79583141c7e5d3&_idts=1659587052&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=744
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.240.80 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-240-80.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:12 GMT
Server
nginx
Connection
keep-alive
Request-Id
9120c127-3a91-4e01-b32c-7ef1fa297018
P3p
CP='OTI DSP COR NID STP UNI OTPa OUR'
Content-Length
42
Content-Type
image/gif
Primary Request 1
give.unhcr.ca/page/52275/donate/ 		60 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Requested by
Host: g792337342.co
URL: https://g792337342.co/gr?id=-MSFZ9mVsW_sBFR61ki3&refurl=&winurl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c9f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd1658d21baae8f1ef9efe84893e264ecfa6a603dc84601c9df3beeec9d07ac
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://give.unrefugees.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
735485a95b1d7145-YUL
content-encoding
br
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Thu, 04 Aug 2022 04:24:13 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
unhcr-visibility-horizontal-blue.svg
give.unrefugees.org/img/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.unrefugees.org/img/unhcr-visibility-horizontal-blue.svg
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/css/index.css?v=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.241.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-241-154.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/css/index.css?v=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
content-encoding
gzip
last-modified
Tue, 31 Oct 2017 17:19:01 GMT
etag
"80b0fc576c52d31:0"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
4075
l
use.typekit.net/af/219c30/00000000000000003b9b0389/27/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/219c30/00000000000000003b9b0389/27/l?subset_id=2&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82eb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://use.typekit.net/hrp3szy.css
Origin
https://give.unrefugees.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
server
nginx
etag
"7c243ed5f8437a6687e49316f96967fcfd3feb05"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19160
recaptcha__en.js
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ 		384 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://give.unrefugees.org/
Origin
https://give.unrefugees.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 21:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156787
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 04:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Aug 2023 21:23:07 GMT
tc.min.js
c1.rfihub.net/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:9e00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 03:42:53 GMT
content-encoding
gzip
last-modified
Thu, 04 Aug 2022 03:42:43 GMT
server
Jetty(9.3.29.v20201019)
age
2479
x-cache
Hit from cloudfront
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
EWR53-C1
content-type
application/x-javascript
content-length
6162
x-amz-cf-id
ScTT7huiiL_gHvhFAcR9Y0epQYis93wHu6HLQ4CXa8zAPhGABIDsGw==
expires
Thu, 04 Aug 2022 04:42:53 GMT
0
bat.bing.com/action/ 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5612726&tm=gtm002&Ver=2&mid=2c04917b-d822-410a-ab4b-eb0c35472e52&sid=4b0f396013ad11edaea46f9d9fae2e7d&vid=4b0f3af013ad11ed9a4ea9324aa0c584&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&p=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&r=&evt=pageLoad&sv=1&rn=567773
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E304144E6BCF4BC08C141BC82DFDC8EE Ref B: YTO01EDGE0806 Ref C: 2022-08-04T04:24:12Z
date
Thu, 04 Aug 2022 04:24:12 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
180117core_mainpg_p_3000
give.unrefugees.org/ 		0
0
truncated
/ 		184 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
l
use.typekit.net/af/bdde80/00000000000000000001522d/27/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/bdde80/00000000000000000001522d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hrp3szy.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82eb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://use.typekit.net/hrp3szy.css
Origin
https://give.unrefugees.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
server
nginx
etag
"58e390be81d6dc97507673691b0fec8d83b8db8f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
47672
events
lyibja.unrefugees.org/ 		0
0
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=363860773806760&ev=PageView&dl=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&rl=&if=false&ts=1659587052902&sw=1600&sh=1200&v=2.9.70&r=stable&ec=0&o=30&fbp=fb.1.1659587052898.842799422&eid=ob3_plugin-set_5d4950fd29c5f47cca8768cc24741e41753b96b369d8a298b426be35b8dc5bc5&it=1659587052051&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 04 Aug 2022 04:24:12 GMT
/
www.google.com/pagead/1p-user-list/957115417/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/957115417/?random=1659587052256&cv=9&fst=1659585600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&frm=0&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&tiba=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&async=1&fmt=3&is_vtc=1&random=1529871996&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/957115417/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/957115417/?random=1659587052256&cv=9&fst=1659585600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&frm=0&url=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&tiba=Donate%20To%20Help%20Refugees%20-%20USA%20for%20UNHCR&async=1&fmt=3&is_vtc=1&random=1529871996&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unrefugees.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 6A0C 		43 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdZJnUUAAAAAOw4JvRyjeAl2m7wg02iD6YH5iqm&co=aHR0cHM6Ly9naXZlLnVucmVmdWdlZXMub3JnOjQ0Mw..&hl=en&v=gWN_U6xTIPevg0vuq7g1hct0&size=normal&cb=q89mto1oztam
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2dSvWBjX1Rk6q3qRxczSHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://give.unrefugees.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22925
content-security-policy
script-src 'report-sample' 'nonce-2dSvWBjX1Rk6q3qRxczSHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 04 Aug 2022 04:24:13 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ca.html
20826429p.rfihub.com/ Frame E7D2 		0
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame 6A0C 		0
0
recaptcha__en.js
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame 6A0C 		0
0
0
bat.bing.com/actionp/ 		0
0
modernizr.js
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/modernizr.js?v=1428612603000
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.57.2 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-2.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
579de4981bd55ea93e663fdb2355e9c08f90cdc1d61249e0ae0fa77551835567

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Apr 2015 20:50:03 GMT
X-Object-Meta-Enid
1428612602304
ETag
5f26c78bdd1398d5441db88006ac16fa
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Timestamp
1428612602.47128
Cache-Control
public, max-age=887
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6952
X-Trans-Id
tx2e45fabb02254a0abfd75-0062eb49ediad3
Expires
Thu, 04 Aug 2022 04:39:00 GMT
jquery1.7.1.min.js
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/jquery1.7.1.min.js?v=1585599019000
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.57.2 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-2.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 20:10:20 GMT
X-Object-Meta-Enid
1585599019527
ETag
ddb84c1587287b2df08966081ef063bf
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Timestamp
1585599019.73055
Cache-Control
public, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33186
X-Trans-Id
tx8527eb1a887545e8a63dc-0062eb49ediad3
Expires
Thu, 04 Aug 2022 04:39:13 GMT
mrfx.js
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/mrfx.js?v=1561665851000
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.57.2 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-2.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4bfc3f378a3e79b0ae0f2701a5cd0071f54a3b08880563624f63676a3a32265b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Jun 2019 20:04:12 GMT
X-Object-Meta-Enid
1561665851416
ETag
98732f65179ed4b8d66a346cb0a9d91a
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Timestamp
1561665851.68614
Cache-Control
public, max-age=898
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9069
X-Trans-Id
txe407f293d46346d685b4f-0062eb49ediad3
Expires
Thu, 04 Aug 2022 04:39:11 GMT
css
fonts.googleapis.com/ 		2 KB
415 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Aug 2022 03:04:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 04 Aug 2022 04:24:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Aug 2022 04:24:13 GMT
2019redesign-2.10.3.css
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/ 		46 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/2019redesign-2.10.3.css?v=1640025275000
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.57.2 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-2.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5fa99f7f02ac569d0afd9e083cb647b0c9efb0889e66bdd1305821bd653e09bb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Dec 2021 18:34:36 GMT
X-Object-Meta-Enid
1640025274813
ETag
65e6fa8c0527c27ac1b003997eed3cc9
Vary
Accept-Encoding
Content-Type
text/css
X-Timestamp
1640025275.00006
Cache-Control
public, max-age=850
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11713
X-Trans-Id
tx05eb9a460a6448419e70f-0062eb49ediad3
Expires
Thu, 04 Aug 2022 04:38:23 GMT
cleave.min.js
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/cleave.min.js
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.57.2 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-2.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5f98b93a3842a73f443ff8b358f0a6e1e49dc8424567943bc9677fd5f06cd59e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Jul 2019 19:12:06 GMT
X-Object-Meta-Enid
1563390725610
ETag
02fd98b2c905fdae90324628ef1a85b9
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Timestamp
1563390725.81758
Cache-Control
public, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6050
X-Trans-Id
txf06fc78a4cd542239c716-0062eb49ediad3
Expires
Thu, 04 Aug 2022 04:39:13 GMT
js.cookie.min.js
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/js.cookie.min.js
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.57.2 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-2.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Dec 2019 19:48:49 GMT
X-Object-Meta-Enid
1575316128327
ETag
6cd48c176636ab8c478eb0d9434d6f7e
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Timestamp
1575316128.55385
Cache-Control
public, max-age=852
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1105
X-Trans-Id
txdf1af1513a6145228179e-0062eb49ediad3
Expires
Thu, 04 Aug 2022 04:38:25 GMT
2019redesign-2.10.3.js
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/2019redesign-2.10.3.js?v=1636471831000
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.57.2 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-2.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1e6ab49df308d6274c82981ac857dff48c5400e5f2fcedbb1d29dc3c6466ac73

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Nov 2021 15:30:31 GMT
X-Object-Meta-Enid
1636471830549
ETag
b0f11ddef51846263283524bd5a3f456
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Timestamp
1636471830.80554
Cache-Control
public, max-age=895
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12882
X-Trans-Id
tx9617d90c6a5a4c90861e3-0062eb49ediad3
Expires
Thu, 04 Aug 2022 04:39:08 GMT
enPage.css
give.unhcr.ca/pageassets/css/ 		45 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://give.unhcr.ca/pageassets/css/enPage.css?v=4.0.0
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c9f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3164c6a1238073e973cf4b7d73c539736de5933498279bb75a501dce944ff96
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 18 Jun 2022 02:13:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=1800
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
735485aa4c437145-YUL
expires
Thu, 04 Aug 2022 04:54:13 GMT
pagedata.js
give.unhcr.ca/page/52275/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://give.unhcr.ca/page/52275/pagedata.js?locale=en-US&ea.profile.id=0
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c9f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31381c88644631fdc01a8ee173b9290f6e450e403656c7aa52ef01eecbc0bf54
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/javascript
cf-ray
735485aa4c447145-YUL
enPage.js
give.unhcr.ca/pageassets/js/ 		179 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://give.unhcr.ca/pageassets/js/enPage.js?v=4.0.0
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c9f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9202e3ae15affb271137d2dbfb027ea4b226595ee6e7c832607a28654c187c4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 18 Jun 2022 02:13:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
735485aa4c457145-YUL
expires
Thu, 04 Aug 2022 04:54:13 GMT
logo-a.svg
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/logo-a.svg?v=1428611467000
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.57.2 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-2.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bdcfb388cd15cba589f840ee41b7e24b4e7e7eb9b64eace891a70b650e0aeeb1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Apr 2015 20:31:06 GMT
X-Object-Meta-Enid
1428611465494
ETag
b6738091dade4e518a63b2591737077d
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Timestamp
1428611465.68526
Cache-Control
public, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3625
X-Trans-Id
txbf31dbd89704481990156-0062eaf7daiad3
Expires
Thu, 04 Aug 2022 04:39:14 GMT
addresscomplete-2.30.min.css
ws1.postescanada-canadapost.ca/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ws1.postescanada-canadapost.ca/css/addresscomplete-2.30.min.css?key=yz24-mh72-wz78-gu85
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.48.88 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
88.48.241.35.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
c206e78d9f35e6a07202f78bff271b8a602674145d389d989631033b59124acb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:13 GMT
via
1.1 google
server
nginx/1.20.2
x-robots-tag
noindex
content-type
text/css;charset=UTF-8
cache-control
public
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2047
addresscomplete-2.30.min.js
ws1.postescanada-canadapost.ca/js/ 		87 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws1.postescanada-canadapost.ca/js/addresscomplete-2.30.min.js?key=yz24-mh72-wz78-gu85
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.48.88 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
88.48.241.35.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
82e9969c3c811baa5524317f66cbc6e874bef4859a1a532b8d6b60799fae4727

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:13 GMT
via
1.1 google
server
nginx/1.20.2
x-robots-tag
noindex
content-type
text/javascript;charset=UTF-8
cache-control
public
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24566
email-decode.min.js
give.unhcr.ca/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://give.unhcr.ca/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c9f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 29 Jul 2022 16:49:44 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"62e40fa8-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=172800, public
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
735485ae39467145-YUL
expires
Sat, 06 Aug 2022 04:24:13 GMT
general+donation+page+banner.jpg
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/general+donation+page+banner.jpg?v=1555533170000
Requested by
Host: aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com
URL: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/2019redesign-2.10.3.css?v=1640025275000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.57.2 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-2.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
388021c242ae921020275fd4f7bbacfe0330aa852ba0d1f0623c57cb1433e120

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/2019redesign-2.10.3.css?v=1640025275000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:14 GMT
Last-Modified
Mon, 10 May 2021 18:28:40 GMT
X-Object-Meta-Enid
1620671319208
ETag
95bae1c1ad89442d944e9bff8dad7993
Content-Type
image/jpeg
X-Timestamp
1620671319.45109
Cache-Control
public, max-age=867
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15308
X-Trans-Id
tx57c5175fe78346e9bbd2f-0062eb49ediad3
Expires
Thu, 04 Aug 2022 04:38:41 GMT
needle.png
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/needle.png?v=1429899188000
Requested by
Host: aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com
URL: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/2019redesign-2.10.3.css?v=1640025275000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.57.2 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-2.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
77f9d56bccd487583176dfd4e0850fda63bb4942b26a18391a1f353f5cc72bdb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/2019redesign-2.10.3.css?v=1640025275000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:13 GMT
Last-Modified
Mon, 10 May 2021 18:33:40 GMT
X-Object-Meta-Enid
1620671618883
ETag
1347ae9c3574321dbd595c6719241194
Content-Type
image/png
X-Timestamp
1620671619.10477
Cache-Control
public, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1325
X-Trans-Id
tx19c30238b967499d95b61-0062eb49ediad3
Expires
Thu, 04 Aug 2022 04:39:13 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.unhcr.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 06:38:38 GMT
x-content-type-options
nosniff
age
164735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23236
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Aug 2023 06:38:38 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.unhcr.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 09:13:59 GMT
x-content-type-options
nosniff
age
155414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Aug 2023 09:13:59 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.unhcr.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 23:16:08 GMT
x-content-type-options
nosniff
age
191285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Aug 2023 23:16:08 GMT
truncated
/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
181682e0d1f24f0b43c0c1512790642dac6114e5f5b03d9b331cb71033d16037

Request headers

Referer
Origin
https://give.unhcr.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
select-a.png
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/ 		197 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/select-a.png?v=1428611468000
Requested by
Host: aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com
URL: https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/2019redesign-2.10.3.css?v=1640025275000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.57.2 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-2.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0b1b5cecfb1c5cf3a315f94acb9c2101a371c7fae917637082bd7b82e7677d6b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/2019redesign-2.10.3.css?v=1640025275000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:13 GMT
Last-Modified
Thu, 09 Apr 2015 20:31:08 GMT
X-Object-Meta-Enid
1428611467717
ETag
3e32c69d547f6b7351b16f72111621d0
Content-Type
image/png
X-Timestamp
1428611467.90563
Cache-Control
public, max-age=893
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
197
X-Trans-Id
tx44e4ff55cb484e1584018-0062eb49ediad3
Expires
Thu, 04 Aug 2022 04:39:06 GMT
gtm.js
www.googletagmanager.com/ 		319 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-RRLC
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9cf7daa8ab21f4ec3c2d08b5b67a1aa6cbed0923e2e15e5d2a85146cea799005
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:13 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93992
x-xss-protection
0
last-modified
Thu, 04 Aug 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Aug 2022 04:24:13 GMT
RF1173739.jpg
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/ 		204 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/RF1173739.jpg?v=1643058746000
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.57.2 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-2.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7b5d0a17c585c32752c62be2072fffc8416d194506acc8c486562aae01814a66

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:14 GMT
Last-Modified
Mon, 24 Jan 2022 21:12:23 GMT
X-Object-Meta-Enid
1643058742395
ETag
369710faa94cbb8b06e4cdf4b6e501c0
Content-Type
image/jpeg
X-Timestamp
1643058742.60452
Cache-Control
public, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
208773
X-Trans-Id
tx78b060ddcd12423c85f97-0062eb49ediad3
Expires
Thu, 04 Aug 2022 04:39:14 GMT
PayPal.svg
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/PayPal.svg?v=1634671438000
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.57.2 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-57-2.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bb230994469278cbe80e0336a575209516879ad6a5e8cc9233956e71747de578

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Oct 2021 19:23:59 GMT
X-Object-Meta-Enid
1634671438356
ETag
fa90774cf99780f6efdf8f65a400d8d2
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Timestamp
1634671438.57891
Cache-Control
public, max-age=827
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2352
X-Trans-Id
tx3ee4a1536f93473caf9bc-0062eaeb41iad3
Expires
Thu, 04 Aug 2022 04:38:01 GMT
pagedata
give.unhcr.ca/page/52275/donate/1/ 		190 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://give.unhcr.ca/page/52275/donate/1/pagedata
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/pageassets/js/enPage.js?v=4.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c9f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed06336087493beaa2f58dd53f18f5d7ad90878b37844a301c1ee140945b61c5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
application/json, text/javascript
Referer
https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 04 Aug 2022 04:24:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/json
cf-ray
735485af2a6c7145-YUL
api.js
www.google.com/recaptcha/ 		850 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/pageassets/js/enPage.js?v=4.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fa8632fc4e2e47f0eb22b9f49dc24f43b08f8862c843fee3d88d9f4209bb42da
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
553
x-xss-protection
1; mode=block
expires
Thu, 04 Aug 2022 04:24:14 GMT
/
js.stripe.com/v3/ 		317 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/pageassets/js/enPage.js?v=4.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
468f0ec77316ad9c8f3ddb732c3341b77f8f7ba007c52525f6f94fb5664977e0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
42
x-cache
HIT
content-length
78157
etag
"c903e243ac70a2454a32ccb6fd9a3e33"
x-request-id
129ee379-14b0-4a23-9123-d65fc996daad
x-served-by
cache-yul12823-YUL
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 21:44:46 GMT
server
Fastly
date
Thu, 04 Aug 2022 04:24:14 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7
js
www.googletagmanager.com/gtag/ 		200 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-481D3GT839&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-RRLC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3197bd57972f21720bae8c78a3268daf34a02cfc78d2a3500fbc1c02927c3f73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73124
x-xss-protection
0
expires
Thu, 04 Aug 2022 04:24:14 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-RRLC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
406e6ea57a19595b0e6786f2774801bf150aa9adea1c102abd6127632fcbdc5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15165
x-xss-protection
0
server
cafe
etag
6365998374961989006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 04 Aug 2022 04:24:14 GMT
activityi;dc_pre=CI6318arrPkCFYmhnwoducIEdQ;src=5340953;type=sitev0;cat=unhcr003;ord=1748042842981;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%...
5340953.fls.doubleclick.net/ Frame BEC7
Redirect Chain
  • https://5340953.fls.doubleclick.net/activityi;src=5340953;type=sitev0;cat=unhcr003;ord=1748042842981;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F5227...
  • https://5340953.fls.doubleclick.net/activityi;dc_pre=CI6318arrPkCFYmhnwoducIEdQ;src=5340953;type=sitev0;cat=unhcr003;ord=1748042842981;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3...
1 KB
567 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5340953.fls.doubleclick.net/activityi;dc_pre=CI6318arrPkCFYmhnwoducIEdQ;src=5340953;type=sitev0;cat=unhcr003;ord=1748042842981;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2;~oref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-RRLC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f6.1e100.net
Software
cafe /
Resource Hash
476ba5add83a2d3d2a0d27e41f10efba4f9ac85f60950d5433bebd9c5488fbc9
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
542
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Aug 2022 04:24:14 GMT
expires
Thu, 04 Aug 2022 04:24:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Aug 2022 04:24:14 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5340953.fls.doubleclick.net/activityi;dc_pre=CI6318arrPkCFYmhnwoducIEdQ;src=5340953;type=sitev0;cat=unhcr003;ord=1748042842981;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2;~oref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CLmc2MarrPkCFXAKaAgdQwsOqA;src=11597836;type=sitev0;cat=sitev00;ord=6508839026600;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%...
11597836.fls.doubleclick.net/ Frame EE0F
Redirect Chain
  • https://11597836.fls.doubleclick.net/activityi;src=11597836;type=sitev0;cat=sitev00;ord=6508839026600;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F522...
  • https://11597836.fls.doubleclick.net/activityi;dc_pre=CLmc2MarrPkCFXAKaAgdQwsOqA;src=11597836;type=sitev0;cat=sitev00;ord=6508839026600;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%...
2 KB
918 B 		Document
General
Check archive.org
Download Go to
Full URL
https://11597836.fls.doubleclick.net/activityi;dc_pre=CLmc2MarrPkCFXAKaAgdQwsOqA;src=11597836;type=sitev0;cat=sitev00;ord=6508839026600;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2;~oref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-RRLC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f6.1e100.net
Software
cafe /
Resource Hash
4c26c586d49bb5ca30af6a5fa90a90f50c324b7331d462ee49d382a535f86306
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
893
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Aug 2022 04:24:14 GMT
expires
Thu, 04 Aug 2022 04:24:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Aug 2022 04:24:14 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://11597836.fls.doubleclick.net/activityi;dc_pre=CLmc2MarrPkCFXAKaAgdQwsOqA;src=11597836;type=sitev0;cat=sitev00;ord=6508839026600;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2;~oref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
swap.js
cdn.callrail.com/companies/214455382/b2e6704f251ac9f4812a/12/ 		32 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.callrail.com/companies/214455382/b2e6704f251ac9f4812a/12/swap.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-RRLC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.237.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-237-70.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-runtime
0.004982
date
Thu, 04 Aug 2022 04:24:14 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
etag
W/"d18beba8a6db32dd84b24258cf6542ac"
content-type
text/javascript; charset=utf-8
status
200 OK
cache-control
max-age=3600, public
timing-allow-origin
*
x-request-id
558a9650-3e77-456f-8b2c-b60c398677db
tc.min.js
c1.rfihub.net/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:9e00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 03:42:53 GMT
content-encoding
gzip
last-modified
Thu, 04 Aug 2022 03:42:43 GMT
server
Jetty(9.3.29.v20201019)
age
2481
x-cache
Hit from cloudfront
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
EWR53-C1
content-type
application/x-javascript
content-length
6162
x-amz-cf-id
EL6JUFKyIZGAVuBBfVY0kw8e66kLVsPS9lgYUxMsaTfXbK4iQ0ct5w==
expires
Thu, 04 Aug 2022 04:42:53 GMT
events.js
tags.srv.stackadapt.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.96.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-96-38.compute-1.amazonaws.com
Software
/
Resource Hash
4f0caa6336d545662fb4e20ab7b55c18f4ee3fb1b464e6bfc53ab4797303a3be

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 04 Aug 2022 04:24:14 GMT
Content-Encoding
gzip
Cache-Control
max-age=5
Content-Length
5405
Connection
keep-alive
Content-Type
text/javascript
tv2track.js
collector-2382.tvsquared.com/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collector-2382.tvsquared.com/tv2track.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.98.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-98-215.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Jul 2022 15:23:35 GMT
Server
nginx
ETag
"62d6cc77-2133"
Content-Type
application/javascript
Cache-Control
max-age=600
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
8499
Expires
Thu, 04 Aug 2022 04:34:14 GMT
ytc.js
s.yimg.com/wi/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
x-amz-request-id
PXBA7GYBKFJ6QNPM
x-amz-id-2
rYouZwVLcdueyC8AuxIqbuuSc/kbPgtkVpfMgHK4EsCQcPUlPrKeDrgy7JTpkPggPuNUgBIngIE=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 14 Jun 2022 12:21:31 GMT
server
ATS
etag
"6a624022b5d271dcefb070b0b6670abc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-version-id
.QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
accept-ranges
bytes
content-type
application/javascript
quant.js
secure.quantserve.com/ 		118 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
/
Resource Hash
d60f6f17937b8ed0a18321076438f53d6bb0d62879d42d3832bd50aa7e91e18d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
content-encoding
gzip
etag
"kVQ9bYjc9nNVTXISAKx8jA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 11 Aug 2022 04:24:14 GMT
pt.php
t.us1.dyntrk.com/ 		0
319 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.us1.dyntrk.com/pt.php?dynk=&dynt=30&dyncp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-RRLC
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.161.118.75 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns571686.ip-51-161-118.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-RRLC
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-114.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 12:46:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
56267
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
EWR53-C3
X-Amz-Cf-Id
vde0sN_mYBgD4-k0TUMxPe_ea0C8VSljBUZ_rUGK9kMh7z8NOQdOWQ==
pixie.js
acdn.adnxs.com/dmp/up/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:14 GMT
Content-Encoding
gzip
Age
80889
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3340
X-Served-By
cache-lga21956-LGA, cache-yul12826-YUL
Access-Control-Allow-Origin
*
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1659587054.159020,VS0,VE0
ETag
W/"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 01 Oct 2021 05:45:37 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
2, 12993
Audience_Segment;ord=3548211369109.2354;client_rt=415801496
pubads.g.doubleclick.net/activity;dc_iu=/5138/ 		42 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;dc_iu=/5138/Audience_Segment;ord=3548211369109.2354;client_rt=415801496?
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Audience_Segment;ord=9369747716434.445;client_rt=415801496
pubads.g.doubleclick.net/activity;dc_iu=/5138/ 		42 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;dc_iu=/5138/Audience_Segment;ord=9369747716434.445;client_rt=415801496?
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ 		384 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21458a5fee3d5793f1f165147eab174084d208c1d3df42032fdd38caf13bf724
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://give.unhcr.ca/
Origin
https://give.unhcr.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 21:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156787
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 04:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Aug 2023 21:23:07 GMT
controller-976529e038d2fd225662e9c68e6aca56.html
js.stripe.com/v3/ Frame E789 		351 B
955 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-976529e038d2fd225662e9c68e6aca56.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
3a9dabf390707535c5bd17eebda3e62ff1f47cf7f0136271d7724a07da2c7c75
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.unhcr.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
15
cache-control
max-age=60
content-encoding
br
content-length
168
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 04 Aug 2022 04:24:14 GMT
etag
"976529e038d2fd225662e9c68e6aca56"
last-modified
Wed, 03 Aug 2022 20:53:50 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
4
x-content-type-options
nosniff
x-request-id
0f1c0829-7db6-4312-8a09-4b702fcf9b41
x-served-by
cache-yul12823-YUL
payment-request-inner-google-pay-21fdcb19b8fb7c4b5f10ed6649e6c03d.html
js.stripe.com/v3/ Frame 82FB 		434 B
884 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-21fdcb19b8fb7c4b5f10ed6649e6c03d.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9fb74e5859f175d49ac0bcf9cb7853d03961420e74187d91b2c09d9b5e385192
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.unhcr.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
21
cache-control
max-age=60
content-encoding
br
content-length
197
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; font-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 04 Aug 2022 04:24:14 GMT
etag
"21fdcb19b8fb7c4b5f10ed6649e6c03d"
last-modified
Wed, 03 Aug 2022 20:53:59 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
3
x-content-type-options
nosniff
x-request-id
f872ba1f-7c57-4975-941d-19a11feaac4f
x-served-by
cache-yul12823-YUL
payment-request-inner-browser-32e217d41df4072ebf962f01a65b0fa8.html
js.stripe.com/v3/ Frame 66BD 		370 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-32e217d41df4072ebf962f01a65b0fa8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
81a4cf08c71ea26ff438cc79ba3c4fe6c8d754a73539c85d2cc3b51e458506ec
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.unhcr.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
36
cache-control
max-age=60
content-encoding
br
content-length
177
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 04 Aug 2022 04:24:14 GMT
etag
"32e217d41df4072ebf962f01a65b0fa8"
last-modified
Wed, 03 Aug 2022 20:53:59 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
2
x-content-type-options
nosniff
x-request-id
a59b47f0-84d8-4b58-9bb1-1c9cc77cd7a1
x-served-by
cache-yul12823-YUL
ca.html
20734290p.rfihub.com/ Frame 9BBC 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20734290p.rfihub.com/ca.html?ver=9&rb=9587&ca=20734290&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=8399150037472527
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.38.167.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
c51e9f0f9c0b9c73969756105d3042756fca3e2cee769603e793e8dffac8de3c

Request headers

Referer
https://give.unhcr.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
4174
Content-Type
text/html;charset=utf-8
Date
Thu, 04 Aug 2022 04:24:14 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
csp-report
q.stripe.com/ Frame E789 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame E789 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 82FB 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 82FB 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
24
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 66BD 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 66BD 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
22
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
10062043.json
s.yimg.com/wi/config/ 		2 B
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10062043.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 03:31:41 GMT
x-content-type-options
nosniff
age
3153
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
S89F2D9DA75W891E
x-amz-id-2
MXMj9W34u9o1JlAF1u5073FTaSgOO87yPh6bhtqmoUYa99WhL9OhNGw72B6gyVLLRwt8SCANI20=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
2
shared-9051b2cea85a0abeca9476d95faa904c.js
js.stripe.com/v3/fingerprinted/js/ Frame E789 		249 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-976529e038d2fd225662e9c68e6aca56.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
1eeeec78eee7f4592d0e002b2b7f8fd0af60480157fa6b3ff4b9d88ff940d6f5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/controller-976529e038d2fd225662e9c68e6aca56.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
25
x-cache
HIT
content-length
60031
etag
"9daf1eab07f0200b0509bb1470e4cca6"
x-request-id
0bd346b8-54a9-41db-95ee-daacb1225114
x-served-by
cache-yul12823-YUL
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 20:53:59 GMT
server
Fastly
date
Thu, 04 Aug 2022 04:24:14 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4
controller-c2f88e7c0a1941e967db69338a9a6243.js
js.stripe.com/v3/fingerprinted/js/ Frame E789 		368 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-c2f88e7c0a1941e967db69338a9a6243.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-976529e038d2fd225662e9c68e6aca56.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
977c8d96199d3c2e5bb7c3cd9cc52c188e9ff3ab654d00d006aaa15565c9db02
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/controller-976529e038d2fd225662e9c68e6aca56.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
59
x-cache
HIT
content-length
94158
etag
"ebe69f41817eafff6d902dec87200dc8"
x-request-id
b2bf8ea2-92d8-4ab7-be87-862bed51ad75
x-served-by
cache-yul12823-YUL
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 20:53:57 GMT
server
Fastly
date
Thu, 04 Aug 2022 04:24:14 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9
pay.js
pay.google.com/gp/p/js/ Frame 82FB 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-21fdcb19b8fb7c4b5f10ed6649e6c03d.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b6f87e7eb7e27cb769f7552282850747393fd7d3d374ab20f28a3326d7280d0
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-cut3rY38L3MLCGOHF-KGFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-cut3rY38L3MLCGOHF-KGFg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-cut3rY38L3MLCGOHF-KGFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-cut3rY38L3MLCGOHF-KGFg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
expires
Thu, 04 Aug 2022 04:24:14 GMT
shared-9051b2cea85a0abeca9476d95faa904c.js
js.stripe.com/v3/fingerprinted/js/ Frame 82FB 		249 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-21fdcb19b8fb7c4b5f10ed6649e6c03d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
1eeeec78eee7f4592d0e002b2b7f8fd0af60480157fa6b3ff4b9d88ff940d6f5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-21fdcb19b8fb7c4b5f10ed6649e6c03d.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
25
x-cache
HIT
content-length
60031
etag
"9daf1eab07f0200b0509bb1470e4cca6"
x-request-id
be87475e-8650-434f-bf95-984f8f9e8358
x-served-by
cache-yul12823-YUL
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 20:53:59 GMT
server
Fastly
date
Thu, 04 Aug 2022 04:24:14 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
5
payment-request-inner-google-pay-39a6e6d6f20d9ac783a511bf46753f09.js
js.stripe.com/v3/fingerprinted/js/ Frame 82FB 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-39a6e6d6f20d9ac783a511bf46753f09.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-21fdcb19b8fb7c4b5f10ed6649e6c03d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e0b0f145c7e2d4dc088034e19c6f9d802468f4bbae83df9b84129a19a5ceef9d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-21fdcb19b8fb7c4b5f10ed6649e6c03d.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
39
x-cache
HIT
content-length
4897
etag
"a48d9556005e9dc54d34c45fa9167545"
x-request-id
8239b328-7967-40cf-9aa8-62f8549b0e83
x-served-by
cache-yul12823-YUL
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 20:53:59 GMT
server
Fastly
date
Thu, 04 Aug 2022 04:24:14 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
205
shared-9051b2cea85a0abeca9476d95faa904c.js
js.stripe.com/v3/fingerprinted/js/ Frame 66BD 		249 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-32e217d41df4072ebf962f01a65b0fa8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
1eeeec78eee7f4592d0e002b2b7f8fd0af60480157fa6b3ff4b9d88ff940d6f5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-32e217d41df4072ebf962f01a65b0fa8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
25
x-cache
HIT
content-length
60031
etag
"9daf1eab07f0200b0509bb1470e4cca6"
x-request-id
e04e8bc6-10c9-467e-aed2-f05bf0cf6b9c
x-served-by
cache-yul12823-YUL
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 20:53:59 GMT
server
Fastly
date
Thu, 04 Aug 2022 04:24:14 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6
payment-request-inner-browser-06fcc796ede235c0451e6d45a6674eb6.js
js.stripe.com/v3/fingerprinted/js/ Frame 66BD 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-06fcc796ede235c0451e6d45a6674eb6.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-32e217d41df4072ebf962f01a65b0fa8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9fbd0e0a2695ed3b76a92490df70ed2a152492204c2b2ee753c5f0e16d609f66
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-32e217d41df4072ebf962f01a65b0fa8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
24
x-cache
HIT
content-length
4491
etag
"e05740f3970ec44bb2bc2e9183c28bc8"
x-request-id
afddfe9e-1d02-406e-8631-be08edbe2ce5
x-served-by
cache-yul12823-YUL
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 20:53:58 GMT
server
Fastly
date
Thu, 04 Aug 2022 04:24:14 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
pixie
ib.adnxs.com/ 		42 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=de4cd454-a97a-4fbe-97e9-0c571bbf8f81&it=1659587054190&v=0.0.20&u=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&r=https%3A%2F%2Fgive.unrefugees.org%2F&st=1659587054189&et=1659587054190&if=0
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-481D3GT839&gtm=2oe811&_p=2124181390&_z=ccd.v9B&cid=178256725.1659587054&ul=en-us&sr=1600x1200&_s=1&sid=1659587054&sct=1&seg=0&dl=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&dr=https%3A%2F%2Fgive.unrefugees.org%2F&dt=Donate%20Today%20%7C%20UNHCR%20Canada&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-481D3GT839&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.unhcr.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2004%20Aug%202022%2004%3A24%3A14%20GMT&n=0&b=Donate%20Today%20%7C%20UNHCR%20Canada&.yp=10062043&f=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&e=https%3A%2F%2Fgive.unrefugees.org%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
spdc.pbp.vip.bf1.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:14 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Thu, 04 Aug 2022 04:24:14 GMT
anchor
www.google.com/recaptcha/api2/ Frame F5E6 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H&co=aHR0cHM6Ly9naXZlLnVuaGNyLmNhOjQ0Mw..&hl=en&v=gWN_U6xTIPevg0vuq7g1hct0&size=normal&cb=u0qkqo8oc6br
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
34e26e0f87a316deacf2cb51bcb47c35518ea0f3b5486b0ec26efed9b6141793
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gOA8a5pA563RauSjrsHEOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://give.unhcr.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22721
content-security-policy
script-src 'report-sample' 'nonce-gOA8a5pA563RauSjrsHEOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 04 Aug 2022 04:24:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/993186362/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/993186362/?random=1659587054260&cv=9&fst=1659587054260&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&ref=https%3A%2F%2Fgive.unrefugees.org%2F&tiba=Donate%20Today%20%7C%20UNHCR%20Canada&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb5d34e041a87f0e0205adb8831496f2d951a6d60363834d25009e20036c9ea5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1232
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1489-423d1329423fd360f27316019b22a0c7.js
js.stripe.com/v3/fingerprinted/js/ Frame E789 		231 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/1489-423d1329423fd360f27316019b22a0c7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-c2f88e7c0a1941e967db69338a9a6243.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ce3dc891c88609c872bc8f424a458d92980c0d34f97641b3869206bcab568f39
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/controller-976529e038d2fd225662e9c68e6aca56.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
39
x-cache
HIT
content-length
47916
etag
"e6ae44448e6759cb629b27f1c4896477"
x-request-id
889118d1-fd88-48d5-83c5-c1a591ec14db
x-served-by
cache-yul12823-YUL
access-control-allow-origin
*
last-modified
Fri, 22 Jul 2022 20:19:04 GMT
server
Fastly
date
Thu, 04 Aug 2022 04:24:14 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3
phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js
js.stripe.com/v3/fingerprinted/js/ Frame E789 		2 KB
894 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-c2f88e7c0a1941e967db69338a9a6243.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/controller-976529e038d2fd225662e9c68e6aca56.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
33
x-cache
HIT
content-length
770
etag
"f1717e2e478c68d16ccd7b37768700be"
x-request-id
71cbf0b6-35b6-412b-96d6-ee4bc4d4faad
x-served-by
cache-yul12823-YUL
access-control-allow-origin
*
last-modified
Fri, 22 Jul 2022 20:19:07 GMT
server
Fastly
date
Thu, 04 Aug 2022 04:24:14 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
dc_pre=CI6318arrPkCFYmhnwoducIEdQ;src=5340953;type=sitev0;cat=unhcr003;ord=1748042842981;gtm=2wg811;auiddc=*;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id...
adservice.google.com/ddm/fls/z/ Frame BEC7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CI6318arrPkCFYmhnwoducIEdQ;src=5340953;type=sitev0;cat=unhcr003;ord=1748042842981;gtm=2wg811;auiddc=*;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2;~oref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2
Requested by
Host: 5340953.fls.doubleclick.net
URL: https://5340953.fls.doubleclick.net/activityi;dc_pre=CI6318arrPkCFYmhnwoducIEdQ;src=5340953;type=sitev0;cat=unhcr003;ord=1748042842981;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2;~oref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://5340953.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sa.css
tags.srv.stackadapt.com/ 		65 B
292 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.96.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-96-38.compute-1.amazonaws.com
Software
/
Resource Hash
c6e724178ee0427c9da98186a780b2c0fc867d7c92135c0fd3fd64a262d75a77

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 04 Aug 2022 04:24:14 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
65
Content-Type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
881 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.96.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-96-38.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 04 Aug 2022 04:24:14 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
651
Content-Type
image/jpeg
sa.jpeg
tags.srv.stackadapt.com/ 		0
881 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.96.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-96-38.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 04 Aug 2022 04:24:14 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
651
Content-Type
image/jpeg
rules-p-LeCBctjK8VB9S.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-LeCBctjK8VB9S.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:2600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08b0c7b10941d769b021b3eb8e067c0ee65c22f03d42399edb6cb67e33fd7eca

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:04:18 GMT
content-encoding
gzip
age
1197
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Tue, 18 Feb 2020 21:48:07 GMT
server
AmazonS3
etag
W/"cf2020d165541c711ec1903c59b65e5a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 343d70dd2c23b73057116d47a342c588.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
FskHPHMuniiNsmY-CUuMNJMdQOLERQUmyIY_q_vMZvuNzNcujFJjEg==
rum
dsum-sec.casalemedia.com/ Frame EE0F
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=pwy7gl3&ct=0:8o30mnf&fmt=3
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=5e5c946e-be20-4bd8-bd60-8d43a05eddd1&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-71egAMJE2uKtnYYjF20ds6ddWF9proU-~A&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=5e5c946e-be20-4bd8-bd60-8d43a05eddd1
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=3460980525536328209&ttd_tdid=5e5c946e-be20-4bd8-bd60-8d43a05eddd1
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5e5c946e-be20-4bd8-bd60-8d43a05eddd1&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NWU1Yzk0NmUtYmUyMC00YmQ4LWJkNjAtOGQ0M2EwNWVkZGQx&gdpr=0&gdpr_consent=&ttd_tdid=5e5c946e-be20-4bd8-bd60-8d43a...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=5e5c946e-be20-4bd8-bd60-8d43a05eddd1&google_gid=CAESEJ5EYHQ8VwNZVTEbspW23b4&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5e5c946e-be20-4bd8-bd60-8d43a05eddd1&expiration=1662179055&gdpr=0&gdpr_consent=
43 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5e5c946e-be20-4bd8-bd60-8d43a05eddd1&expiration=1662179055&gdpr=0&gdpr_consent=
Requested by
Host: 11597836.fls.doubleclick.net
URL: https://11597836.fls.doubleclick.net/activityi;dc_pre=CLmc2MarrPkCFXAKaAgdQwsOqA;src=11597836;type=sitev0;cat=sitev00;ord=6508839026600;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2;~oref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2?
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://11597836.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
735485b67cbda24d-YYZ
pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1BWR8%2FN7kkkkEpQxS5EzHqIgfQUc44yPo%2FV3VQk%2F0O%2Fg1aQ%2B33a%2BoZPQdTcZn3qz3vwdQO1LNUCT9eh6N%2BrHe9Hii7ubjG5s8t82py14MRvZg5NPwIjMjh2hcoA%2BCw76%2BpnJJa9lTs66A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5e5c946e-be20-4bd8-bd60-8d43a05eddd1&expiration=1662179055&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
dc_pre=CLmc2MarrPkCFXAKaAgdQwsOqA;src=11597836;type=sitev0;cat=sitev00;ord=6508839026600;gtm=2wg811;auiddc=*;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id...
adservice.google.com/ddm/fls/z/ Frame EE0F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLmc2MarrPkCFXAKaAgdQwsOqA;src=11597836;type=sitev0;cat=sitev00;ord=6508839026600;gtm=2wg811;auiddc=*;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2;~oref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2
Requested by
Host: 11597836.fls.doubleclick.net
URL: https://11597836.fls.doubleclick.net/activityi;dc_pre=CLmc2MarrPkCFXAKaAgdQwsOqA;src=11597836;type=sitev0;cat=sitev00;ord=6508839026600;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2;~oref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://11597836.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
pixel.js
www.redditstatic.com/ads/ Frame EE0F 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: 11597836.fls.doubleclick.net
URL: https://11597836.fls.doubleclick.net/activityi;dc_pre=CLmc2MarrPkCFXAKaAgdQwsOqA;src=11597836;type=sitev0;cat=sitev00;ord=6508839026600;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2;~oref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://11597836.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Tue, 19 Jul 2022 22:48:09 GMT
server
snooserv
etag
"95212d33cfff78ad59f5af5b20c48c53"
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
accept-ranges
bytes
content-encoding
gzip
content-length
7722
styles__ltr.css
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame F5E6 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H&co=aHR0cHM6Ly9naXZlLnVuaGNyLmNhOjQ0Mw..&hl=en&v=gWN_U6xTIPevg0vuq7g1hct0&size=normal&cb=u0qkqo8oc6br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:52:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 04:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Aug 2023 06:52:49 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame F5E6 		384 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H&co=aHR0cHM6Ly9naXZlLnVuaGNyLmNhOjQ0Mw..&hl=en&v=gWN_U6xTIPevg0vuq7g1hct0&size=normal&cb=u0qkqo8oc6br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21458a5fee3d5793f1f165147eab174084d208c1d3df42032fdd38caf13bf724
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 21:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156787
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 04:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Aug 2023 21:23:07 GMT
payframe
pay.google.com/gp/p/ui/ Frame 8770 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b5d1c068c74da5553f2b22c52b528518601c5fde9ab95c2b79f8e5257bd0e88a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-vaDRwQwVEhl1WnmhPcuTVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-vaDRwQwVEhl1WnmhPcuTVQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-vaDRwQwVEhl1WnmhPcuTVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-vaDRwQwVEhl1WnmhPcuTVQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Thu, 04 Aug 2022 04:24:14 GMT
expires
Thu, 04 Aug 2022 04:24:14 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
/
www.google.com/pagead/1p-user-list/993186362/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/993186362/?random=1659587054260&cv=9&fst=1659585600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&frm=0&url=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&ref=https%3A%2F%2Fgive.unrefugees.org%2F&tiba=Donate%20Today%20%7C%20UNHCR%20Canada&async=1&fmt=3&is_vtc=1&random=852517801&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/993186362/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/993186362/?random=1659587054260&cv=9&fst=1659585600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&frm=0&url=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&ref=https%3A%2F%2Fgive.unrefugees.org%2F&tiba=Donate%20Today%20%7C%20UNHCR%20Canada&async=1&fmt=3&is_vtc=1&random=852517801&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=1161111815;labels=_fp.event.Make%20A%20Donation;rf=0;a=p-LeCBctjK8VB9S;url=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_m...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1161111815;labels=_fp.event.Make%20A%20Donation;rf=0;a=p-LeCBctjK8VB9S;url=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2;ref=https%3A%2F%2Fgive.unrefugees.org%2F;uht=2;fpan=1;fpa=P0-1210734306-1659587054441;pbc=;ns=0;ce=1;qjs=1;qv=40d1d9f5-20220725143430;cm=;gdpr=0;d=unhcr.ca;dst=0;et=1659587054441;tzo=0;ogl=title.Please%20give%20life-saving%20aid%20to%20refugees%20in%20need%20-%20UNHCR%20Canada%2Cdescription.Many%20refugee%20families%20are%20forced%20to%20flee%20their%20homes%20and%20arrive%20in%20refugee%20camps%2Cimage.https%3A%2F%2Faaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee%252Essl%252Ecf5%252Erackcdn%252Eco%2Curl.https%3A%2F%2Fgive%252Eunhcr%252Eca%2Fpage%2F52275%2Fdonate%2F1%3Flocale%3Den-US
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:14 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
saq_pxl
tags.srv.stackadapt.com/ 		141 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=Dj57T4suom2zYAj613HnQA&is_js=true&landing_url=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&t=Donate%20Today%20%7C%20UNHCR%20Canada&tip=wdVk36aa7_G0quwUNZCfiWzLScpE0NhFLPILHB8yXOg&host=https://give.unhcr.ca&sa_conv_data_css_value=%20%220-7ba2374e-7c15-49e0-730c-571b70b80343%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9538c5c91ac8b463854dcfaeb78b85159953899b8&sa-user-id-v2=s%253A0-7ba2374e-7c15-49e0-730c-571b70b80343%2524ip%2524149.56.153.184.vHsg0fTzdqbZc0kpYSlUSG%252BBwALsJZVT1yVCwZybs9k&sa-user-id=s%253A0-7ba2374e-7c15-49e0-730c-571b70b80343.5oApBFByuWM2uZx1eXsOI%252BQo3my0Jud3Y7TRzJHKato
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.96.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-96-38.compute-1.amazonaws.com
Software
/
Resource Hash
b4133c97cead37b4a5ca93a36fd67f3c4a3a68f09eca628a7b0ff8923c3cbd38

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:14 GMT
Access-Control-Allow-Methods
GET
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://give.unhcr.ca
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
141
saq_pxl
tags.srv.stackadapt.com/ 		116 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=45CYhqwPZgoxBwoCGi2jQw&is_js=true&landing_url=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&t=Donate%20Today%20%7C%20UNHCR%20Canada&tip=wdVk36aa7_G0quwUNZCfiWzLScpE0NhFLPILHB8yXOg&host=https://give.unhcr.ca&sa_conv_data_css_value=&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9959a6808c1ab4b5d77e37954f30ba0c0953899b8&sa-user-id-v2=s%253A0-7ba2374e-7c15-49e0-730c-571b70b80343%2524ip%2524149.56.153.184.vHsg0fTzdqbZc0kpYSlUSG%252BBwALsJZVT1yVCwZybs9k&sa-user-id=s%253A0-7ba2374e-7c15-49e0-730c-571b70b80343.5oApBFByuWM2uZx1eXsOI%252BQo3my0Jud3Y7TRzJHKato
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.96.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-96-38.compute-1.amazonaws.com
Software
/
Resource Hash
b1c15a0edcce9ceeed8523d9fbbf9c7ff4d5623b2d88a0c39c2c565067782d16

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:14 GMT
Access-Control-Allow-Methods
GET
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://give.unhcr.ca
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
116
rp.gif
alb.reddit.com/ Frame EE0F 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1659587054448&id=t2_kin7205b&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=c5e40900-0ce9-44dd-9277-2647d8f70250&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_02c59ad6
Requested by
Host: 11597836.fls.doubleclick.net
URL: https://11597836.fls.doubleclick.net/activityi;dc_pre=CLmc2MarrPkCFXAKaAgdQwsOqA;src=11597836;type=sitev0;cat=sitev00;ord=6508839026600;gtm=2wg811;auiddc=594686492.1659587054;u3=undefined;u8=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2;~oref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://11597836.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
truncated
/ Frame F5E6 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F5E6 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F5E6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 30 Jul 2022 13:59:43 GMT
x-content-type-options
nosniff
age
397471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Sat, 06 Aug 2022 13:59:43 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F5E6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H&co=aHR0cHM6Ly9naXZlLnVuaGNyLmNhOjQ0Mw..&hl=en&v=gWN_U6xTIPevg0vuq7g1hct0&size=normal&cb=u0qkqo8oc6br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 11:41:34 GMT
x-content-type-options
nosniff
age
146560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 02 Aug 2023 11:41:34 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 8770 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1608
content-type
text/html; charset=UTF-8
webworker.js
www.google.com/recaptcha/api2/ Frame F5E6 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=gWN_U6xTIPevg0vuq7g1hct0
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H&co=aHR0cHM6Ly9naXZlLnVuaGNyLmNhOjQ0Mw..&hl=en&v=gWN_U6xTIPevg0vuq7g1hct0&size=normal&cb=u0qkqo8oc6br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
56b9cf87b68ca9cbae509a59dc7ab663914bc5a739d68777f64bfa8bf35f4977
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H&co=aHR0cHM6Ly9naXZlLnVuaGNyLmNhOjQ0Mw..&hl=en&v=gWN_U6xTIPevg0vuq7g1hct0&size=normal&cb=u0qkqo8oc6br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 04 Aug 2022 04:24:14 GMT
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfri... Frame 8770 		151 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriAnRAUGTHwyU6ycJoDTIiGADm3kw/m=_b,_tp,_r
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7011dd00bff525c2d6a7b7b7d1d6ccae91874c205650829fe77341129f3992da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 16:11:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54013
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 12:25:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Aug 2023 16:11:04 GMT
cm
a.rfihub.com/ Frame 9BBC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTc5NzI4ODExNTExMzkzNzA5OA==&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKy_pnnGMygag5pHRthDreA&google_cver=1
42 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKy_pnnGMygag5pHRthDreA&google_cver=1
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Server
199.38.167.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734290p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:14 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKy_pnnGMygag5pHRthDreA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 9BBC
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=18&code=1797288115113937098
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1797288115113937098
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1797288115113937098
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Server
68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734290p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Aug 2022 04:24:14 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d3bc16e8-536f-4021-b59f-5f654bb755c8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 04 Aug 2022 04:24:14 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
2d6b9f0a-c879-4130-a338-7b829c12bdb0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1797288115113937098
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 9BBC 		42 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1797288115113937098&
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734290p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Content-Type
image/gif
demconf.jpg
dpm.demdex.net/ Frame 9BBC
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1797288115113937098&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1797288115113937098&redir=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1797288115113937098&redir=
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Server
35.163.125.221 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-125-221.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734290p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v035-02b6259ab.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
kCPu2xabS70=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v035-0a8d5b10c.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
5ZtErUVGTCU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1797288115113937098&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
ps.eyeota.net/match/bounce/ Frame 9BBC
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=1797288115113937098&bid=omt9pi0
  • https://ps.eyeota.net/match/bounce/?uid=1797288115113937098&bid=omt9pi0
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match/bounce/?uid=1797288115113937098&bid=omt9pi0
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Server
50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-174-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734290p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:14 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?uid=1797288115113937098&bid=omt9pi0
Date
Thu, 04 Aug 2022 04:24:14 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
cksync.php
contextual.media.net/ Frame 9BBC 		45 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=1797288115113937098
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734290p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Thu, 04 Aug 2022 04:24:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 04 Aug 2022 04:24:14 GMT
serving
bs.serving-sys.com/ Frame 9BBC 		0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-172-31.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734290p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
0
p3p
CP="NOI DEVa OUR BUS UNI"
362358.gif
idsync.rlcdn.com/ Frame 9BBC
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288115113937098&referrer=https%3A%2F%2Fgive.unrefugees.org%2F
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=447a06e5-c8dc-41c5-8610-74c2a2ab948e%3A1659587054.7358584&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D447a06e5-c8dc-41c5-8610-74c2a2a...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=447a06e5-c8dc-41c5-8610-74c2a2ab948e%3A1659587054.7358584
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESELN2X9ctIHwS8Pp1fpgAyiQ&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESELN2X9ctIHwS8Pp1fpgAyiQ&google_cver=1
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734290p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Aug 2022 04:24:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESELN2X9ctIHwS8Pp1fpgAyiQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
bpi.rtactivate.com/tag/ Frame 9BBC 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=1797288115113937098
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.218.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-218-172.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734290p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 9BBC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1797288115113937098&forward=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1797288115113937098&forward=&C=1
43 B
950 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1797288115113937098&forward=&C=1
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734290p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
735485b47a7ba24d-YYZ
pragma
no-cache
date
Thu, 04 Aug 2022 04:24:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jG7w1gFnNWI%2F%2BHePgBibl8PrwIp9OLHNxWOk%2BHjPYrO0694FUc%2BLoHUFmDXifvPrE%2FOgHLEkrPRQmu1TsyErk1slZRnkol20Yp5STf%2BT7ErtEc2gHYb2eGEgf2H3%2B4NCusAgVs1c%2FNO4rA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SMCAaze2beNHrF11Kqhp1QGHxdRUrNoq2BPDYz25VjnGfI1GL%2FCUuX%2BUfGYxC1wChumxfZNcE9zjtArdl0rJV%2FZq1apm%2BECdHNKWrc6S7oWpsMivtZkQKfG8%2Bjbb1Rt94mcoCa50xT9HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=57&external_user_id=1797288115113937098&forward=&C=1
cache-control
no-cache
cf-ray
735485b3eb12a21a-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
360947.gif
idsync.rlcdn.com/ Frame 9BBC 		42 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=1797288115113937098
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734290p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Aug 2022 04:24:14 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
rocketfuel_sync
x.dlx.addthis.com/e/ Frame 9BBC 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=1797288115113937098
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734290p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 04 Aug 2022 04:24:15 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 9BBC
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1797288115113937098&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1797288115113937098&img=1&__user_check__=1&sync_id=4c50df67-13ad-11ed-b39e-13726ea10103
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1797288115113937098&img=1&__user_check__=1&sync_id=4c50df67-13ad-11ed-b39e-13726ea10103
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Server
192.35.249.127 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734290p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:14 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
38
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 04 Aug 2022 04:24:14 GMT
Server
nginx
Location
/partner?adv_id=7180&uid=1797288115113937098&img=1&__user_check__=1&sync_id=4c50df67-13ad-11ed-b39e-13726ea10103
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
30
Connection
keep-alive
Content-Length
0
sync
partners.tremorhub.com/ Frame 9BBC 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRF=1797288115113937098&r=L41UjlO6sSx6
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:d8c5:6a8b:7b4a:8db Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734290p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame 9BBC 		43 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=1797288115113937098
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-50.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734290p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:14 GMT
via
1.1 7608da25eb5aed0ce7cca5fc0587c650.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
4Fgyeqw5ynCWv_eLbwOwoEL8rvMJizAfytywIrKYZCxlFxRTLntDiw==
expires
0
usermatch.gif
beacon.krxd.net/ Frame 9BBC 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1797288115113937098
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.22.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-22-248.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734290p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1659587054
x-served-by
beacon-n005-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/ Frame 9BBC
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1797288115113937098&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1797288115113937098&expires=30
43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1797288115113937098&expires=30
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734290p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1797288115113937098&expires=30
Date
Thu, 04 Aug 2022 04:24:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cm
p.rfihub.com/ Frame 9BBC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YutJ7gAD3QzoJwBC
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=YutJ7gAD3QzoJwBC&_test=YutJ7gAD3QzoJwBC
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=YutJ7gAD3QzoJwBC&_test=YutJ7gAD3QzoJwBC
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Server
199.38.167.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734290p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:14 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:14 GMT
via
1.1 varnish
server
Varnish
x-timer
S1659587055.939189,VS0,VE0
x-served-by
cache-yul12833-YUL
x-cache
HIT
location
https://p.rfihub.com/cm?in=1&pub=21653&userid=YutJ7gAD3QzoJwBC&_test=YutJ7gAD3QzoJwBC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tv2track.php
collector-2382.tvsquared.com/ 		42 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector-2382.tvsquared.com/tv2track.php?action_name=Donate%20Today%20%7C%20UNHCR%20Canada&idsite=TV-72631872-1&rec=1&r=534693&h=4&m=24&s=14&url=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&urlref=https%3A%2F%2Fgive.unrefugees.org%2F&_id=bc07f898251a63d7&_idts=1659587055&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=121
Requested by
Host: give.unhcr.ca
URL: https://give.unhcr.ca/page/52275/donate/1?ea.tracking.id=OL22_UNR_U4U&utm_source=u4u&utm_medium=referral&utm_campaign=CA_PS_EN_general&utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.98.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-98-215.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:14 GMT
Server
nginx
Connection
keep-alive
Request-Id
67a67190-6b25-43ed-93a1-de95f5af9b87
P3p
CP='OTI DSP COR NID STP UNI OTPa OUR'
Content-Length
42
Content-Type
image/gif
bframe
www.google.com/recaptcha/api2/ Frame EB21 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=gWN_U6xTIPevg0vuq7g1hct0&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
601520594a67be7b7b8c2c5d2d71feb636965f80027caebdf42b3bab8a7dadbe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-x9Hy0lWRkJNCQzgfCKKXzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://give.unhcr.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1116
content-security-policy
script-src 'report-sample' 'nonce-x9Hy0lWRkJNCQzgfCKKXzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 04 Aug 2022 04:24:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40... Frame 8770 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40dIAOFshM.L.B1.O/am=BoA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgCNXllkbGhc4TBvbFhgyWgXwCEVw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriAnRAUGTHwyU6ycJoDTIiGADm3kw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ecb0d953b805a6d7cd9ecf61c7485a97ee664e2fd8a8ba7e980ac65de06f8e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 16:18:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29100
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 01:24:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Aug 2023 16:18:13 GMT
analytics.js
www.google-analytics.com/ Frame 8770 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40dIAOFshM.L.B1.O/am=BoA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgCNXllkbGhc4TBvbFhgyWgXwCEVw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
991
date
Thu, 04 Aug 2022 04:07:43 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 04 Aug 2022 06:07:43 GMT
pay
pay.google.com/gp/p/ui/ Frame 8770 		1 MB
350 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriAnRAUGTHwyU6ycJoDTIiGADm3kw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4d591b8d75e7e34086608a252cb2e17aa3002845ced957225cbc3056cd238c11
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nBBCEzWscNiGLUJPBB7DYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-nBBCEzWscNiGLUJPBB7DYg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge
server
ESF
cross-origin-opener-policy
unsafe-none
date
Thu, 04 Aug 2022 04:24:14 GMT
x-frame-options
DENY
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-nBBCEzWscNiGLUJPBB7DYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-nBBCEzWscNiGLUJPBB7DYg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires
Thu, 04 Aug 2022 04:24:14 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame EB21 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=gWN_U6xTIPevg0vuq7g1hct0&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:52:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 04:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Aug 2023 06:52:49 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame EB21 		384 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=gWN_U6xTIPevg0vuq7g1hct0&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21458a5fee3d5793f1f165147eab174084d208c1d3df42032fdd38caf13bf724
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 21:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156787
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 04:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Aug 2023 21:23:07 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40... Frame 8770 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40dIAOFshM.L.B1.O/am=BoA/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_r,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgCNXllkbGhc4TBvbFhgyWgXwCEVw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriAnRAUGTHwyU6ycJoDTIiGADm3kw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d09f47ed601e5bcae10de838f260fb13fa3f734f098e072da3177777804c3c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 16:18:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7491
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 01:24:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Aug 2023 16:18:14 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40... Frame 8770 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40dIAOFshM.L.B1.O/am=BoA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgCNXllkbGhc4TBvbFhgyWgXwCEVw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriAnRAUGTHwyU6ycJoDTIiGADm3kw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb66c3e320423b1372e317c048deeb47a54a027b5f10aa00b8f26e6e5c1e00e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 16:18:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 01:24:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Aug 2023 16:18:14 GMT
log
play.google.com/ Frame 8770 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriAnRAUGTHwyU6ycJoDTIiGADm3kw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 04 Aug 2022 04:24:14 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 8770 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriAnRAUGTHwyU6ycJoDTIiGADm3kw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 04 Aug 2022 04:24:14 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 8770 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriAnRAUGTHwyU6ycJoDTIiGADm3kw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 04 Aug 2022 04:24:14 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 8770 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriAnRAUGTHwyU6ycJoDTIiGADm3kw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 04 Aug 2022 04:24:14 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 8770 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriAnRAUGTHwyU6ycJoDTIiGADm3kw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 04 Aug 2022 04:24:14 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 8770 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriAnRAUGTHwyU6ycJoDTIiGADm3kw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 04 Aug 2022 04:24:14 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
log
play.google.com/ Frame 8770 		131 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.OjB25hqMu24.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriAnRAUGTHwyU6ycJoDTIiGADm3kw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
elements-inner-payment-request-38e06be98efd982537ac2dd58f64855a.html
js.stripe.com/v3/ Frame EBB0 		832 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-payment-request-38e06be98efd982537ac2dd58f64855a.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
722ab2003452da8c844f2101367c830c3ddc6a97437bee41ee664d884bae3e3b
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.unhcr.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
26589
cache-control
max-age=31536000
content-encoding
br
content-length
319
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 04 Aug 2022 04:24:14 GMT
etag
"38e06be98efd982537ac2dd58f64855a"
last-modified
Wed, 03 Aug 2022 20:53:50 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
247
x-content-type-options
nosniff
x-request-id
d8aff8eb-fcf0-4cb5-8c50-79d8364d5f51
x-served-by
cache-yul12823-YUL
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
csp-report
q.stripe.com/ Frame EBB0 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame EBB0 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 04 Aug 2022 04:24:14 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
ui-shared-1104b2481ba0bac028499b76824b8032.css
js.stripe.com/v3/fingerprinted/css/ Frame EBB0 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1104b2481ba0bac028499b76824b8032.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-38e06be98efd982537ac2dd58f64855a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
4528209a0fc402eb2752cba3a85021f3a6e83dde089097c9de7bc86e5b02e175
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-38e06be98efd982537ac2dd58f64855a.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
26
x-cache
HIT
content-length
2761
etag
"ac79e433d75898d8e3712ae684cf6c65"
x-request-id
fb0580b1-9523-476c-bf81-a073a1c1d8f6
x-served-by
cache-yul12823-YUL
access-control-allow-origin
*
last-modified
Tue, 02 Aug 2022 22:29:50 GMT
server
Fastly
date
Thu, 04 Aug 2022 04:24:14 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
elements-inner-payment-request-5dc11dda67ea2aa1d4bb9edd33f076ee.css
js.stripe.com/v3/fingerprinted/css/ Frame EBB0 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-5dc11dda67ea2aa1d4bb9edd33f076ee.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-38e06be98efd982537ac2dd58f64855a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ae4534ddf6813360cb413daf108742ec67a6d3edca6297ce8a7774b4f64e5c09
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-38e06be98efd982537ac2dd58f64855a.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
37
x-cache
HIT
content-length
1474
etag
"648d1966967cd19b2fec8ac2aaec6575"
x-request-id
3d3eb17d-636e-466c-980f-dfa0ed8f81c5
x-served-by
cache-yul12823-YUL
access-control-allow-origin
*
last-modified
Tue, 02 Aug 2022 22:29:49 GMT
server
Fastly
date
Thu, 04 Aug 2022 04:24:14 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
shared-9051b2cea85a0abeca9476d95faa904c.js
js.stripe.com/v3/fingerprinted/js/ Frame EBB0 		249 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-38e06be98efd982537ac2dd58f64855a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
1eeeec78eee7f4592d0e002b2b7f8fd0af60480157fa6b3ff4b9d88ff940d6f5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-38e06be98efd982537ac2dd58f64855a.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
26
x-cache
HIT
content-length
60031
etag
"9daf1eab07f0200b0509bb1470e4cca6"
x-request-id
82092cec-34c5-42a3-bda5-85d7db863979
x-served-by
cache-yul12823-YUL
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 20:53:59 GMT
server
Fastly
date
Thu, 04 Aug 2022 04:24:14 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7
ui-shared-664c910ea218b6ed7d421642b668883a.js
js.stripe.com/v3/fingerprinted/js/ Frame EBB0 		208 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-664c910ea218b6ed7d421642b668883a.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-38e06be98efd982537ac2dd58f64855a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b9f8781586b5327f18c191fea82e9d84dfe9761ccc932d0559bdfff7fee28201
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-38e06be98efd982537ac2dd58f64855a.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
55
x-cache
HIT
content-length
60959
etag
"0a136310929ac2a9576fcc2cbcbb93ac"
x-request-id
09d7e1c9-5626-4145-b634-71ba888ea462
x-served-by
cache-yul12823-YUL
access-control-allow-origin
*
last-modified
Tue, 02 Aug 2022 22:29:58 GMT
server
Fastly
date
Thu, 04 Aug 2022 04:24:14 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
elements-inner-payment-request-597d7c64c0a5fd688452a97254e3cfed.js
js.stripe.com/v3/fingerprinted/js/ Frame EBB0 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-597d7c64c0a5fd688452a97254e3cfed.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-38e06be98efd982537ac2dd58f64855a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
1324fd191805d2f8b17bd920f92b6dae5f2843abeffaf99f1c69905efe064562
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-38e06be98efd982537ac2dd58f64855a.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
37
x-cache
HIT
content-length
12743
etag
"5a5254044fb3e73f17efd8b69f54cb5b"
x-request-id
3cfea713-8ef6-4f17-b2b3-f56abe1f2a8f
x-served-by
cache-yul12823-YUL
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 20:53:58 GMT
server
Fastly
date
Thu, 04 Aug 2022 04:24:14 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
m-outer-bca4519b2bb29ac044e776560aed95d0.html
js.stripe.com/v3/ Frame A592 		240 B
1014 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-bca4519b2bb29ac044e776560aed95d0.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
58719a6541999042ec8e3f3489376c2a7c5120c9f690b712d3787d1f5c5a69eb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.unhcr.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
26809
cache-control
max-age=31536000
content-encoding
br
content-length
141
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 04 Aug 2022 04:24:15 GMT
etag
"bca4519b2bb29ac044e776560aed95d0"
last-modified
Wed, 03 Aug 2022 20:53:59 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
15502
x-content-type-options
nosniff
x-request-id
b21f9354-29df-4774-b609-8dd166896896
x-served-by
cache-yul12823-YUL
optimize.js
www.google-analytics.com/gtm/ 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-WFHM35S
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-RRLC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e324423d07cd26782114d42ec6785ec148fca268d3659b82e9e8765ec55210f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42331
x-xss-protection
0
last-modified
Thu, 04 Aug 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Aug 2022 04:24:15 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-RRLC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
992
date
Thu, 04 Aug 2022 04:07:43 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 04 Aug 2022 06:07:43 GMT
bat.js
bat.bing.com/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-RRLC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0A59541E1DEE4054928C0661704A1843 Ref B: YTO01EDGE0806 Ref C: 2022-08-04T04:24:15Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Thu, 04 Aug 2022 04:24:14 GMT
accept-ranges
bytes
content-length
11367
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/751080044/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/751080044/?random=1659587055164&cv=9&fst=1659587055164&num=1&label=RjspCO2DjskBEOykkuYC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&ref=https%3A%2F%2Fgive.unrefugees.org%2F&tiba=Donate%20Today%20%7C%20UNHCR%20Canada&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f249589d947069094a7a4f2c3b93ae28e44e111674c57658fd77852bd6d00903
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tc.min.js
c1.rfihub.net/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:9e00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 03:42:53 GMT
content-encoding
gzip
last-modified
Thu, 04 Aug 2022 03:42:43 GMT
server
Jetty(9.3.29.v20201019)
age
2482
x-cache
Hit from cloudfront
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
EWR53-C1
content-type
application/x-javascript
content-length
6162
x-amz-cf-id
vdZ9EXX15861NXAplf5uTWYUGblJ07ieTTgOsFnKcyp-O7pY4Qek1Q==
expires
Thu, 04 Aug 2022 04:42:53 GMT
ca.html
20734289p.rfihub.com/ Frame AD3B 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20734289p.rfihub.com/ca.html?ver=9&rb=9587&ca=20734289&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=1698834531576947
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.38.167.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
97484af9ae60e006d07e13676dfc3e632f0879836609fe5bd39d52a2b0457084

Request headers

Referer
https://give.unhcr.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
4174
Content-Type
text/html;charset=utf-8
Date
Thu, 04 Aug 2022 04:24:15 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
97d2d7795d8696da8f15abfbc4ed528f5d97767966a23ad602f276c8d6680de9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26222
x-xss-protection
0
pragma
public
x-fb-debug
qpl4VAWcSz6M03dK7zHXpItXpLoITGWbxXMhCiVl5y/1gHkpL1UZh/DnhtJBIIYP3nKmoIgD6SUrZEU+uo7Q/Q==
x-frame-options
DENY
date
Thu, 04 Aug 2022 04:24:15 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ytc.js
s.yimg.com/wi/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
x-amz-request-id
PXBA7GYBKFJ6QNPM
x-amz-id-2
rYouZwVLcdueyC8AuxIqbuuSc/kbPgtkVpfMgHK4EsCQcPUlPrKeDrgy7JTpkPggPuNUgBIngIE=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 14 Jun 2022 12:21:31 GMT
server
ATS
etag
"6a624022b5d271dcefb070b0b6670abc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-version-id
.QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
accept-ranges
bytes
content-type
application/javascript
ca.html
20824034p.rfihub.com/ Frame 49AE 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20824034p.rfihub.com/ca.html?ver=9&rb=9587&ca=20824034&_o=9587&_t=20824034&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=682525955761289
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.38.167.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
f928fc0a462b1f7a4b17a2fb374cb18a130d8e93bf445ca26b1437136edb338a

Request headers

Referer
https://give.unhcr.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
4174
Content-Type
text/html;charset=utf-8
Date
Thu, 04 Aug 2022 04:24:15 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
sp.pl
sp.analytics.yahoo.com/ 		43 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Donate%20Today%20%7C%20UNHCR%20Canada&.yp=10095777&f=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&e=https%3A%2F%2Fgive.unrefugees.org%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
spdc.pbp.vip.bf1.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Thu, 04 Aug 2022 04:24:15 GMT
up
insight.adsrvr.org/track/ Frame 00A9 		833 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=4bdp1oi&ref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&upid=1e4ikyp&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8428533414e83be4a572a8d673469bf9601d911fc07fba20f045daaea0ba6de4

Request headers

Referer
https://give.unhcr.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Thu, 04 Aug 2022 04:24:15 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
csp-report
q.stripe.com/ Frame A592 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame A592 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-62f66dce6ff9f48c8686baa9afeb469c.js
js.stripe.com/v3/fingerprinted/js/ Frame A592 		526 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-62f66dce6ff9f48c8686baa9afeb469c.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-bca4519b2bb29ac044e776560aed95d0.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-bca4519b2bb29ac044e776560aed95d0.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
16
x-cache
HIT
content-length
256
etag
"d96c709017743c0759cf3853d1806ba5"
x-request-id
804aaacd-d542-4eb8-a7e1-e7b9e5309cb5
x-served-by
cache-yul12823-YUL
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 20:53:58 GMT
server
Fastly
date
Thu, 04 Aug 2022 04:24:15 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
13
inner.html
m.stripe.network/ Frame 864C 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-62f66dce6ff9f48c8686baa9afeb469c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:8200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
292
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 04 Aug 2022 04:19:29 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 724c8c129f28bfce25c0430050f1ae72.cloudfront.net (CloudFront)
x-amz-cf-id
_gnx5JGrNLk-kBhBsOq19LsHVQs1AAt6IXmRpf_tn6Xeg_e1OEPzfg==
x-amz-cf-pop
EWR50-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
161578394194167
connect.facebook.net/signals/config/ 		289 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/161578394194167?v=2.9.70&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a9a58f11f8ed113b364b26fbbe38b34ef59904aa9c5bf0c8a5f8e443b447c99
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
0Vw/7CnjfAfDg8KBb94MPvv9WJ4ElVEsCLHfSDZjCmPiVQjAGEYIOpZjizGOVFg48moPcuL88mEw/pAegBktHw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 04 Aug 2022 04:24:15 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1659587055258
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
21001794.js
bat.bing.com/p/action/ 		1 KB
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/21001794.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f5b40a84e6de0205bae215bbeabd9388a32bb9fca356ecb33cb06aa3b3e390ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F393F0D3F09E4ABE90A18E155966526C Ref B: YTO01EDGE0806 Ref C: 2022-08-04T04:24:15Z
date
Thu, 04 Aug 2022 04:24:14 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
content-length
667
0
bat.bing.com/action/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=21001794&tm=gtm002&Ver=2&mid=1d31bb5b-46d5-4c23-850e-933e316f070c&sid=4c80203013ad11ed9821df250fc94db8&vid=4c80155013ad11ed9c17a32a8bcbd336&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20Today%20%7C%20UNHCR%20Canada&p=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&r=https%3A%2F%2Fgive.unrefugees.org%2F&lt=2390&evt=pageLoad&sv=1&rn=624261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8430623F73DC4E3EA7B3F6434218A697 Ref B: YTO01EDGE0806 Ref C: 2022-08-04T04:24:15Z
date
Thu, 04 Aug 2022 04:24:14 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 00A9 		487 B
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=4bdp1oi&ref=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&upid=1e4ikyp&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-114.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 00:47:49 GMT
Via
1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
Age
12987
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
lpGysvZLy8i2RJ8-jmgMLD5xUcPzMOZ-oDPs8toaExoPc16t-Bl00g==
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1473340-18&cid=178256725.1659587054&jid=1141576339&gjid=1488097657&_gid=731525037.1659587055&_u=aCDAiAABRAAAAE~&z=884104272
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.unhcr.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 04 Aug 2022 04:24:15 GMT
content-type
text/plain
access-control-allow-origin
https://give.unhcr.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2124181390&t=pageview&_s=1&dl=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&dr=https%3A%2F%2Fgive.unrefugees.org%2F&ul=en-us&de=UTF-8&dt=Donate%20Today%20%7C%20UNHCR%20Canada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiAABR~&jid=1141576339&gjid=1488097657&cid=178256725.1659587054&tid=UA-1473340-18&_gid=731525037.1659587055&gtm=2wg811RRLC&cd3=Canada&z=1911569758
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 22:57:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
19607
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-31858844-1&cid=178256725.1659587054&jid=906160963&gjid=363277570&_gid=731525037.1659587055&_u=aCHAiEABRAAAAE~&z=169813843
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.unhcr.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 04 Aug 2022 04:24:15 GMT
content-type
text/plain
access-control-allow-origin
https://give.unhcr.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2124181390&t=pageview&_s=1&dl=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&dr=https%3A%2F%2Fgive.unrefugees.org%2F&ul=en-us&de=UTF-8&dt=Donate%20Today%20%7C%20UNHCR%20Canada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCHAiEABRAAAAE~&jid=906160963&gjid=363277570&cid=178256725.1659587054&tid=UA-31858844-1&_gid=731525037.1659587055&gtm=2wg811RRLC&cd1=https%3A%2F%2Fgive.unrefugees.org%2F&z=1853093391
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 22:57:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
19607
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 7D4D
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=5e5c946e-be20-4bd8-bd60-8d43a05eddd1&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
70 B
692 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 04 Aug 2022 04:24:15 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 04 Aug 2022 04:24:15 GMT
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Server
nginx
generic
match.adsrvr.org/track/cmf/ Frame E644
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5e5c946e-be20-4bd8-bd60-8d43a05eddd1&r=https%3A%2F%2Fmatch.adsrvr.org%2...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
70 B
692 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 04 Aug 2022 04:24:15 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 04 Aug 2022 04:24:15 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
/
www.google.com/pagead/1p-user-list/751080044/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/751080044/?random=1659587055164&cv=9&fst=1659585600000&num=1&label=RjspCO2DjskBEOykkuYC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&frm=0&url=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&ref=https%3A%2F%2Fgive.unrefugees.org%2F&tiba=Donate%20Today%20%7C%20UNHCR%20Canada&async=1&fmt=3&is_vtc=1&cid=CAQSKQCsnQUxgVyJHsQWGgw7B3MGW5zgSdKdEBL3mP3EE3ze5tfrVOXGVJDZ&random=871080782&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/751080044/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/751080044/?random=1659587055164&cv=9&fst=1659585600000&num=1&label=RjspCO2DjskBEOykkuYC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg811&sendb=1&frm=0&url=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&ref=https%3A%2F%2Fgive.unrefugees.org%2F&tiba=Donate%20Today%20%7C%20UNHCR%20Canada&async=1&fmt=3&is_vtc=1&cid=CAQSKQCsnQUxgVyJHsQWGgw7B3MGW5zgSdKdEBL3mP3EE3ze5tfrVOXGVJDZ&random=871080782&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458023905935271
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/458023905935271?v=2.9.70&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2822aadc367a1500f6399961bb7c5c4d0241a71a9085bf818cc1fa2625982121
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
uE7/gbRJJD8Vv0oPRnfyoYBSMZFAh2McpTTdrDKwCOOIVZK/qwZYE9mKa5zqL/lPG+CUm+0ahcgRVTrtJj8JtA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 04 Aug 2022 04:24:15 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1659587055349
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=161578394194167&ev=PageView&dl=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&rl=https%3A%2F%2Fgive.unrefugees.org%2F&if=false&ts=1659587055290&sw=1600&sh=1200&v=2.9.70&r=stable&ec=0&o=30&it=1659587055200&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 04 Aug 2022 04:24:15 GMT
21001794
www.clarity.ms/tag/uet/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/21001794
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/21001794.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:2008 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
c880684fd41914572b3108d5ab2daab858152cdf526ac1c1d2db862788e711e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
x-powered-by
ASP.NET
x-azure-ref
070nrYgAAAACQ1qq5utq4TK8kvI+EhDJKTEFTMzBFREdFMDEyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
content-length
1543
expires
-1
csp-report
q.stripe.com/ Frame 864C 		0
344 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.unrefugees.org
URL: https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
x-robots-tag
none
content-length
0
x-content-type-options
nosniff
expires
0
out-4.5.42.js
m.stripe.network/ Frame 864C 		86 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:8200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
age
18
date
Thu, 04 Aug 2022 04:24:00 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 724c8c129f28bfce25c0430050f1ae72.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
QbCUaLtukQcxYa832Pbvp_y54ycaS_AWZEWNfpark_ro5BlDXhcOCQ==
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1473340-18&cid=178256725.1659587054&jid=1141576339&_u=aCDAiAABRAAAAE~&z=591776414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1473340-18&cid=178256725.1659587054&jid=1141576339&_u=aCDAiAABRAAAAE~&z=591776414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-31858844-1&cid=178256725.1659587054&jid=906160963&_u=aCHAiEABRAAAAE~&z=1891579101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-31858844-1&cid=178256725.1659587054&jid=906160963&_u=aCHAiEABRAAAAE~&z=1891579101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
a.rfihub.com/ Frame AD3B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTc5NzI4ODExNTExMzkzNzA5OA==&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKy_pnnGMygag5pHRthDreA&google_cver=1
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKy_pnnGMygag5pHRthDreA&google_cver=1
Protocol
HTTP/1.1
Server
199.38.167.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734289p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:15 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKy_pnnGMygag5pHRthDreA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame AD3B 		43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=18&code=1797288115113937098
Requested by
Host: 20734289p.rfihub.com
URL: https://20734289p.rfihub.com/ca.html?ver=9&rb=9587&ca=20734289&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=1698834531576947
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734289p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Aug 2022 04:24:15 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d15baab2-eae1-44e9-bc0b-2d9f52e90c12
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame AD3B 		42 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1797288115113937098&
Requested by
Host: 20734289p.rfihub.com
URL: https://20734289p.rfihub.com/ca.html?ver=9&rb=9587&ca=20734289&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=1698834531576947
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734289p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Content-Type
image/gif
ibs:dpid=1121&dpuuid=1797288115113937098&redir=
dpm.demdex.net/ Frame AD3B 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1797288115113937098&redir=
Requested by
Host: 20734289p.rfihub.com
URL: https://20734289p.rfihub.com/ca.html?ver=9&rb=9587&ca=20734289&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=1698834531576947
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.125.221 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-125-221.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734289p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v035-069d1e211.edge-usw2.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Am3KVsdeQEg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
match
ps.eyeota.net/ Frame AD3B
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=1797288115113937098&bid=omt9pi0
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=1797288115113937098&bid=omt9pi0
Protocol
HTTP/1.1
Server
50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-174-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734289p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:15 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?uid=1797288115113937098&bid=omt9pi0
Date
Thu, 04 Aug 2022 04:24:15 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cksync.php
contextual.media.net/ Frame AD3B 		45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=1797288115113937098
Requested by
Host: 20734289p.rfihub.com
URL: https://20734289p.rfihub.com/ca.html?ver=9&rb=9587&ca=20734289&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=1698834531576947
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734289p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Thu, 04 Aug 2022 04:24:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 04 Aug 2022 04:24:15 GMT
52154.gif
idsync.rlcdn.com/ Frame AD3B
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288115113937098&referrer=https%3A%2F%2Fgive.unrefugees.org%2F
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=447a06e5-c8dc-41c5-8610-74c2a2ab948e%3A1659587054.7358584&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D447a06e5-c8dc-41c5-8610-74c2a2a...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=447a06e5-c8dc-41c5-8610-74c2a2ab948e%3A1659587054.7358584
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3460980525536328209
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3460980525536328209
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734289p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Aug 2022 04:24:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Pragma
no-cache
Date
Thu, 04 Aug 2022 04:24:15 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
4b44689f-f5a8-4bbb-a9f3-e1f425dd108d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3460980525536328209
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
bpi.rtactivate.com/tag/ Frame AD3B 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=1797288115113937098
Requested by
Host: 20734289p.rfihub.com
URL: https://20734289p.rfihub.com/ca.html?ver=9&rb=9587&ca=20734289&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=1698834531576947
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.218.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-218-172.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734289p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame AD3B 		43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1797288115113937098&forward=
Requested by
Host: 20734289p.rfihub.com
URL: https://20734289p.rfihub.com/ca.html?ver=9&rb=9587&ca=20734289&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=1698834531576947
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734289p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
735485b7feaba24d-YYZ
pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=refIoTNJpP9Bqarajt7cZ6TmCKfKiydglIMT9zW98yheCx1LFuaEYJ2S8RceATgyGg7gsPFtNeFRxaHUNumkaW7pp%2B%2Bd4m53wg6QSXFANBH0jrLN4OYU4oJtX9c%2B7wKPKMRe2gjQY9XVqA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0
360947.gif
idsync.rlcdn.com/ Frame AD3B 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=1797288115113937098
Requested by
Host: 20734289p.rfihub.com
URL: https://20734289p.rfihub.com/ca.html?ver=9&rb=9587&ca=20734289&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=1698834531576947
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734289p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Aug 2022 04:24:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
rocketfuel_sync
x.dlx.addthis.com/e/ Frame AD3B 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=1797288115113937098
Requested by
Host: 20734289p.rfihub.com
URL: https://20734289p.rfihub.com/ca.html?ver=9&rb=9587&ca=20734289&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=1698834531576947
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734289p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 04 Aug 2022 04:24:15 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame AD3B 		43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1797288115113937098&img=1
Requested by
Host: 20734289p.rfihub.com
URL: https://20734289p.rfihub.com/ca.html?ver=9&rb=9587&ca=20734289&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=1698834531576947
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.35.249.127 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734289p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:15 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
129
Connection
keep-alive
Content-Length
43
g.pixel
aa.agkn.com/adscores/ Frame AD3B 		43 B
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=1797288115113937098
Requested by
Host: 20734289p.rfihub.com
URL: https://20734289p.rfihub.com/ca.html?ver=9&rb=9587&ca=20734289&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=1698834531576947
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-50.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734289p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
via
1.1 7608da25eb5aed0ce7cca5fc0587c650.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
WZYrjS1vs93sxH75UXIgopNVo50rR9cYt9xkEAnN9TqxRX5uRXQgEA==
expires
0
sync
x.bidswitch.net/ Frame AD3B 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=119&user_id=1797288115113937098&expires=30
Requested by
Host: 20734289p.rfihub.com
URL: https://20734289p.rfihub.com/ca.html?ver=9&rb=9587&ca=20734289&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=1698834531576947
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734289p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cm
p.rfihub.com/ Frame AD3B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=YutJ7gAD3QzoJwBC
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=YutJ7gAD3QzoJwBC
Protocol
HTTP/1.1
Server
199.38.167.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734289p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:15 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
via
1.1 varnish
server
Varnish
x-timer
S1659587055.350117,VS0,VE0
x-served-by
cache-yul12833-YUL
x-cache
HIT
location
https://p.rfihub.com/cm?in=1&pub=21653&userid=YutJ7gAD3QzoJwBC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
serving
bs.serving-sys.com/ Frame AD3B 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-172-31.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734289p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
0
p3p
CP="NOI DEVa OUR BUS UNI"
sync
partners.tremorhub.com/ Frame AD3B 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRF=1797288115113937098&r=LVob1z200ky5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:d8c5:6a8b:7b4a:8db Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734289p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
usermatch.gif
beacon.krxd.net/ Frame AD3B 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1797288115113937098
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.22.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-22-248.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20734289p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
cache-control
private, no-cache, no-store
x-request-time
D=26 t=1659587055
x-served-by
beacon-n011-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
6
m.stripe.com/ Frame 864C 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.23.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-23-244.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ff8555f4cd05cb1555a343708754d3ef02296283ad1e618cd62087ac2cb5a74
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=458023905935271&ev=PageView&dl=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&rl=https%3A%2F%2Fgive.unrefugees.org%2F&if=false&ts=1659587055401&sw=1600&sh=1200&v=2.9.70&r=stable&ec=0&o=30&fbp=fb.1.1659587055399.837916905&it=1659587055200&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 04 Aug 2022 04:24:15 GMT
cm
a.rfihub.com/ Frame 49AE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTc5NzI4ODExNTExMzkzNzA5OA==&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKy_pnnGMygag5pHRthDreA&google_cver=1
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKy_pnnGMygag5pHRthDreA&google_cver=1
Protocol
HTTP/1.1
Server
199.38.167.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20824034p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:15 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEKy_pnnGMygag5pHRthDreA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 49AE 		43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=18&code=1797288115113937098
Requested by
Host: 20824034p.rfihub.com
URL: https://20824034p.rfihub.com/ca.html?ver=9&rb=9587&ca=20824034&_o=9587&_t=20824034&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=682525955761289
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20824034p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 04 Aug 2022 04:24:15 GMT
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
2d429d29-7384-4c84-8b96-5d21458764b9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 49AE 		42 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1797288115113937098&
Requested by
Host: 20824034p.rfihub.com
URL: https://20824034p.rfihub.com/ca.html?ver=9&rb=9587&ca=20824034&_o=9587&_t=20824034&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=682525955761289
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20824034p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
Content-Type
image/gif
ibs:dpid=1121&dpuuid=1797288115113937098&redir=
dpm.demdex.net/ Frame 49AE 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1797288115113937098&redir=
Requested by
Host: 20824034p.rfihub.com
URL: https://20824034p.rfihub.com/ca.html?ver=9&rb=9587&ca=20824034&_o=9587&_t=20824034&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=682525955761289
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.125.221 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-125-221.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20824034p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v035-0baf7911a.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4mGQavtVTNE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
match
ps.eyeota.net/ Frame 49AE
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=1797288115113937098&bid=omt9pi0
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=1797288115113937098&bid=omt9pi0
Protocol
HTTP/1.1
Server
50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-174-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20824034p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:15 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?uid=1797288115113937098&bid=omt9pi0
Date
Thu, 04 Aug 2022 04:24:15 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cksync.php
contextual.media.net/ Frame 49AE 		45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=1797288115113937098
Requested by
Host: 20824034p.rfihub.com
URL: https://20824034p.rfihub.com/ca.html?ver=9&rb=9587&ca=20824034&_o=9587&_t=20824034&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=682525955761289
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20824034p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Thu, 04 Aug 2022 04:24:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 04 Aug 2022 04:24:15 GMT
397676.gif
idsync.rlcdn.com/ Frame 49AE
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288115113937098&referrer=https%3A%2F%2Fgive.unrefugees.org%2F
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=447a06e5-c8dc-41c5-8610-74c2a2ab948e%3A1659587054.7358584&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D447a06e5-c8dc-41c5-8610-74c2a2a...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=447a06e5-c8dc-41c5-8610-74c2a2ab948e%3A1659587054.7358584
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
  • https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=UmD4Gxcvuk6OeEO37YBBwW3CfcmpOBto
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=UmD4Gxcvuk6OeEO37YBBwW3CfcmpOBto
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20824034p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Aug 2022 04:24:16 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=UmD4Gxcvuk6OeEO37YBBwW3CfcmpOBto
date
Thu, 04 Aug 2022 04:24:15 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
4593
content-length
221
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
/
bpi.rtactivate.com/tag/ Frame 49AE 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=1797288115113937098
Requested by
Host: 20824034p.rfihub.com
URL: https://20824034p.rfihub.com/ca.html?ver=9&rb=9587&ca=20824034&_o=9587&_t=20824034&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=682525955761289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.218.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-218-172.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20824034p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 49AE 		43 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1797288115113937098&forward=
Requested by
Host: 20824034p.rfihub.com
URL: https://20824034p.rfihub.com/ca.html?ver=9&rb=9587&ca=20824034&_o=9587&_t=20824034&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=682525955761289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20824034p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
735485b978e8a24d-YYZ
pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSApZh5yr%2BPqowP6ZvNCKZM3JYZ5NLtU9SxqprYUpiR1Z%2BT4dfvi5NMMkkr0XHn%2F6QXwLzcNF%2FxSvlkirxERX94WzSvr38cx5tZz1BaMnpegZ%2Bt4tBwESILzw8dkCvEfzXjOT1RLAhoAEg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0
360947.gif
idsync.rlcdn.com/ Frame 49AE 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=1797288115113937098
Requested by
Host: 20824034p.rfihub.com
URL: https://20824034p.rfihub.com/ca.html?ver=9&rb=9587&ca=20824034&_o=9587&_t=20824034&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=682525955761289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20824034p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Aug 2022 04:24:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
rocketfuel_sync
x.dlx.addthis.com/e/ Frame 49AE 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=1797288115113937098
Requested by
Host: 20824034p.rfihub.com
URL: https://20824034p.rfihub.com/ca.html?ver=9&rb=9587&ca=20824034&_o=9587&_t=20824034&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=682525955761289
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20824034p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 04 Aug 2022 04:24:15 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 49AE 		43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1797288115113937098&img=1
Requested by
Host: 20824034p.rfihub.com
URL: https://20824034p.rfihub.com/ca.html?ver=9&rb=9587&ca=20824034&_o=9587&_t=20824034&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=682525955761289
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.35.249.127 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20824034p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:15 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
147
Connection
keep-alive
Content-Length
43
g.pixel
aa.agkn.com/adscores/ Frame 49AE 		43 B
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=1797288115113937098
Requested by
Host: 20824034p.rfihub.com
URL: https://20824034p.rfihub.com/ca.html?ver=9&rb=9587&ca=20824034&_o=9587&_t=20824034&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=682525955761289
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-50.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20824034p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
via
1.1 7608da25eb5aed0ce7cca5fc0587c650.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
NeLBdWe_C0FwTNoQDlrCKCu_IhEqHgTRF3b5unbEpBsUPCYaWYsijg==
expires
0
sync
x.bidswitch.net/ Frame 49AE 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=119&user_id=1797288115113937098&expires=30
Requested by
Host: 20824034p.rfihub.com
URL: https://20824034p.rfihub.com/ca.html?ver=9&rb=9587&ca=20824034&_o=9587&_t=20824034&pe=https%3A%2F%2Fgive.unhcr.ca%2Fpage%2F52275%2Fdonate%2F1%3Fea.tracking.id%3DOL22_UNR_U4U%26utm_source%3Du4u%26utm_medium%3Dreferral%26utm_campaign%3DCA_PS_EN_general%26utm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=https%3A%2F%2Fgive.unrefugees.org%2F&ra=682525955761289
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20824034p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cm
p.rfihub.com/ Frame 49AE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=YutJ7gAD3QzoJwBC
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=YutJ7gAD3QzoJwBC
Protocol
HTTP/1.1
Server
199.38.167.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20824034p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Thu, 04 Aug 2022 04:24:15 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
via
1.1 varnish
server
Varnish
x-timer
S1659587056.588713,VS0,VE0
x-served-by
cache-yul12833-YUL
x-cache
HIT
location
https://p.rfihub.com/cm?in=1&pub=21653&userid=YutJ7gAD3QzoJwBC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
serving
bs.serving-sys.com/ Frame 49AE 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.172.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-172-31.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20824034p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
0
p3p
CP="NOI DEVa OUR BUS UNI"
sync
partners.tremorhub.com/ Frame 49AE 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRF=1797288115113937098&r=lD-84L2EnJPM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:d8c5:6a8b:7b4a:8db Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20824034p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
usermatch.gif
beacon.krxd.net/ Frame 49AE 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1797288115113937098
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.22.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-22-248.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20824034p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1659587055
x-served-by
beacon-n003-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
clarity.js
www.clarity.ms/eus2-b/s/0.6.36/ 		52 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-b/s/0.6.36/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/21001794
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:2008 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:24:15 GMT
content-encoding
br
etag
"1d8a0e15023e426"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
070nrYgAAAAAcG5u0ojbRRpTvDQrkwSENTEFTMzBFREdFMDEyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=ABB4DFECEE654281A3A846BF2F69B385&RedC=c.clarity.ms&MXFR=08F04A98872860C508CE5B6E83286EC0
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ABB4DFECEE654281A3A846BF2F69B385&MUID=38F19108F0E56CB317F080FEF1CF6DAA
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ABB4DFECEE654281A3A846BF2F69B385&MUID=38F19108F0E56CB317F080FEF1CF6DAA
Protocol
H2
Server
20.110.81.91 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
last-modified
Thu, 28 Jul 2022 20:42:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"1cd89c7ec2a2d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 04 Aug 2022 04:24:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0BD9DACCF1114F61A9B227973AFAB8AF Ref B: YTO01EDGE0806 Ref C: 2022-08-04T04:24:15Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ABB4DFECEE654281A3A846BF2F69B385&MUID=38F19108F0E56CB317F080FEF1CF6DAA
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
/
www.facebook.com/tr/ Frame 6BBB 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://give.unhcr.ca
Referer
https://give.unhcr.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://give.unhcr.ca
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 04 Aug 2022 04:24:15 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame C290 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://give.unhcr.ca
Referer
https://give.unhcr.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://give.unhcr.ca
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 04 Aug 2022 04:24:15 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
collect
e.clarity.ms/ 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.36/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://give.unhcr.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
https://give.unhcr.ca
date
Thu, 04 Aug 2022 04:24:16 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
collect
e.clarity.ms/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.36/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://give.unhcr.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
https://give.unhcr.ca
date
Thu, 04 Aug 2022 04:24:16 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
trusted-types-checker-b31b0d3b211d1247a37e6120682932ed.js
js.stripe.com/v3/fingerprinted/js/ 		174 B
270 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-b31b0d3b211d1247a37e6120682932ed.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
79db4d79a6e53e3aa9b5703a1156cc9accef42d4d3d31b5019d2eabf216fa751
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://give.unhcr.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
48
x-cache
HIT
content-length
119
etag
"5cbd8f0579eb735eea933bbd78b29553"
x-request-id
54dba389-9b4e-49ba-b830-299843700517
x-served-by
cache-yul12823-YUL
access-control-allow-origin
*
last-modified
Tue, 02 Aug 2022 22:29:58 GMT
server
Fastly
date
Thu, 04 Aug 2022 04:24:20 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
0
r.stripe.com/ Frame E789 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9051b2cea85a0abeca9476d95faa904c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 04 Aug 2022 04:24:20 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
give.unrefugees.org
URL
https://give.unrefugees.org/180117core_mainpg_p_3000?utm_medium=email&utm_cid=0031K00003CjG9DQAV&utm_source=u4u-update&utm_campaign=US_PS_EN_CORE_UPDATE___220802&utm_content=fullfile&SF_onetime=7011K0000023DTOQA2&SF_monthly=7011K0000023DTTQA2
Domain
lyibja.unrefugees.org
URL
https://lyibja.unrefugees.org/events
Domain
20826429p.rfihub.com
URL
https://20826429p.rfihub.com/ca.html?ver=9&rb=9587&ca=20826429&_o=9587&_t=20826429&pe=https%3A%2F%2Fgive.unrefugees.org%2F180117core_mainpg_p_3000%3Futm_medium%3Demail%26utm_cid%3D0031K00003CjG9DQAV%26utm_source%3Du4u-update%26utm_campaign%3DUS_PS_EN_CORE_UPDATE___220802%26utm_content%3Dfullfile%26SF_onetime%3D7011K0000023DTOQA2%26SF_monthly%3D7011K0000023DTTQA2&pf=&ra=5912788590262832
Domain
www.gstatic.com
URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
Domain
www.gstatic.com
URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__en.js
Domain
bat.bing.com
URL
https://bat.bing.com/actionp/0?ti=5612726&tm=gtm002&Ver=2&mid=2c04917b-d822-410a-ab4b-eb0c35472e52&sid=4b0f396013ad11edaea46f9d9fae2e7d&vid=4b0f3af013ad11ed9a4ea9324aa0c584&vids=1&msclkid=N&evt=pageHide

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| Modernizr object| html5 function| yepnope function| $ function| jQuery object| Fx object| fx object| mr object| Mr function| Cleave function| Cookies function| donatePage object| pageJson object| EngagingNetworks string| headerText string| headerImage boolean| useLightbox string| lightboxImage object| pca object| addressComplete function| extendable string| val object| dataLayer function| _grecaptchaCallback function| _grecaptchaExpireCallback object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| _rfi string| axel number| a function| saq function| _saq object| _tvq object| dotq object| _qevents function| pixie object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| webpackChunkstripe_js_v3 function| Stripe string| str function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP object| YAHOO function| ttd_dom_ready function| TTDUniversalPixelApi function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha object| closure_lm_380309 function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| res object| saCookies string| current_window_url_param object| JSON2 object| TV2Track string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| gaplugins function| UET function| UET_init function| UET_push object| ueto_b4a46a8699 object| uetq object| google_optimize object| gaData function| clarity

94 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
give.unhcr.ca/page Name: JSESSIONID
Value: KPLiBMKGR4XJ92BKvTUJFqbC-C8PBgInM6EiubMk.cac1-prd-web1
.unhcr.ca/page Name: en_sessionId
Value: 72185d95c9e94c77bcbbd3f9b9850e1e-cac1-prd-web1
.google.com/ Name: NID
Value: 511=V5n6dxj-njmuuCNV8tShEIs7-40qCiRd3drwIPSwpDAyCpyXM41NCduE88Qi2TMfj9lTUarBTUJ3ihx0JC2QVUULNil_Y5uNg8SrkiCKdSSMAnuQ-5YRuUc74nt6lpBRw8J_Bw_3gH-WsGI7PnH-Gk4E7x12DkUy_Ld7YUbmMPA
.unrefugees.org/ Name: _gcl_au
Value: 1.1.661081734.1659587052
h.online-metrix.net/ Name: thx_guid
Value: 00fe8d8056af402f812045ff13e717d5
h.online-metrix.net/ Name: tmx_guid
Value: AAyOAe-q59CeOqP9CVp3tS4lX_oG9gyb9UP0l5iLGGADt2rCJ9ZT71QaS4OjGMYqUnnwEMOnAzyEZTOwL5uuZNRGLlNZJg
.give.unrefugees.org/ Name: _ga
Value: GA1.3.1546007794.1659587052
.give.unrefugees.org/ Name: _gid
Value: GA1.3.1013644406.1659587052
.give.unrefugees.org/ Name: _dc_gtm_UA-3754388-9
Value: 1
.bing.com/ Name: MUID
Value: 38F19108F0E56CB317F080FEF1CF6DAA
.bat.bing.com/ Name: MR
Value: 0
.give.unrefugees.org/ Name: _dc_gtm_UA-1473340-18
Value: 1
.unrefugees.org/ Name: _ga_P9YZZV758Y
Value: GS1.1.1659587052.1.0.1659587052.60
.unrefugees.org/ Name: _ga
Value: GA1.1.1546007794.1659587052
.trkn.us/ Name: barometric[cuid]
Value: cuid_410c8520-0c61-4cf8-b9ba-93dcc99bcbb2
.ipredictive.com/ Name: ci_rtc
Value: _uts=1659587052
.ipredictive.com/ Name: cu
Value: 620335e7-9d33-440b-98c2-c12c01b729bf|1659587052206
give.unrefugees.org/ Name: _tq_id.TV-63728109-1.addf
Value: db79583141c7e5d3.1659587052.0.1659587052..
.yahoo.com/ Name: A3
Value: d=AQABBOxJ62ICECjWEyA1GaVzs-cPVfTpORQFEgEBAQGb7GL1YgAAAAAA_eMAAA&S=AQAAAgd9pz8XZHt9b2kgPFJZHoY
.unrefugees.org/ Name: _uetsid
Value: 4b0f396013ad11edaea46f9d9fae2e7d
.unrefugees.org/ Name: _uetvid
Value: 4b0f3af013ad11ed9a4ea9324aa0c584
give.unrefugees.org/ Name: AWSALB
Value: ENRnnOQgPeO9pOUMlnIU68iETVy1tVDTSzegC+zeAT+p7Ib67i1ddhcvlU3XDviMc5C4VZ1JMjdBXct1ECJ6qpDDsGaHQWx3F9giAznghjflBf4mdeu9BOKAZ4uT
give.unrefugees.org/ Name: AWSALBCORS
Value: ENRnnOQgPeO9pOUMlnIU68iETVy1tVDTSzegC+zeAT+p7Ib67i1ddhcvlU3XDviMc5C4VZ1JMjdBXct1ECJ6qpDDsGaHQWx3F9giAznghjflBf4mdeu9BOKAZ4uT
.unrefugees.org/ Name: _fbp
Value: fb.1.1659587052898.842799422
.facebook.com/ Name: fr
Value: 0A4rhCsggyd2NlhBh..Bi60ns...1.0.Bi60ns.
.give.unhcr.ca/ Name: pageInfo-52275
Value: {%22src%22:%22https://aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com/1920/RF1173739.jpg?v=1643058746000%22%2C%22txt%22:%22<strong>Donate%20today</strong>%20to%20help%20millions%20of%20refugees%20who%20need%20life-saving%20care.%22}
give.unhcr.ca/ Name: AWSALB
Value: 0r6PTlUzCmo9cvJFA4goH5fFQMnGadYjf9OXdsvsOhDSBZESxjyky7tt9xgUj+agD3o0OFJhEROnIkECjf+PZJSZUMltlK+U7j4NQ3d9iCu3CrBTWz4NUDYPr80f
give.unhcr.ca/ Name: AWSALBCORS
Value: 0r6PTlUzCmo9cvJFA4goH5fFQMnGadYjf9OXdsvsOhDSBZESxjyky7tt9xgUj+agD3o0OFJhEROnIkECjf+PZJSZUMltlK+U7j4NQ3d9iCu3CrBTWz4NUDYPr80f
.unhcr.ca/ Name: _gcl_au
Value: 1.1.594686492.1659587054
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-7ba2374e-7c15-49e0-730c-571b70b80343.5oApBFByuWM2uZx1eXsOI%2BQo3my0Jud3Y7TRzJHKato
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ae6I3TnwVSeBzDFcbcLgDQ5U4mbg.17Pi9qSKwj5f%2Ft2lIcyi03dXsXO8%2FwgfbCFzX%2F3PJxg
.unhcr.ca/ Name: _ga_481D3GT839
Value: GS1.1.1659587054.1.0.1659587054.0
give.unhcr.ca/ Name: sa-user-id
Value: s%253A0-7ba2374e-7c15-49e0-730c-571b70b80343.5oApBFByuWM2uZx1eXsOI%252BQo3my0Jud3Y7TRzJHKato
give.unhcr.ca/ Name: sa-user-id-v2
Value: s%253A0-7ba2374e-7c15-49e0-730c-571b70b80343%2524ip%2524149.56.153.184.vHsg0fTzdqbZc0kpYSlUSG%252BBwALsJZVT1yVCwZybs9k
.doubleclick.net/ Name: IDE
Value: AHWqTUk00BreZyFk_S5lxkz5L7Dbq3yjqSlo0lmfNDJ9B_QezI_ZMd4KrUvfUTn6CN4
.adsrvr.org/ Name: TDID
Value: 5e5c946e-be20-4bd8-bd60-8d43a05eddd1
.quantserve.com/ Name: mc
Value: 62eb49ee-735e0-ebebb-fae1c
.unhcr.ca/ Name: __qca
Value: P0-1210734306-1659587054441
.adnxs.com/ Name: uuid2
Value: 3460980525536328209
give.unhcr.ca/ Name: _tq_id.TV-72631872-1.34ba
Value: bc07f898251a63d7.1659587055.0.1659587055..
.analytics.yahoo.com/ Name: IDSYNC
Value: 1769~26e4
.casalemedia.com/ Name: CMID
Value: YutJ7juAVjSDoiNuKIVVbwAA
.casalemedia.com/ Name: CMPS
Value: 034
.casalemedia.com/ Name: CMPRO
Value: 034
.media.net/ Name: visitor-id
Value: 3025886541455294000V10
.media.net/ Name: data-rk
Value: 1797288115113937098~~3
.rezync.com/ Name: zync-uuid
Value: 447a06e5-c8dc-41c5-8610-74c2a2ab948e:1659587054.7358584
.eyeota.net/ Name: mako_uid
Value: 1826718ccd0-50250000010a483d
.eyeota.net/ Name: SERVERID
Value: 18493~DM
.rubiconproject.com/ Name: khaos
Value: L6EJA71R-1I-90LA
.spotxchange.com/ Name: audience
Value: 4c50df0b-13ad-11ed-b39e-13726ea10103
.krxd.net/ Name: _kuid_
Value: O_01NfBO
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YutJ7gAD3QzoJwBC
.demdex.net/ Name: demdex
Value: 85124494649462793753282953709836850273
.dpm.demdex.net/ Name: dpm
Value: 85124494649462793753282953709836850273
.bidswitch.net/ Name: tuuid
Value: 80644250-6b73-446b-963e-c9b607a8559c
.bidswitch.net/ Name: c
Value: 1659587055
.bidswitch.net/ Name: tuuid_lu
Value: 1659587055
.unhcr.ca/ Name: _uetsid
Value: 4c80203013ad11ed9821df250fc94db8
.unhcr.ca/ Name: _uetvid
Value: 4c80155013ad11ed9c17a32a8bcbd336
.give.unhcr.ca/ Name: _ga
Value: GA1.3.178256725.1659587054
.give.unhcr.ca/ Name: _gid
Value: GA1.3.731525037.1659587055
.give.unhcr.ca/ Name: _dc_gtm_UA-1473340-18
Value: 1
.unhcr.ca/ Name: _ga
Value: GA1.2.178256725.1659587054
.unhcr.ca/ Name: _gid
Value: GA1.2.731525037.1659587055
.unhcr.ca/ Name: _dc_gtm_UA-31858844-1
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M4/YErk#WF']wIg2E>7v8si'!]td=8i_j$PTm@MUf!3tZ:HdFOv^6BXvWek_.8JcOz!X0GX#P43If)y3KL9D3I?+<AvNAL
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-5e5c946e-be20-4bd8-bd60-8d43a05eddd1&KRTB&22918-5e5c946e-be20-4bd8-bd60-8d43a05eddd1&KRTB&22926-5e5c946e-be20-4bd8-bd60-8d43a05eddd1&KRTB&23031-5e5c946e-be20-4bd8-bd60-8d43a05eddd1
.pubmatic.com/ Name: PugT
Value: 1659587055
.unhcr.ca/ Name: _fbp
Value: fb.1.1659587055399.837916905
live.rezync.com/ Name: sd-session-id
Value: .eJwNysEOgyAMANB_6VkWCq0t_Ixh2APZdIvoZcZ_n8eXvBOmr21LWW3dIe_bYQPUd7vVIZ_Q22-xF2RASRJUERkxpig-KVwDdOu9fdapzfchkuJHY1d1ro6wstMRvROqoYTyTKSWceTEKp7pIZGVleD6A6tTJYU.YutJ7w.w0uXQjgjdsM8l_8MjjQjMKUw7P8
.adsrvr.org/ Name: TDCPM
Value: CAESGQoKcmlnaHRtZWRpYRILCPru14jn9vo6EAUSFwoIYXBwbmV4dXMSCwjggt6L5_b6OhAFEhYKB3J1Ymljb24SCwjggt6L5_b6OhAFEhUKBmdvb2dsZRILCMbe1Y7n9vo6EAUSFQoGY2FzYWxlEgsIxt7Vjuf2-joQBRIYCgliaWRzd2l0Y2gSCwi-ueOP5_b6OhAFEhcKCHB1Ym1hdGljEgsIvrnjj-f2-joQBRgFIAIoAzILCL6x5rz99vo6EAVCDyINCAESCQoFdGllcjMQAVoHNGJkcDFvaWAB
.rubiconproject.com/ Name: audit
Value: 1|E2Ix6EBdIIsGvQC9dlGEVGAX48tP2/ZPIM882vZ49H4eECEUBMheijQYMizZznseS88CAlKM4zcwHTRO1/p4iHX0qfg68IpFQAPcN3ARK845JY9oeF5Dub5zpo0A2XlWX/kg9PUEri4WYfMnyzsS99X9SIHNWUMqM8pjJbx2H/HREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.casalemedia.com/ Name: CMTS
Value: 192
m.stripe.com/ Name: m
Value: cd1d8b80-b203-4d3d-b77f-c155b635ed9fa97eb4
.give.unhcr.ca/ Name: __stripe_mid
Value: 9f9cc9ff-84fe-4b64-a2ce-466b9eafe178798679
.give.unhcr.ca/ Name: __stripe_sid
Value: e37718ba-0209-4a53-a66a-7456fb895657d2c743
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjS3NDeysDA0NDU0NLY0NjewtBDiM9Q18nDJCPEs8C5IKysGAHN7LcUlAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129a6ML8jLc_etTE9MNy3wCCrJcClKdVzFKBBZWuJlnu7oYhxYle9V7uTcxGJuYmKeaGCWaqqbbJGSrGtimGyqa2FmaKBrbpJslGiUmGRpYpFqZWhmamlqYW5gaqJnbmxqYWphAgAVpVWgawAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjS3NDeysDA0NDU0NLY0NjewtBDiM9Q18nDJCPEs8C5IKysGAHN7LcUlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129a6ML8jLc_etTE9MNy3wCCrJcClKdQziNTQztTS1MDcwNTUzNZ7FiMQ3NTVehcY_hcZ_hcb_hcafxITKn4XGX4TGX4XG34TG34WungWVfwuNv4hVILK0xMs83dHFOLAq36vcyXkVK7KXDcw2saJZwY3mJTT-JGFzExPzRAOzVFPdZIuUZF0Tw2RTXQszQwNdc5Nko0SjxCRLE4tUK7gmEz1zY1MLUwuTWcLINpsbLRJGNfkRGh8AyQpt7roBAAA
.rlcdn.com/ Name: pxrc
Value: CO+TrZcGEgYItuoBEAASDwi66gEQ////////////ARIGCOrqARAA
www.clarity.ms/ Name: CLID
Value: 2cc9143af9b84438b2094b81f5de1d8e.20220804.20230804
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 38F19108F0E56CB317F080FEF1CF6DAA
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 38F19108F0E56CB317F080FEF1CF6DAA
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.unhcr.ca/ Name: _clck
Value: c1wums|1|f3q|0
.criteo.com/ Name: uid
Value: afe2bb9c-666c-4c3e-9975-4d2727b3e4cc
.rlcdn.com/ Name: rlas3
Value: Rb8hT0QhCyk+F4gzhbvh360YnOJ9xPC9KM0Zs+Y6sys=
.unhcr.ca/ Name: _clsk
Value: svwzpb|1659587056206|1|1|e.clarity.ms/collect

8 Console Messages

Source Level URL
Text
network error URL: https://give.unrefugees.org/img/nudge_arrow.png
Message:
Failed to load resource: the server responded with a status of 403 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11597836.fls.doubleclick.net
20734289p.rfihub.com
20734290p.rfihub.com
20824034p.rfihub.com
20826429p.rfihub.com
5340953.fls.doubleclick.net
a.rfihub.com
aa.agkn.com
aaf1a18515da0e792f78-c27fdabe952dfc357fe25ebf5c8897ee.ssl.cf5.rackcdn.com
acdn.adnxs.com
ad.doubleclick.net
ad.ipredictive.com
adservice.google.ca
adservice.google.com
alb.reddit.com
analytics.google.com
app.dafwidget.com
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c.bing.com
c.clarity.ms
c1.rfihub.net
cdn.callrail.com
cdn.plyr.io
click.e.unrefugees.org
cm.g.doubleclick.net
code.jquery.com
collector-2382.tvsquared.com
collector-3219.tvsquared.com
connect.facebook.net
contextual.media.net
data.adxcel-ec2.com
dpm.demdex.net
dsum-sec.casalemedia.com
e.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
g1782759016.co
g792337342.co
give.unhcr.ca
give.unrefugees.org
googleads.g.doubleclick.net
gum.criteo.com
h.online-metrix.net
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
js.stripe.com
live.rezync.com
lyibja.unrefugees.org
m.stripe.com
m.stripe.network
match.adsrvr.org
p.rfihub.com
p.typekit.net
partners.tremorhub.com
pay.google.com
pixel.quantserve.com
pixel.rubiconproject.com
play.google.com
ps.eyeota.net
pubads.g.doubleclick.net
q.stripe.com
r.stripe.com
rules.quantcount.com
s.yimg.com
sc-static.net
secure.quantserve.com
simage2.pubmatic.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
t.us1.dyntrk.com
tags.srv.stackadapt.com
trkn.us
ups.analytics.yahoo.com
use.typekit.net
ws1.postescanada-canadapost.ca
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.redditstatic.com
www.tp88trk.com
x.bidswitch.net
x.dlx.addthis.com
20826429p.rfihub.com
bat.bing.com
give.unrefugees.org
lyibja.unrefugees.org
www.gstatic.com
104.18.18.126
107.22.22.248
13.111.228.216
13.225.214.50
13.225.63.247
13.225.63.4
142.250.72.98
142.250.80.102
142.251.40.130
142.251.41.2
15.197.193.217
151.101.1.140
151.101.1.21
151.101.130.49
151.101.192.176
151.101.65.108
173.223.57.2
184.50.205.90
192.225.158.1
192.35.249.127
199.38.167.130
20.110.81.91
20.62.48.180
2001:4860:4802:32::178
2001:4860:4802:32::181
2001:4998:14:800::1000
2001:4de0:ac18::1:a:3b
23.20.218.172
23.41.168.23
2600:141b:13::17d7:82e3
2600:141b:13::17d7:82eb
2600:1901:0:7d2::
2600:1f18:612b:4200:d8c5:6a8b:7b4a:8db
2600:9000:21da:9e00:1:76cf:fe80:93a1
2600:9000:21dd:2600:6:44e3:f8c0:93a1
2600:9000:21ea:8200:19:7d10:bd80:93a1
2606:4700:21::681b:c258
2606:4700::6810:c9f3
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c07::5c
2607:f8b0:4006:80d::2004
2607:f8b0:4006:80e::2003
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2003
2607:f8b0:4006:824::2008
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:27::cafe:2008
2620:1ec:c11::200
2a02:2638:1::13
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:600::396
3.12.240.80
3.209.33.76
34.200.43.30
35.163.125.221
35.190.60.146
35.190.72.228
35.211.178.172
35.241.48.88
44.209.237.70
50.16.174.192
51.161.118.75
52.25.241.154
52.44.172.31
52.45.183.32
54.149.23.244
54.175.87.114
54.186.23.98
54.210.18.100
54.221.96.38
54.230.160.114
54.72.98.215
68.67.160.75
69.173.151.100
76.13.32.146
8.28.7.83
08b0c7b10941d769b021b3eb8e067c0ee65c22f03d42399edb6cb67e33fd7eca
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b1b5cecfb1c5cf3a315f94acb9c2101a371c7fae917637082bd7b82e7677d6b
0b81e1a8ae623dcac68161213a47de8b01e2cbbe82874efd04f767cefbc09f68
0d09f47ed601e5bcae10de838f260fb13fa3f734f098e072da3177777804c3c1
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
1324fd191805d2f8b17bd920f92b6dae5f2843abeffaf99f1c69905efe064562
181682e0d1f24f0b43c0c1512790642dac6114e5f5b03d9b331cb71033d16037
1ad2c17d074acf6294285ccca5e31aa0ba3c00e08be8b28226b5620609fbe9fe
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c1a744432792356c2e9d9abdaa97182f3757a89b4cb5be5a3aa13c20cdd802b
1e6ab49df308d6274c82981ac857dff48c5400e5f2fcedbb1d29dc3c6466ac73
1ecb0d953b805a6d7cd9ecf61c7485a97ee664e2fd8a8ba7e980ac65de06f8e7
1eeeec78eee7f4592d0e002b2b7f8fd0af60480157fa6b3ff4b9d88ff940d6f5
21458a5fee3d5793f1f165147eab174084d208c1d3df42032fdd38caf13bf724
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
2822aadc367a1500f6399961bb7c5c4d0241a71a9085bf818cc1fa2625982121
2a72806e7ecf829960274016cfa7c3b84dd3f89fbba960f8e0e2b2fddfa743df
2e64f77b3e866b92e2e61fc934c8b458b7cb2ab52a5e0a8ab9dc2d09ba5fa775
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
31381c88644631fdc01a8ee173b9290f6e450e403656c7aa52ef01eecbc0bf54
3197bd57972f21720bae8c78a3268daf34a02cfc78d2a3500fbc1c02927c3f73
34e26e0f87a316deacf2cb51bcb47c35518ea0f3b5486b0ec26efed9b6141793
37890dea5b2726064a174b28b90faf16d51fed898d0f37e2fb0342161593d68c
388021c242ae921020275fd4f7bbacfe0330aa852ba0d1f0623c57cb1433e120
38c9c1413e17c7a5ee87095bdb4cad0da069451ee937cb801c8f37f2c734644f
3a9dabf390707535c5bd17eebda3e62ff1f47cf7f0136271d7724a07da2c7c75
3b6f87e7eb7e27cb769f7552282850747393fd7d3d374ab20f28a3326d7280d0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
406e6ea57a19595b0e6786f2774801bf150aa9adea1c102abd6127632fcbdc5b
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4528209a0fc402eb2752cba3a85021f3a6e83dde089097c9de7bc86e5b02e175
464c5b054103f03d2f6395a9003a8f43cf9be8c3056b42a913bfb02060f2d1fb
465ecd3c27cf42a3309af6bda6e2b8c4b9cb7a78788908904e0d6761a2c3102a
468f0ec77316ad9c8f3ddb732c3341b77f8f7ba007c52525f6f94fb5664977e0
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
476ba5add83a2d3d2a0d27e41f10efba4f9ac85f60950d5433bebd9c5488fbc9
4a9a58f11f8ed113b364b26fbbe38b34ef59904aa9c5bf0c8a5f8e443b447c99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bfc3f378a3e79b0ae0f2701a5cd0071f54a3b08880563624f63676a3a32265b
4c26c586d49bb5ca30af6a5fa90a90f50c324b7331d462ee49d382a535f86306
4d591b8d75e7e34086608a252cb2e17aa3002845ced957225cbc3056cd238c11
4f0caa6336d545662fb4e20ab7b55c18f4ee3fb1b464e6bfc53ab4797303a3be
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5253cfbd80f5c18ce8a2ebb220eb3ca545813ecf1fab3ed86c1f4f1a3b69430e
53b492f729960ead9c5779dc772534e0f00e2dcdbd1687a0d236af95417549b5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56b9cf87b68ca9cbae509a59dc7ab663914bc5a739d68777f64bfa8bf35f4977
579de4981bd55ea93e663fdb2355e9c08f90cdc1d61249e0ae0fa77551835567
58719a6541999042ec8e3f3489376c2a7c5120c9f690b712d3787d1f5c5a69eb
598f02a019e9d85920166e608e1a774c8ba85a2563bb6998eefca6dd4e4f448d
5f98b93a3842a73f443ff8b358f0a6e1e49dc8424567943bc9677fd5f06cd59e
5fa99f7f02ac569d0afd9e083cb647b0c9efb0889e66bdd1305821bd653e09bb
5ff8555f4cd05cb1555a343708754d3ef02296283ad1e618cd62087ac2cb5a74
601520594a67be7b7b8c2c5d2d71feb636965f80027caebdf42b3bab8a7dadbe
62c0466b6e78094d8bb9b9fb50f13f3eb39e3be88dce7663ecfbcabde18b64bc
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6bfbae61daf6218548d35bd824d5299e6f0517f156050c302ddd83fa0e8abdc8
6ef6d1ff44da935e6144e2bd902e5d4ac672a7442f96377ca7d1a5f90175e412
7011dd00bff525c2d6a7b7b7d1d6ccae91874c205650829fe77341129f3992da
722ab2003452da8c844f2101367c830c3ddc6a97437bee41ee664d884bae3e3b
73ef385046533349dbdb6264bfdb814819b44a3a7ddeedf7611db7d55f567c7c
77f9d56bccd487583176dfd4e0850fda63bb4942b26a18391a1f353f5cc72bdb
79db4d79a6e53e3aa9b5703a1156cc9accef42d4d3d31b5019d2eabf216fa751
7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56
7b5d0a17c585c32752c62be2072fffc8416d194506acc8c486562aae01814a66
7c707b4d486575fcdf35497e30073fd70f0a9ea072e4ca1ca724da7fbab22a9b
7cb56da908e94235a698c35dac8162e57993bfceefba669afddc29bd866b97f8
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
81a4cf08c71ea26ff438cc79ba3c4fe6c8d754a73539c85d2cc3b51e458506ec
81f701abbdb3dcd7318338357add41af96a3b776549dc928c4703cf1cf9f2ffe
82e9969c3c811baa5524317f66cbc6e874bef4859a1a532b8d6b60799fae4727
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8428533414e83be4a572a8d673469bf9601d911fc07fba20f045daaea0ba6de4
8608c7129a24079dd332403d0aef583dcefdf0bfc02914d626a6559a3ac049ad
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8bb66c3e320423b1372e317c048deeb47a54a027b5f10aa00b8f26e6e5c1e00e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
954410601a823f37e219f7930b7446f86afa15621326a7078d56fb9c910135cb
97484af9ae60e006d07e13676dfc3e632f0879836609fe5bd39d52a2b0457084
977c8d96199d3c2e5bb7c3cd9cc52c188e9ff3ab654d00d006aaa15565c9db02
97880bcd7fcc199a008ea736ab008f7f92e9cf6c0addc2afb6c92b3e70d9c9a5
97d2d7795d8696da8f15abfbc4ed528f5d97767966a23ad602f276c8d6680de9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9de0aac198c9af22ea0b40f3f8abbaa3540f9a369b4b2328fec924968e16ad
9b9c0898e129c8c18b79f176435c368cecfe30a903797c9feba7a82ee19902bd
9c3af65d5e5445fc7cd531e09d46f573708820398bee7282395378a89c8d0bf1
9cf7daa8ab21f4ec3c2d08b5b67a1aa6cbed0923e2e15e5d2a85146cea799005
9fb74e5859f175d49ac0bcf9cb7853d03961420e74187d91b2c09d9b5e385192
9fbd0e0a2695ed3b76a92490df70ed2a152492204c2b2ee753c5f0e16d609f66
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f
a3164c6a1238073e973cf4b7d73c539736de5933498279bb75a501dce944ff96
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a94db74844ff029d1f094ed919b925b9009b6c42841a86ea1df26e1cf159078e
acb1891dbdbd5ba9c8cd826c361df68cf004fb702eed1b7bb2ce102b50a34be5
ae4534ddf6813360cb413daf108742ec67a6d3edca6297ce8a7774b4f64e5c09
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c15a0edcce9ceeed8523d9fbbf9c7ff4d5623b2d88a0c39c2c565067782d16
b4133c97cead37b4a5ca93a36fd67f3c4a3a68f09eca628a7b0ff8923c3cbd38
b5d1c068c74da5553f2b22c52b528518601c5fde9ab95c2b79f8e5257bd0e88a
b9f8781586b5327f18c191fea82e9d84dfe9761ccc932d0559bdfff7fee28201
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb230994469278cbe80e0336a575209516879ad6a5e8cc9233956e71747de578
bdcfb388cd15cba589f840ee41b7e24b4e7e7eb9b64eace891a70b650e0aeeb1
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2
c206e78d9f35e6a07202f78bff271b8a602674145d389d989631033b59124acb
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c51e9f0f9c0b9c73969756105d3042756fca3e2cee769603e793e8dffac8de3c
c55f527e536de44c7980fecece7428ae5a765647495e47008a8a54fa1e434736
c6e724178ee0427c9da98186a780b2c0fc867d7c92135c0fd3fd64a262d75a77
c880684fd41914572b3108d5ab2daab858152cdf526ac1c1d2db862788e711e4
ce3dc891c88609c872bc8f424a458d92980c0d34f97641b3869206bcab568f39
d08c52cc003c28f266bcdf1924c340b183c1f32fb96da57550f6973f5fbe50a7
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
d60f6f17937b8ed0a18321076438f53d6bb0d62879d42d3832bd50aa7e91e18d
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dcd1658d21baae8f1ef9efe84893e264ecfa6a603dc84601c9df3beeec9d07ac
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e0b0f145c7e2d4dc088034e19c6f9d802468f4bbae83df9b84129a19a5ceef9d
e0e7e9457804741780b597cafabef6fb2b66ace4fd2d86e32ac13f5ed968d317
e324423d07cd26782114d42ec6785ec148fca268d3659b82e9e8765ec55210f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736
eaf0ec8226518eb627f5fade801052a1ea281c506ebce8ce8ae99a27138ba2e7
eb5d34e041a87f0e0205adb8831496f2d951a6d60363834d25009e20036c9ea5
ed06336087493beaa2f58dd53f18f5d7ad90878b37844a301c1ee140945b61c5
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f13f98e520f9dc93425fcc355818a48e869864c61a744587d41675d0abd5316d
f249589d947069094a7a4f2c3b93ae28e44e111674c57658fd77852bd6d00903
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f5b40a84e6de0205bae215bbeabd9388a32bb9fca356ecb33cb06aa3b3e390ca
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f9202e3ae15affb271137d2dbfb027ea4b226595ee6e7c832607a28654c187c4
f928fc0a462b1f7a4b17a2fb374cb18a130d8e93bf445ca26b1437136edb338a
fa8632fc4e2e47f0eb22b9f49dc24f43b08f8862c843fee3d88d9f4209bb42da
fd8c794bb43e5220596bc1c5d50f865268cd2655c86f0d3175875d7e1c3afcc6
fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d