www.sickkidsfoundation.com Open in urlscan Pro
107.154.141.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sickkidsfoundation.com/
Effective URL:
https://www.sickkidsfoundation.com/
Submission: On December 13 via manual (December 13th 2022, 11:26:48 pm UTC) from IN — Scanned from DE

Summary HTTP 121 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 45 IPs in 7 countries across 36 domains to perform 121 HTTP transactions. The main IP is 107.154.141.76, located in United States and belongs to INCAPSULA, US. The main domain is www.sickkidsfoundation.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q3 on August 14th 2022. Valid for: 6 months.

This is the only time www.sickkidsfoundation.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	107.154.138.76 107.154.138.76	19551 (INCAPSULA) (INCAPSULA)
26	107.154.141.76 107.154.141.76	19551 (INCAPSULA) (INCAPSULA)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.214.56 143.204.214.56	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:886::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2.22.77.98 2.22.77.98	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
6	23.35.149.89 23.35.149.89	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:206... 2600:9000:206f:c400:16:cfb1:a0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.17.244.214 52.17.244.214	16509 (AMAZON-02) (AMAZON-02)
1 1	38.68.201.139 38.68.201.139	174 (COGENT-174) (COGENT-174)
1 1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 2	4.78.226.224 4.78.226.224	3356 (LEVEL3) (LEVEL3)
2 2	54.170.10.162 54.170.10.162	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
1	52.17.7.52 52.17.7.52	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.101 99.86.4.101	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206f:4000:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	65.9.66.93 65.9.66.93	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	18.192.134.201 18.192.134.201	16509 (AMAZON-02) (AMAZON-02)
1	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2600:9000:205... 2600:9000:2057:a800:a:ac8:89c0:21	16509 (AMAZON-02) (AMAZON-02)
1	18.200.78.128 18.200.78.128	16509 (AMAZON-02) (AMAZON-02)
2	34.253.40.236 34.253.40.236	16509 (AMAZON-02) (AMAZON-02)
1	173.231.16.76 173.231.16.76	18450 (WEBNX) (WEBNX)
1	143.204.215.118 143.204.215.118	16509 (AMAZON-02) (AMAZON-02)
1	52.215.128.208 52.215.128.208	16509 (AMAZON-02) (AMAZON-02)
5	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
6	23.200.212.240 23.200.212.240	16625 (AKAMAI-AS) (AKAMAI-AS)
3	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
3	135.84.189.37 135.84.189.37	54527 (ASTUTEHOS...) (ASTUTEHOSTING)
2 2	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
121	45

1 107.154.138.76 (United States) 1 redirects

ASN19551 (INCAPSULA, US)
PTR: 107.154.138.76.ip.incapdns.net

sickkidsfoundation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 107.154.141.76 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.141.76.ip.incapdns.net

www.sickkidsfoundation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

5627812.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-56.fra53.r.cloudfront.net

d3htn85c6cao65.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:886::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.22.77.98 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-77-98.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.35.149.89 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-35-149-89.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:c400:16:cfb1:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.c212.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.244.214 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-244-214.eu-west-1.compute.amazonaws.com

t.jabmo.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.68.201.139 (Baltimore, United States) 1 redirects

ASN174 (COGENT-174, US)

mpp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 4.78.226.224 (Paradise, United States) 2 redirects

ASN3356 (LEVEL3, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.170.10.162 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-10-162.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.7.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-7-52.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-101.fra6.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:4000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-93.fra56.r.cloudfront.net

c212.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.134.201 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-134-201.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:a800:a:ac8:89c0:21 (United States)

ASN16509 (AMAZON-02, US)

d22d1xpx4ztuef.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.78.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-78-128.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.40.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-40-236.eu-west-1.compute.amazonaws.com

c.jabmo.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.16.76 (United States)

ASN18450 (WEBNX, US)
PTR: 173-231-16-76.static.webnx.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.128.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-128-208.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.200.212.240 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-212-240.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 135.84.189.37 (Toronto, Canada)

ASN54527 (ASTUTEHOSTING, CA)

ads.connectedinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f198.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	sickkidsfoundation.com 1 redirects sickkidsfoundation.com — Cisco Umbrella Rank: 968262 www.sickkidsfoundation.com	2 MB
9	doubleclick.net 4 redirects 5627812.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 stats.g.doubleclick.net — Cisco Umbrella Rank: 81 ad.doubleclick.net — Cisco Umbrella Rank: 164	6 KB
6	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 910	5 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	279 B
6	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	1 KB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 789	102 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 786	2 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	307 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 372 www.linkedin.com — Cisco Umbrella Rank: 643 px4.ads.linkedin.com — Cisco Umbrella Rank: 6944	3 KB
4	google.de www.google.de — Cisco Umbrella Rank: 7952	871 B
4	jabmo.app t.jabmo.app — Cisco Umbrella Rank: 65398 c.jabmo.app — Cisco Umbrella Rank: 58935	9 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 652 script.hotjar.com — Cisco Umbrella Rank: 797 vars.hotjar.com — Cisco Umbrella Rank: 929 in.hotjar.com — Cisco Umbrella Rank: 1744	73 KB
3	connectedinteractive.com ads.connectedinteractive.com — Cisco Umbrella Rank: 333220	1 KB
3	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 924	1 KB
3	agkn.com d.agkn.com — Cisco Umbrella Rank: 602 aa.agkn.com — Cisco Umbrella Rank: 424	2 KB
3	mxptint.net 3 redirects mpp.mxptint.net — Cisco Umbrella Rank: 19319 aep.mxptint.net — Cisco Umbrella Rank: 6058	2 KB
3	c212.net cdn.c212.net — Cisco Umbrella Rank: 13039 c212.net — Cisco Umbrella Rank: 9747	2 KB
3	teads.tv p.teads.tv — Cisco Umbrella Rank: 5183 cm.teads.tv — Cisco Umbrella Rank: 6021 t.teads.tv — Cisco Umbrella Rank: 2609	8 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 373	12 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	221 KB
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 887	374 B
2	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 576	521 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 287	494 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 206	2 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 705	22 KB
2	cloudfront.net d3htn85c6cao65.cloudfront.net d22d1xpx4ztuef.cloudfront.net	98 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 73	55 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 742	5 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2850	103 B
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 430	699 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 557	394 B
1	t.co t.co — Cisco Umbrella Rank: 511	377 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 880
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 894	13 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 627	15 KB
121	36

	Domain	Requested by
26	www.sickkidsfoundation.com	www.sickkidsfoundation.com
6	pixel.mathtag.com	c212.net pixel.mathtag.com www.sickkidsfoundation.com
6	www.facebook.com	www.sickkidsfoundation.com 5627812.fls.doubleclick.net
6	analytics.tiktok.com	www.sickkidsfoundation.com analytics.tiktok.com
5	ct.pinterest.com	s.pinimg.com www.sickkidsfoundation.com
5	connect.facebook.net	www.sickkidsfoundation.com connect.facebook.net 5627812.fls.doubleclick.net
4	www.google.de	www.sickkidsfoundation.com
4	www.google.com	www.sickkidsfoundation.com
3	ads.connectedinteractive.com	d3htn85c6cao65.cloudfront.net
3	tr.snapchat.com	sc-static.net
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	bat.bing.com	www.sickkidsfoundation.com bat.bing.com
3	www.googletagmanager.com	www.sickkidsfoundation.com www.googletagmanager.com
2	ad.doubleclick.net	2 redirects
2	c.jabmo.app	d22d1xpx4ztuef.cloudfront.net
2	d.agkn.com	5627812.fls.doubleclick.net
2	adservice.google.com	5627812.fls.doubleclick.net
2	c212.net	cdn.c212.net www.sickkidsfoundation.com
2	px.ads.linkedin.com	2 redirects
2	cdn.linkedin.oribi.io	snap.licdn.com
2	insight.adsrvr.org	www.sickkidsfoundation.com 5627812.fls.doubleclick.net
2	ups.analytics.yahoo.com	1 redirects www.sickkidsfoundation.com
2	dpm.demdex.net	2 redirects
2	aep.mxptint.net	2 redirects
2	t.jabmo.app	www.googletagmanager.com www.sickkidsfoundation.com
2	s.pinimg.com	www.sickkidsfoundation.com s.pinimg.com
2	www.youtube.com	www.sickkidsfoundation.com www.youtube.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	5627812.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.sickkidsfoundation.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	api.ipify.org	t.jabmo.app
1	aa.agkn.com	d.agkn.com
1	d22d1xpx4ztuef.cloudfront.net	t.jabmo.app
1	secure.adnxs.com	t.jabmo.app
1	t.teads.tv	www.sickkidsfoundation.com
1	cm.teads.tv	p.teads.tv
1	px4.ads.linkedin.com	www.sickkidsfoundation.com
1	www.linkedin.com	1 redirects
1	analytics.twitter.com	www.sickkidsfoundation.com
1	t.co	www.sickkidsfoundation.com
1	script.hotjar.com	static.hotjar.com
1	bcp.crwdcntrl.net	d3htn85c6cao65.cloudfront.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	cm.g.doubleclick.net	1 redirects
1	mpp.mxptint.net	1 redirects
1	cdn.c212.net	www.googletagmanager.com
1	sc-static.net	www.sickkidsfoundation.com
1	p.teads.tv	www.googletagmanager.com
1	d3htn85c6cao65.cloudfront.net	www.sickkidsfoundation.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	sickkidsfoundation.com	1 redirects
121	54

This site contains links to these domains. Also see Links.

Domain
secure.sickkidsfoundation.com
shop.sickkidsfoundation.com
gofundraise.sickkidsfoundation.com
getbettergifts.sickkidsfoundation.com
www.facebook.com
www.twitter.com
www.youtube.com
www.instagram.com
www.imaginecanada.ca
www.sickkids.ca

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-08-14` - `2023-02-10`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-22` - `2022-12-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.c212.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.jabmo.app Amazon	`2022-10-31` - `2023-11-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2022-02-07` - `2023-03-10`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
*.connectedinteractive.com Go Daddy Secure Certificate Authority - G2	`2022-03-23` - `2023-04-24`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.sickkidsfoundation.com/
Frame ID: 20BFE91DC51A7F09BE5033D8341E8F38
Requests: 102 HTTP requests in this frame

Frame: https://5627812.fls.doubleclick.net/activityi;dc_pre=CPzS4Z3f9_sCFYTOsgod4iYHAQ;src=5627812;type=sickk0;cat=sickk0;ord=8533521524928;gtm=2wgbu0;auiddc=445717602.1670974000;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F
Frame ID: 26DDF2FA9A5999A04A40385067F93794
Requests: 7 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8301/?che=1258347681&type=3888903
Frame ID: 9E6388144C93906F605CC4F2633EB8BF
Requests: 2 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8300/?che=1258347681&type=3888903
Frame ID: 9D2347085833897C333342A33E45AC5D
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 4AB723A5C52A0522CEA8116122F65316
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=2f546399-0a30-4200-8f24-1e7c9783541a&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
Frame ID: CC4DAB2D5244C540E077219A5E44EFAD
Requests: 5 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=1da237a8-8122-4c02-9fcf-0aa6fde57222&u_scsid=30d38c15-c913-4e60-bb0b-86d4bab5392f&u_sclid=332e9fe2-8c2f-4f69-8d36-e8e55ac0c5b3
Frame ID: 611BA320C32362D12CF4CECE4E6BE302
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 5791E9405A4253DCC0CC76D15FBCE0E2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SickKids Foundation | Donate

Page URL History Show full URLs

http://sickkidsfoundation.com/ HTTP 301
https://www.sickkidsfoundation.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

121
Requests

98 %
HTTPS

33 %
IPv6

36
Domains

54
Subdomains

45
IPs

7
Countries

2669 kB
Transfer

5194 kB
Size

58
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.sickkidsfoundation.com/donate
Title: Donate

Search URL Search Domain Scan URL

URL: https://shop.sickkidsfoundation.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://gofundraise.sickkidsfoundation.com/
Title: Fundraise

Search URL Search Domain Scan URL

URL: https://secure.sickkidsfoundation.com/donate/onetime?appeal=23OTA-RRDG-001&utm_campaign=fy23ddmotgrr&utm_source=skf.com&utm_medium=display&utm_adtype=homepagepanel1
Title: DONATE

Search URL Search Domain Scan URL

URL: https://secure.sickkidsfoundation.com/donate/monthly?appeal=GEA-DIGT-HPG&utm_campaign=fy23ddmvsdigital&
Title: Donate Monthly

Search URL Search Domain Scan URL

URL: https://getbettergifts.sickkidsfoundation.com/collections/holiday-gifts?utm_source=skf.com&utm_medium=display&utm_campaign=GBG_HOL_FY23&utm_adtype=link&utm_content=skf_panel3
Title: Shop All Gifts

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sickkidsfoundation
Title: FB

Search URL Search Domain Scan URL

URL: http://www.twitter.com/sickkids
Title: TW

Search URL Search Domain Scan URL

URL: http://www.youtube.com/sickkidsfoundation
Title: YT

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sickkidsvs/
Title: IG

Search URL Search Domain Scan URL

URL: http://www.imaginecanada.ca/standards

Search URL Search Domain Scan URL

URL: http://www.sickkids.ca/
Title: The Hospital For Sick Children

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sickkidsfoundation.com/ HTTP 301
https://www.sickkidsfoundation.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://5627812.fls.doubleclick.net/activityi;src=5627812;type=sickk0;cat=sickk0;ord=8533521524928;gtm=2wgbu0;auiddc=445717602.1670974000;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F HTTP 302
https://5627812.fls.doubleclick.net/activityi;dc_pre=CPzS4Z3f9_sCFYTOsgod4iYHAQ;src=5627812;type=sickk0;cat=sickk0;ord=8533521524928;gtm=2wgbu0;auiddc=445717602.1670974000;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F

Request Chain 46

https://mpp.mxptint.net/2/27791/?rnd=%n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_hm=UjM1Q0E5X0ZBREFBQjNGXzFBNzdGOTYx HTTP 302
https://aep.mxptint.net/sn.ashx HTTP 302
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R35CA9_FADAAB3F_1A77F961&redir=https://aep.mxptint.net/sn.ashx?ak=1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=75557&dpuuid=R35CA9_FADAAB3F_1A77F961&redir=https://aep.mxptint.net/sn.ashx HTTP 302
https://aep.mxptint.net/sn.ashx HTTP 302
https://ups.analytics.yahoo.com/ups/56550/sync?uid=R35CA9_FADAAB3F_1A77F961&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56550/sync?uid=R35CA9_FADAAB3F_1A77F961&_origin=1&verify=true

Request Chain 65

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1670974000389&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2274266%26time%3D1670974000389%26url%3Dhttps%253A%252F%252Fwww.sickkidsfoundation.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1670974000389&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1670974000389&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&liSync=true&e_ipv6=AQK0ONMWl35_twAAAYUNz88EoszKBuhlFtdMYDdkhOi8nlvx31fWNmOZa9v3WQmw

Request Chain 120

https://ad.doubleclick.net/ddm/activity/src=8353444;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8353444;dc_pre=CMDaq6Df9_sCFRhCkQUd8FYLsg;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8353444;dc_pre=CMDaq6Df9_sCFRhCkQUd8FYLsg;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

121 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.sickkidsfoundation.com/
Redirect Chain

http://sickkidsfoundation.com/
https://www.sickkidsfoundation.com/

65 KB
10 KB

1731ms
1186ms

Document
text/html

107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: b2b5f287e815da96dbd8a5b75df6679aa78a6590f2c82aafdb6c33bd147ed0e4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 13 Dec 2022 23:26:37 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cdn: Imperva
x-iinfo: 9-86184469-86184478 NNNN CT(244 499 0) RT(1670973996865 180) q(0 0 7 0) r(10 10) U12

Redirect headers

Connection: close
Content-Length: 0
Location: https://www.sickkidsfoundation.com/

GET
H2 200 bootstrap-theme.min.css
www.sickkidsfoundation.com/css/dependencies/bootstrap3/ 23 KB
4 KB 1145ms
1141ms Stylesheet
text/css 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/css/dependencies/bootstrap3/bootstrap-theme.min.css
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 8b273fe0ae11dfeb96f7a56f1b5ecd2d76500147927ad557356faa5227d17032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:39 GMT
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 20:36:00 GMT
x-cdn: Imperva
etag: "038b7e3cebd81:0"
content-type: text/css
x-iinfo: 9-86184469-86184257 2VNN RT(1670973996865 1377) q(0 0 0 -1) r(10 10)
cache-control: max-age=26092, public
content-length: 4370
expires: Wed, 14 Dec 2022 06:41:31 GMT

GET
H2 200 bootstrap.min.css
www.sickkidsfoundation.com/css/dependencies/bootstrap3/ 118 KB
27 KB 1146ms
1142ms Stylesheet
text/css 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/css/dependencies/bootstrap3/bootstrap.min.css
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:39 GMT
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 20:36:00 GMT
x-cdn: Imperva
etag: "038b7e3cebd81:0"
content-type: text/css
x-iinfo: 9-86184469-86184344 2VNN RT(1670973996865 1380) q(0 0 0 -1) r(10 10)
cache-control: max-age=26092, public
content-length: 27680
expires: Wed, 14 Dec 2022 06:41:31 GMT

GET
H2 200 longpageBundle
www.sickkidsfoundation.com/bundles/css/ 100 KB
22 KB 1326ms
1322ms Stylesheet
text/css 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 60933856d2d830423c0cae3d36c6c5a1502b247996f0bf476fbf2c542e49362a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:39 GMT
content-encoding: gzip
last-modified: Tue, 13 Dec 2022 23:26:39 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
x-iinfo: 9-86184469-86184164 2NNN RT(1670973996865 1382) q(0 0 0 -1) r(10 10)
cache-control: public
content-length: 21818
expires: Wed, 13 Dec 2023 23:26:39 GMT

GET
H2 200 modernizr Show response
www.sickkidsfoundation.com/bundles/ 3 KB
2 KB 1326ms
1323ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/modernizr?v=9yygsVk3I-guoeu6EUt0fzBjgzee2gP6Y9SNVDkhZoc1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 44cec66e8f45f1c1573be7ee656b280f475f07b608982b8e68c742363d202ee1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:39 GMT
content-encoding: gzip
last-modified: Tue, 13 Dec 2022 23:26:39 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 9-86184469-86184376 2NNN RT(1670973996865 1383) q(0 0 0 -1) r(10 10)
cache-control: public
content-length: 1615
expires: Wed, 13 Dec 2023 23:26:39 GMT

GET
H2 200 header Show response
www.sickkidsfoundation.com/bundles/ 159 B
398 B 1323ms
1320ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/header?v=dJ6LOVfv49i9fuAW3MbtcyjUkVM3bJ8e5r4OUmJ-dUE1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 694bc35fc07d7091b82ee02e6b7cbcacc69edb23c9dfd515a18647d684456c51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:39 GMT
content-encoding: gzip
last-modified: Tue, 13 Dec 2022 23:26:39 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 9-86184469-86183390 2NNN RT(1670973996865 1384) q(0 0 0 -1) r(10 10)
cache-control: public
content-length: 214
expires: Wed, 13 Dec 2023 23:26:39 GMT

GET
H2 200 jquery Show response
www.sickkidsfoundation.com/bundles/ 91 KB
41 KB 1325ms
1322ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/jquery?v=7AMc9pBn1GIYDuJDXGstN7nku_447XMEtvGIFvLEuGs1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: b6cb09e57c1ed08553566bda474cf9681c03fc4ba091731c81c78a6a4226740b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:39 GMT
content-encoding: gzip
last-modified: Tue, 13 Dec 2022 23:26:39 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 9-86184469-86184352 2NNN RT(1670973996865 1385) q(0 0 0 -1) r(10 10)
cache-control: public
content-length: 42005
expires: Wed, 13 Dec 2023 23:26:39 GMT

GET
H2 200 2020-vs-flat_skfwebsite_r.ashx
www.sickkidsfoundation.com/-/media/images/skf/common/ 82 KB
83 KB 425ms
425ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/common/2020-vs-flat_skfwebsite_r.ashx?h=160&w=240&la=en&hash=B394A17CB92126A2E58BDBD01A248B75
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 198f185492b002abf346368e3c4ef32ba0113626d588e607e5ed1997bc9c8906

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:39 GMT
last-modified: Tue, 31 Aug 2021 20:08:13 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/png
x-iinfo: 9-86184469-86184478 PNNN RT(1670973996865 2876) q(0 0 0 -1) r(2 2) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="2020 VS FLAT_SKFWebsite_R.png"
accept-ranges: bytes
content-length: 84444

GET
H2 200 1121-036-rr-ftfca_toppanel-2022_v3a.ashx
www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/top-hero-panel/ 288 KB
288 KB 1316ms
1315ms Image
image/jpeg 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/top-hero-panel/1121-036-rr-ftfca_toppanel-2022_v3a.ashx
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 218b8c71bb8e4d353e81436dc551adb3e5c413a96f0c8f18981e72d13c526d1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
last-modified: Tue, 06 Dec 2022 17:03:59 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/jpeg
x-iinfo: 9-86184469-86184574 NNNN CT(244 245 0) RT(1670973996865 2890) q(0 0 5 -1) r(8 10) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="1121-036-RR-FTFca_TopPanel-2022_V3A.jpg"
accept-ranges: bytes
content-length: 294532

GET
H2 200 1122-016-q3-december-panel-desktop.ashx
www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/mixed-content-vs5000/ 538 KB
539 KB 1169ms
1168ms Image
image/jpeg 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/mixed-content-vs5000/1122-016-q3-december-panel-desktop.ashx
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 6d4ce206402d2f4a658e653d8722cd8b7df7ba0354b0930eb5bb0f7722bc4a43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
last-modified: Thu, 24 Nov 2022 00:49:01 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/jpeg
x-iinfo: 9-86184469-86184576 NNNN CT(244 245 0) RT(1670973996865 2891) q(0 0 5 -1) r(8 10) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="1122-016-Q3-December-Panel-Desktop.jpg"
accept-ranges: bytes
content-length: 551384

GET
H2 200 cta-block.ashx
www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/ 35 KB
35 KB 1169ms
1168ms Image
image/jpeg 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/cta-block.ashx
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 0dbe4e359691cb6e52645dd62f303ca38a794fc0007ce21216c970618bf34c3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
last-modified: Thu, 28 Sep 2017 16:24:07 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/jpeg
x-iinfo: 9-86184469-86184578 NNNN CT(244 245 0) RT(1670973996865 2892) q(0 0 5 -1) r(8 10) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="cta-block.jpg"
accept-ranges: bytes
content-length: 35839

GET
H2 200 et-1022-023-gbg-holiday-owned-assets_website_desktop.ashx
www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/mixed-content-video/ 458 KB
459 KB 1316ms
1315ms Image
image/jpeg 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/mixed-content-video/et-1022-023-gbg-holiday-owned-assets_website_desktop.ashx
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 128c0e851a14ef5126d9d8aa410751a1949dace5fae48e510100cc22aa22bb8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
last-modified: Mon, 24 Oct 2022 20:07:14 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/jpeg
x-iinfo: 9-86184469-86184580 NNNN CT(245 245 0) RT(1670973996865 2893) q(0 0 5 -1) r(8 10) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="et 1022-023 GBG Holiday Owned Assets_website_desktop.jpg"
accept-ranges: bytes
content-length: 469143

GET
H2 200 longpage Show response
www.sickkidsfoundation.com/bundles/ 26 KB
11 KB 419ms
419ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/longpage?v=znuKl3m7ZKp6rrhj-olcoT_erUeXjYuV-V3qDmagw-A1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 06ee1945f49d2b63fb4bd1e21c880cfd59480b896aa570edf42d46a78706947c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:39 GMT
content-encoding: gzip
last-modified: Tue, 13 Dec 2022 23:26:40 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 9-86184469-86184164 2NNN RT(1670973996865 2873) q(0 0 0 -1) r(2 2)
cache-control: public
content-length: 11071
expires: Wed, 13 Dec 2023 23:26:40 GMT

GET
H2 200 _Incapsula_Resource Show response
www.sickkidsfoundation.com/ 149 KB
21 KB 188ms
187ms Script
application/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1384897151
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 23faa7bfa1dac55dee23590cd2bd96b8abcf68ff4aa74c65f345e1a69895ce01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 21448
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 568 KB
126 KB 93ms
69ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2586de1bdd33fe18d0f47459d71c851444d7415898fddceb4248b6d11d24033a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128678
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Dec 2022 23:26:40 GMT

GET
H2 200 desktop-header-background.png
www.sickkidsfoundation.com/images/ 40 KB
41 KB 1617ms
1617ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/desktop-header-background.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: d6af43677b5ee5433fab178cd71cfe6e141078fb257c7a73bc320ec9766f3e02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:41 GMT
last-modified: Fri, 28 Oct 2022 20:36:00 GMT
x-cdn: Imperva
etag: "038b7e3cebd81:0"
content-type: image/png
x-iinfo: 9-86184469-86184352 2VNN RT(1670973996865 2901) q(0 12 12 -1) r(14 14)
cache-control: max-age=26093, public
content-length: 41317
expires: Wed, 14 Dec 2022 06:41:34 GMT

GET
H2 200 Montserrat-Regular.woff2
www.sickkidsfoundation.com/fonts/ 9 KB
10 KB 1133ms
1133ms Font
application/font-woff2 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Montserrat-Regular.woff2
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 905de7fd4899868cd6349387996673bd1cdfe3768d409f844bd8b0796b0f35ec

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
Origin: https://www.sickkidsfoundation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
last-modified: Fri, 28 Oct 2022 20:36:00 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "038b7e3cebd81:0"
content-type: application/font-woff2
x-iinfo: 9-86184469-86184599 NNNN CT(244 245 0) RT(1670973996865 2902) q(0 2 7 -1) r(10 10) U12
accept-ranges: bytes
content-length: 9624

GET
H2 200 Montserrat-Bold.woff2
www.sickkidsfoundation.com/fonts/ 9 KB
10 KB 896ms
896ms Font
application/font-woff2 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Montserrat-Bold.woff2
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 764321796f5e9fa203bf462c491502a824f60e5e1a5f81be8f00cad70528207b

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
Origin: https://www.sickkidsfoundation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
last-modified: Fri, 28 Oct 2022 20:36:00 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "038b7e3cebd81:0"
content-type: application/font-woff2
x-iinfo: 9-86184469-86184478 PNNN RT(1670973996865 2902) q(0 5 5 -1) r(7 7) U12
accept-ranges: bytes
content-length: 9588

GET
H2 200 skf.woff
www.sickkidsfoundation.com/fonts/ 5 KB
5 KB 1135ms
1135ms Font
font/x-woff 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/skf.woff
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 14e0e9e6ada3040dacca5c75fa38a833a2c07e07313f4c597da40c0a9d563d90

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
Origin: https://www.sickkidsfoundation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
last-modified: Fri, 28 Oct 2022 20:36:00 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "038b7e3cebd81:0"
content-type: font/x-woff
x-iinfo: 9-86184469-86184164 2NNN RT(1670973996865 3049) q(0 5 5 -1) r(8 8) U12
accept-ranges: bytes
content-length: 5400

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 66ms
35ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 13 Dec 2022 23:26:39 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 11A99842D52B4DDD919994CC84352077 Ref B: FRA31EDGE0520 Ref C: 2022-12-13T23:26:40Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

GET
H2 200 scroll-notice.png
www.sickkidsfoundation.com/images/longpage/ 3 KB
3 KB 1614ms
1613ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/longpage/scroll-notice.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 9611157a5a58bb3e7b32b98a53aaa7f8ef7043e1748a638923f567cb01cfcb3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:41 GMT
last-modified: Fri, 28 Oct 2022 20:36:00 GMT
x-cdn: Imperva
etag: "038b7e3cebd81:0"
content-type: image/png
x-iinfo: 9-86184469-86184164 2VNN RT(1670973996865 3051) q(0 10 10 -1) r(13 13)
cache-control: max-age=51056, public
content-length: 3393
expires: Wed, 14 Dec 2022 13:37:37 GMT

GET
H2 200 sickkids-footer-logo.png
www.sickkidsfoundation.com/images/ 3 KB
3 KB 1784ms
1784ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/sickkids-footer-logo.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: a9bae822288365e478a012a878f420a8d882140366921b778ee6f04883aaa96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:41 GMT
last-modified: Fri, 28 Oct 2022 20:36:00 GMT
x-cdn: Imperva
etag: "038b7e3cebd81:0"
content-type: image/png
x-iinfo: 9-86184469-86184257 2VNN RT(1670973996865 3051) q(0 12 12 -1) r(14 14)
cache-control: max-age=1, public
content-length: 3055
expires: Tue, 13 Dec 2022 23:26:42 GMT

GET
H2 200 trustmark.png
www.sickkidsfoundation.com/images/ 17 KB
17 KB 1845ms
1845ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/trustmark.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: f70d6b776764d40f70d36c0d47cbf3cf94d8cfa967b5249d986c0dc5e6f8ab89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:41 GMT
last-modified: Fri, 28 Oct 2022 20:36:00 GMT
x-cdn: Imperva
etag: "038b7e3cebd81:0"
content-type: image/png
x-iinfo: 9-86184469-86184352 2VNN RT(1670973996865 3052) q(0 12 12 -1) r(15 15)
cache-control: max-age=1, public
content-length: 16916
expires: Tue, 13 Dec 2022 23:26:42 GMT

GET
H2 200 footer-hbar-dots.png
www.sickkidsfoundation.com/images/ 105 B
250 B 1850ms
1850ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/footer-hbar-dots.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 61ed697adcb10f1530bf63fd24d054c4b349911eb7e32d73300ebec8b792af65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:41 GMT
last-modified: Fri, 28 Oct 2022 20:36:00 GMT
x-cdn: Imperva
etag: "038b7e3cebd81:0"
content-type: image/png
x-iinfo: 9-86184469-86183390 2VNN RT(1670973996865 3053) q(0 13 13 -1) r(15 15)
cache-control: max-age=26096, public
content-length: 105
expires: Wed, 14 Dec 2022 06:41:37 GMT

GET
H2 200 Oswald-Light.woff2
www.sickkidsfoundation.com/fonts/ 21 KB
21 KB 1368ms
1368ms Font
application/font-woff2 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Oswald-Light.woff2
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 92d37ecd96baf17cac29d16b9f2ff45ef00d4179e5d1f7ab786a4005d3b8e2ff

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
Origin: https://www.sickkidsfoundation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
last-modified: Fri, 28 Oct 2022 20:36:00 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "038b7e3cebd81:0"
content-type: application/font-woff2
x-iinfo: 9-86184469-86184599 PNNN RT(1670973996865 3053) q(0 8 8 -1) r(10 10) U12
accept-ranges: bytes
content-length: 21008

GET
H2 200 Oswald-Bold.woff2
www.sickkidsfoundation.com/fonts/ 17 KB
17 KB 1370ms
1370ms Font
application/font-woff2 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Oswald-Bold.woff2
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 1598d5561779547d3fb26f8c6d016653de34203d8ac2b711cc64cb22356db68a

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
Origin: https://www.sickkidsfoundation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
last-modified: Fri, 28 Oct 2022 20:36:00 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "038b7e3cebd81:0"
content-type: application/font-woff2
x-iinfo: 9-86184469-86184478 PNNN RT(1670973996865 3054) q(0 8 8 -1) r(10 10) U12
accept-ranges: bytes
content-length: 17504

GET
H2 200 Oswald-Regular.woff2
www.sickkidsfoundation.com/fonts/ 16 KB
16 KB 1540ms
1540ms Font
application/font-woff2 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Oswald-Regular.woff2
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 51f7f156fa7d1ca539d8c26cc8f8e4dfc5c8ebe6d75c1ec906a3bac51e202120

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/longpageBundle?v=BYw1IqDycX862jdLT0CF1hX1plIbgfEee5i2Nx0BdAY1
Origin: https://www.sickkidsfoundation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
last-modified: Fri, 28 Oct 2022 20:36:00 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "038b7e3cebd81:0"
content-type: application/font-woff2
x-iinfo: 9-86184469-86184578 PNNN RT(1670973996865 3055) q(0 9 9 -1) r(12 12) U12
accept-ranges: bytes
content-length: 16020

GET
H2 204 25070334.js Show response
bat.bing.com/p/action/ 0
118 B 105ms
105ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25070334.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 13 Dec 2022 23:26:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 86632D41D64942D4979F2582C9B25085 Ref B: FRA31EDGE0520 Ref C: 2022-12-13T23:26:40Z
x-cache: CONFIG_NOCACHE

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 13 Dec 2022 23:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 123
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 14 Dec 2022 01:24:37 GMT

GET
H3

200

activityi;dc_pre=CPzS4Z3f9_sCFYTOsgod4iYHAQ;src=5627812;type=sickk0;cat=sickk0;ord=8533521524928;gtm=2wgbu0;auiddc=445717602.1670974000;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F Show response
5627812.fls.doubleclick.net/ Frame 26DD
Redirect Chain

https://5627812.fls.doubleclick.net/activityi;src=5627812;type=sickk0;cat=sickk0;ord=8533521524928;gtm=2wgbu0;auiddc=445717602.1670974000;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F?
https://5627812.fls.doubleclick.net/activityi;dc_pre=CPzS4Z3f9_sCFYTOsgod4iYHAQ;src=5627812;type=sickk0;cat=sickk0;ord=8533521524928;gtm=2wgbu0;auiddc=445717602.1670974000;~oref=https%3A%2F%2Fwww.s...

1 KB
689 B

93ms
58ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5627812.fls.doubleclick.net/activityi;dc_pre=CPzS4Z3f9_sCFYTOsgod4iYHAQ;src=5627812;type=sickk0;cat=sickk0;ord=8533521524928;gtm=2wgbu0;auiddc=445717602.1670974000;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

a3a811f50d5add19334decb077985c361fafa4443cb0fb74ddab07c302ebd767

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 664
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 23:26:40 GMT
expires: Tue, 13 Dec 2022 23:26:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 23:26:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5627812.fls.doubleclick.net/activityi;dc_pre=CPzS4Z3f9_sCFYTOsgod4iYHAQ;src=5627812;type=sickk0;cat=sickk0;ord=8533521524928;gtm=2wgbu0;auiddc=445717602.1670974000;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hotjar-302599.js Show response
static.hotjar.com/c/ 8 KB
4 KB 60ms
36ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-302599.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

8e7886ca694961f682698c0b5130d818c003f6011d3a6a24a7bc768fe128f17a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/2d1ef5f20d58d539d9681a04807cb8ca
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Nrb9E79AdroU0Sv4wN4UJD_hC1mJbp9ACyBw1KNsa-9nvCDo5eUyHA==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 41ms
7ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-hhn-etou8220055-HHN

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1036497480/ 2 KB
1 KB 73ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036497480/?random=1670974000281&cv=11&fst=1670974000281&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&auid=445717602.1670974000&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1ed35215b3bf2f36f707ca2e771c287248aff0934063d907388baa5cfca14a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 868
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/711607319/ 2 KB
1 KB 74ms
23ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/711607319/?random=1670974000284&cv=11&fst=1670974000284&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&auid=445717602.1670974000&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a00c3a6727034456bab42599aa7e7a40df410fb582b30b1622b47a2977e1346b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 873
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1017 B
657 B 43ms
9ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 188df28d9a43df9305e789776e4eed7f4afdd7c1d391dc5706d816af46554ede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
content-encoding: gzip
last-modified: Tue, 13 Dec 2022 16:28:43 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=61391
accept-ranges: bytes
content-length: 489

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 27ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5d9d7e78e22202af03b2d09ad31952e031e3423006cba4a29fd506c5664c7761

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 13 Dec 2022 23:26:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27320
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: zKhU7ZV6ZoQk8Y8Yw+fG4juR7ib4X33QDyKvz/1JBE6/ZV/Lg+sHDNN6zcSmkdJ9RW34Zez85LUIeCfif7uA7A==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 75ms
23ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63cbb4d3bd7ad1f3eeaa54b37a2e137be0836466218d3bd4ab2b0ef3eb82fc3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 13 Dec 2022 23:26:40 GMT

GET
H/1.1 200
OK ci_events.js Show response
d3htn85c6cao65.cloudfront.net/libraries/ 25 KB
25 KB 38ms
8ms Script
application/javascript 143.204.214.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3htn85c6cao65.cloudfront.net/libraries/ci_events.js
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-56.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5edc0a6a6d86fd6d723b61d5062a1a1e2bcf3b770cdb22d9ce5ec42ad963b6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 05:50:09 GMT
Via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
Last-Modified: Tue, 31 May 2022 17:42:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
Age: 63392
ETag: "5ca4d237239a28fb75d956c308e14192"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25261
X-Amz-Cf-Id: 7X9Rlbxjme_rtXM1cBtymHZMB3AWeK5tBC5pNKIydFWmCPX-VJwJfg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-880455918

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e373248cb1f907c7a114b548604301707864b6b8a01176be3e039d4c951aa637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52882
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Dec 2022 23:26:40 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 175ms
107ms Script
application/javascript 2a02:26f0:3500:886::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:886::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "8d9d0550c915347e312e24f00d311e50"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1146

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 19 KB
7 KB 93ms
18ms Script
application/javascript 2.22.77.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.77.98 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-77-98.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e84693d9dec4bea6ff42b29fca1138a9813c4aa497fe05ff0fe569bcb84dd1ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 23:26:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 10:08:12 GMT
Server: AmazonS3
x-amz-request-id: VXEMXPHKMRF5F89S
ETag: "0f8eea89d647ec474cf5d3a0d3eeb307"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=158
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6459
x-amz-id-2: tEqaDpRaj33vSxmgltNBkmAcTAxpUdyH2CqtrL8GZG2gTFQuQmpEz8IfckEMeS+ciqv3PwQVHPk=

GET
H2 200 scevent.min.js Show response
sc-static.net/ 30 KB
13 KB 63ms
28ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 127ed38a4225bf1e539654ce93433380bfe10c5796588d6309ecec6afe02a3c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
content-encoding: gzip
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 13267
x-amz-cf-id: dUb5R0em0Vsv0aaJydVRGPW1JPt9TAoub9dTcmPuiK8-biBGCbvq4g==

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 198ms
106ms Script
application/javascript 23.35.149.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.149.89 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-35-149-89.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 55d7167ac39f38aa324234b7ae529849dd9553bfdb6dd4f9e6971dbe91f129c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id: 2c9c40b6.265985e
date: Tue, 13 Dec 2022 23:26:40 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-35-149-85.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 88,23.35.149.85
server-timing: cdn-cache; desc=MISS, edge; dur=82, origin; dur=6, inner; dur=4
content-length: 1804
pragma: no-cache
server: nginx
x-tt-logid: 2022121323264052CD38B02C9BB041309F
x-cache-remote: TCP_MISS from a23-220-105-77.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.105.77
x-tt-trace-host: 01c6dafb46f52b986846d986811805a1110089bf332101627e1647d07e05c47b875ca13b5d45c3087f1fd57a95019ef6094b5cfeb4fd7b0e3de73a0d06a2fed71462e90c54a23f7073156c9205f3dd4be99487caa9c7de0649225b5a056e523f0d
expires: Tue, 13 Dec 2022 23:26:40 GMT

GET
H2 200 c.min.js Show response
cdn.c212.net/ 747 B
1 KB 57ms
16ms Script
application/javascript 2600:9000:206f:c400:16:cfb1:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.c212.net/c.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c400:16:cfb1:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10fdc76cd92396525cf18941196d2251aa4d0c05ba2a0a5421e3af99c01503ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 20:55:32 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jan 2020 19:12:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 9069
etag: "9f5634a151b9e5ecb2adec9462f783d6"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 747
x-amz-cf-id: PQsxNETMdYiidk-sDq8HXKbzsDz0mOVughmVnJ0eLEs_24ZN5zWoyg==

GET
H2 200 tag Show response
t.jabmo.app/ 9 KB
9 KB 164ms
80ms Script
application/javascript 52.17.244.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.jabmo.app/tag?az=aWRTdWJzY3JpYmVyPTI5MjI
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.244.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-244-214.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2c65cd627cb4b73ece246a55e08dd1da18231fe448147c415f23407724b4b4f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
content-length: 8783
content-type: application/javascript;charset=UTF-8

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 253ms
177ms Script
application/javascript 23.35.149.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7OPARS02NEJ1K9SIUUG&lib=ttq
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.149.89 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-35-149-89.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 247ea2a3ce27b5a481a8e4dd2285ec1652a9bf870571a01f40c7d213103971c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id: 28442daa.265985f
date: Tue, 13 Dec 2022 23:26:40 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-35-149-85.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 157,23.35.149.85
server-timing: cdn-cache; desc=MISS, edge; dur=81, origin; dur=76, inner; dur=3
content-length: 1159
pragma: no-cache
server: nginx
x-tt-logid: 202212132326406807EDDC81FB09728F75
x-cache-remote: TCP_MISS from a23-46-239-76.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 76,23.46.239.76
x-tt-trace-host: 01c6dafb46f52b986846d986811805a1117c6e6e3fb4aedcdce3cfbb6e388a53caad53420d987e41e9174737e99ee6d7cad5555a8f716d89e211934b1a8e26e3b2bd770e422cc37a58d18d07b40a3d1b700d1cd7cf5a88e2dd7aec1f8075e36226
expires: Tue, 13 Dec 2022 23:26:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-5627812&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf35a3f6a17cd67aac2232d2db48d01d580258f75ee101017b88a336807f73eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44118
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Dec 2022 23:26:40 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/56550/
Redirect Chain

https://mpp.mxptint.net/2/27791/?rnd=%n
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_hm=UjM1Q0E5X0ZBREFBQjNGXzFBNzdGOTYx
https://aep.mxptint.net/sn.ashx
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R35CA9_FADAAB3F_1A77F961&redir=https://aep.mxptint.net/sn.ashx?ak=1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=75557&dpuuid=R35CA9_FADAAB3F_1A77F961&redir=https://aep.mxptint.net/sn.ashx
https://aep.mxptint.net/sn.ashx
https://ups.analytics.yahoo.com/ups/56550/sync?uid=R35CA9_FADAAB3F_1A77F961&_origin=1
https://ups.analytics.yahoo.com/ups/56550/sync?uid=R35CA9_FADAAB3F_1A77F961&_origin=1&verify=true

0
121 B

12ms
11ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56550/sync?uid=R35CA9_FADAAB3F_1A77F961&_origin=1&verify=true

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:41 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/56550/sync?uid=R35CA9_FADAAB3F_1A77F961&_origin=1&verify=true
date: Tue, 13 Dec 2022 23:26:41 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
261 B 116ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=tkox4xf&ct=0:h5zomvk&fmt=3
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 23:26:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 67ms
19ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-66351416-1&cid=1615954759.1670974000&jid=1188923649&gjid=1556645312&_gid=1021260136.1670974000&_u=YGBAiAABBAAAAEAAI~&z=1298103726

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 13 Dec 2022 23:26:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sickkidsfoundation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
7ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2051142221&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&ul=en-us&de=UTF-8&dt=SickKids%20Foundation%20%7C%20Donate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiAABBAAAAAAAI~&jid=1188923649&gjid=1556645312&cid=1615954759.1670974000&tid=UA-66351416-1&_gid=1021260136.1670974000&gtm=2wgbu0NJ4P25&z=1504079433

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74649
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/880455918/ 2 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/880455918/?random=1670974000325&cv=11&fst=1670974000325&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&auid=445717602.1670974000&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-880455918

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f08b39bfcfab4494b7109d2afc03ff8c6f57e5bbe6cbf875af0be501f2598a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 891
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 250085185187976 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 22ms
10ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/250085185187976?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

972b0263de6529e1c3f0e8f6a6a200684126a893482fd75e67dbf9916bf5bda9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 13 Dec 2022 23:26:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86269
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ROPvDGf+1NcXJX1ekY9VWvxwt3B+eDTcJmMwFQ89fQDN8myTVbU5afqs7kz1mKfxwPlqZLt3E4vlF6E1eJNlug==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 17ms
16ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
content-encoding: gzip
last-modified: Tue, 13 Dec 2022 16:10:50 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=60502
accept-ranges: bytes
content-length: 4581

GET
H2 404 c=12995
bcp.crwdcntrl.net/5/ 0
0 110ms
31ms Script
image/gif 52.17.7.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/c=12995?https://ad.crwdcntrl.net/5/c=12995/pe=y/callback=ci_events.pool_callback
Requested by: Host: d3htn85c6cao65.cloudfront.net
URL: https://d3htn85c6cao65.cloudfront.net/libraries/ci_events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.7.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-7-52.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:26:40 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.31.208
content-length: 49
expires: 0

GET
H2 200 modules.e446dd48ad4c173d0779.js Show response
script.hotjar.com/ 263 KB
68 KB 38ms
10ms Script
application/javascript 99.86.4.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e446dd48ad4c173d0779.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-302599.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-101.fra6.r.cloudfront.net

Software

Resource Hash

28e7e652bdb6c55c2347e51f218cacfca5645711fa919dc879b25a5c88991aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 14:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 32194
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68690
last-modified: Tue, 13 Dec 2022 14:30:02 GMT
etag: "e594ec8e48bfdcd811b3aa8ce1ff2044"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: IoZVc_UiJtcXZvQM1TmDQhUOvcBn8b0kHZLxKSO--_nvH1hEp7gAzA==

GET
H2 200 adsct
t.co/i/ 43 B
377 B 138ms
112ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=a578d23e-d1bb-4880-900d-af94db7d98e0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=16b2ce58-e2e3-4ab1-a877-c5667bee76d2&tw_document_href=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxw6l&type=javascript&version=2.3.29

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 13 Dec 2022 23:26:40 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: d6d20b80a34b733f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 42c1ea2cbb1a15886437097dd9de432d156fa797901b340d6ee709646f024712
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 167ms
111ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=a578d23e-d1bb-4880-900d-af94db7d98e0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=16b2ce58-e2e3-4ab1-a877-c5667bee76d2&tw_document_href=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxw6l&type=javascript&version=2.3.29

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time: 103
date: Tue, 13 Dec 2022 23:26:40 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 7b2afbfa534966c1
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 9ea7621de989e27a4e0dc34f5affb016b524f7262a5b672b159b9e860c66a997
content-length: 43

GET
H2 200 /
www.google.com/pagead/1p-user-list/1036497480/ 42 B
548 B 49ms
21ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1036497480/?random=1670974000281&cv=11&fst=1670972400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&fmt=3&is_vtc=1&random=1834359723&rmt_tld=0&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:26:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1036497480/ 42 B
108 B 50ms
22ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1036497480/?random=1670974000281&cv=11&fst=1670972400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&fmt=3&is_vtc=1&random=1834359723&rmt_tld=1&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:26:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/711607319/ 42 B
108 B 23ms
22ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/711607319/?random=1670974000284&cv=11&fst=1670972400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&fmt=3&is_vtc=1&random=2524498572&rmt_tld=0&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:26:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/711607319/ 42 B
548 B 37ms
19ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/711607319/?random=1670974000284&cv=11&fst=1670972400000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&fmt=3&is_vtc=1&random=2524498572&rmt_tld=1&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:26:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/e96685ea/www-widgetapi.vflset/ 162 KB
53 KB 51ms
16ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e96685ea/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42b1ed60cbdf88e3c800046c8cccb40d31206a5fe16d86d67cf28184d68c3e07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:02:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5069
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54126
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 01:16:42 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 13 Dec 2023 22:02:11 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 21ms
21ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-66351416-1&cid=1615954759.1670974000&jid=1188923649&_u=YGBAiAABBAAAAEAAI~&z=318688775

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:26:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 36ms
20ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-66351416-1&cid=1615954759.1670974000&jid=1188923649&_u=YGBAiAABBAAAAEAAI~&z=318688775

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:26:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2274266/domain/sickkidsfoundation.com/ 36 B
374 B 17ms
16ms XHR
application/json 2600:9000:206f:4000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2274266/domain/sickkidsfoundation.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.sickkidsfoundation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Dec 2022 23:24:41 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 119
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 8HEarLjL5pY4fnz9Tq1yJrTjvYnp6Pf8V3rHWK_vOP6uOXC8t2ks4w==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1670974000389&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2274266%26time%3D1670974000389%26url%3Dhttps%253A%252F%252Fwww.sickkidsfoundation...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1670974000389&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1670974000389&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&liSync=true&e_ipv6=AQK0ONMWl35_twAAAYUNz88EoszKBuhlFtdMYDdkhOi8nlvx31f...

0
265 B

149ms
106ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1670974000389&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&liSync=true&e_ipv6=AQK0ONMWl35_twAAAYUNz88EoszKBuhlFtdMYDdkhOi8nlvx31fWNmOZa9v3WQmw
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D7E43D7A606E46C4995017533E20DB52 Ref B: FRAEDGE1320 Ref C: 2022-12-13T23:26:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXvvfPC7T9eUzBnEkFxHQ==

Redirect headers

date: Tue, 13 Dec 2022 23:26:40 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8E9229CE00A5463080BAD29FFF04FFD5 Ref B: VIEEDGE2009 Ref C: 2022-12-13T23:26:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1670974000389&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&liSync=true&e_ipv6=AQK0ONMWl35_twAAAYUNz88EoszKBuhlFtdMYDdkhOi8nlvx31fWNmOZa9v3WQmw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXvvfPAg5OCBCJwiLx0RQ==

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/2274266/domain/sickkidsfoundation.com/ Frame 0
0 60ms
9ms Preflight 2600:9000:206f:4000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2274266/domain/sickkidsfoundation.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.sickkidsfoundation.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 85023
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Mon, 12 Dec 2022 23:49:37 GMT
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-id: nR1Mcj6u6bjYv9TyijLxtFF9DJe8e4wz_d5-kZ5w7DxE30HUZ3ELMw==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront

GET
H2 200 / Show response
c212.net/c/etag/ 384 B
861 B 319ms
291ms Script
text/html 65.9.66.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c212.net/c/etag/?clientId=y3q9pMjP&pixel=0&dmp=1&e1=1
Requested by: Host: cdn.c212.net
URL: https://cdn.c212.net/c.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-93.fra56.r.cloudfront.net
Software: Jetty(9.4.31.v20200723) /
Resource Hash: 83570984ac066eae1a59773c11bfef094e6557791d7456d492b306c8257adf43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
server: Jetty(9.4.31.v20200723)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: text/html;charset=iso-8859-1
content-language: de-DE
server-timing: intid;desc=c95fcd34244add13
content-length: 384
x-amz-cf-id: w5vHVqSUBLFgFj0U2lolMBQttZXWfOS5Nl9FO8NkY90hjJ88VJpH6A==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 145 B
872 B 93ms
37ms Fetch
application/json 2.22.77.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&advertiser_id=31041
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.77.98 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-77-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7c929d6fcd1528efa7836364c9b83f2d9f31849f8412ad984f0952b6ddd84d60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 23:26:40 GMT
Observe-Browsing-Topics: ?1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.sickkidsfoundation.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Origin-Trial: Az9xQo/imzWWuauBg0JngENQMoxulJzGzdGQ0VfUZDk7et2DJfmfUxfOWnHlwQiZRFG+Grc8bH8xWgOPW2ltjQQAAAB+eyJvcmlnaW4iOiJodHRwczovL3RlYWRzLnR2OjQ0MyIsImZlYXR1cmUiOiJQcml2YWN5U2FuZGJveEFkc0FQSXMiLCJleHBpcnkiOjE2ODA2NTI3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
Connection: keep-alive
Content-Length: 145
Expires: Tue, 13 Dec 2022 23:26:40 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/880455918/ 42 B
64 B 42ms
19ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/880455918/?random=1670974000325&cv=11&fst=1670972400000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2565475644&rmt_tld=0&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:26:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/880455918/ 42 B
108 B 22ms
21ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/880455918/?random=1670974000325&cv=11&fst=1670972400000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2565475644&rmt_tld=1&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:26:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1728472720702530 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1728472720702530?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5b44692e25b184a1b5d7b378f3a3747948733af1388cad5b35043d3898b58c14

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 13 Dec 2022 23:26:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86049
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: V1RkQWRNr57azLTsukIKZRGTW+S/pWRtHf3qalkJV4E3PLLrpNm4/rmVi7B7i9icYzhI4vBE5IHBIC/L0JsH3A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 30ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=250085185187976&ev=PageView&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&rl=&if=false&ts=1670974000420&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670974000419.221548578&it=1670974000364&coo=false&exp=a0&rqm=GET

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 13 Dec 2022 23:26:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 27ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1728472720702530&ev=PageView&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&rl=&if=false&ts=1670974000446&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670974000419.221548578&it=1670974000364&coo=false&exp=a0&rqm=GET

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 13 Dec 2022 23:26:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
insight.adsrvr.org/track/conv/ Frame 26DD 70 B
260 B 34ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=tkox4xf&ct=0:iug12rh&fmt=3
Requested by: Host: 5627812.fls.doubleclick.net
URL: https://5627812.fls.doubleclick.net/activityi;dc_pre=CPzS4Z3f9_sCFYTOsgod4iYHAQ;src=5627812;type=sickk0;cat=sickk0;ord=8533521524928;gtm=2wgbu0;auiddc=445717602.1670974000;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5627812.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 23:26:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 dc_pre=CPzS4Z3f9_sCFYTOsgod4iYHAQ;src=5627812;type=sickk0;cat=sickk0;ord=8533521524928;gtm=2wgbu0;auiddc=*;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F
adservice.google.com/ddm/fls/z/ Frame 26DD 42 B
494 B 82ms
46ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPzS4Z3f9_sCFYTOsgod4iYHAQ;src=5627812;type=sickk0;cat=sickk0;ord=8533521524928;gtm=2wgbu0;auiddc=*;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F

Requested by

Host: 5627812.fls.doubleclick.net
URL: https://5627812.fls.doubleclick.net/activityi;dc_pre=CPzS4Z3f9_sCFYTOsgod4iYHAQ;src=5627812;type=sickk0;cat=sickk0;ord=8533521524928;gtm=2wgbu0;auiddc=445717602.1670974000;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5627812.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:26:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
d.agkn.com/iframe/8301/ Frame 9E63 343 B
906 B 55ms
11ms Document
text/html 18.192.134.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/8301/?che=1258347681&type=3888903
Requested by: Host: 5627812.fls.doubleclick.net
URL: https://5627812.fls.doubleclick.net/activityi;dc_pre=CPzS4Z3f9_sCFYTOsgod4iYHAQ;src=5627812;type=sickk0;cat=sickk0;ord=8533521524928;gtm=2wgbu0;auiddc=445717602.1670974000;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.134.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-134-201.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 521cee3884da643fafcf11d44f1599abb166cfc20c730385e4cd273b7fedab92

Request headers

Referer: https://5627812.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 343
Content-Type: text/html;charset=UTF-8
Date: Tue, 13 Dec 2022 23:26:39 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1

GET
H/1.1 200
OK / Show response
d.agkn.com/iframe/8300/ Frame 9D23 223 B
780 B 55ms
11ms Document
text/html 18.192.134.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/8300/?che=1258347681&type=3888903
Requested by: Host: 5627812.fls.doubleclick.net
URL: https://5627812.fls.doubleclick.net/activityi;dc_pre=CPzS4Z3f9_sCFYTOsgod4iYHAQ;src=5627812;type=sickk0;cat=sickk0;ord=8533521524928;gtm=2wgbu0;auiddc=445717602.1670974000;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.134.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-134-201.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 52a1d0f52f460e327988c355867521b4de4af61472d94935afb22dd20cfea935

Request headers

Referer: https://5627812.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 223
Content-Type: text/html;charset=UTF-8
Date: Tue, 13 Dec 2022 23:26:39 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 26DD 103 KB
27 KB 11ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5d9d7e78e22202af03b2d09ad31952e031e3423006cba4a29fd506c5664c7761

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5627812.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 13 Dec 2022 23:26:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27320
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: zKhU7ZV6ZoQk8Y8Yw+fG4juR7ib4X33QDyKvz/1JBE6/ZV/Lg+sHDNN6zcSmkdJ9RW34Zez85LUIeCfif7uA7A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.9a94ee76.js Show response
s.pinimg.com/ct/lib/ 58 KB
21 KB 160ms
158ms Script
application/javascript 2a02:26f0:3500:886::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:886::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 77358e88e4d70191891544307a0a8677145d760e51eddef0293111d5a3008683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "e43867aadc515024dd460d8611098a12"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 20728

GET
H2 200 track
t.teads.tv/ 23 B
143 B 118ms
46ms Image
image/gif 2.22.77.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-web&tag_version=6.10.0_6960d44&advertiser_id=31041&referer=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&user_session_id=c6a098ff-37e1-4c20-91f7-bae2cf843124
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.77.98 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-77-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 13 Dec 2022 23:26:40 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H/1.1 200
OK getuidp Show response
secure.adnxs.com/ 31 B
699 B 73ms
22ms Script
application/javascript 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidp?callback=jabmo_uid_callback

Requested by

Host: t.jabmo.app
URL: https://t.jabmo.app/tag?az=aWRTdWJzY3JpYmVyPTI5MjI

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e6d9b490bde45d14a4f88a44e74bd6043a7cad3239acc7fbebbf4be122ef308a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 23:26:40 GMT
AN-X-Request-Uuid: cded3660-852d-4cc7-86f1-2ea6c0588b3c
Server: nginx/1.21.3
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.41; 81.95.5.41; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 31
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 jb-cdn-sp-3.5.0.js Show response
d22d1xpx4ztuef.cloudfront.net/ 73 KB
73 KB 37ms
9ms Script
application/javascript 2600:9000:2057:a800:a:ac8:89c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d22d1xpx4ztuef.cloudfront.net/jb-cdn-sp-3.5.0.js
Requested by: Host: t.jabmo.app
URL: https://t.jabmo.app/tag?az=aWRTdWJzY3JpYmVyPTI5MjI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:a800:a:ac8:89c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bf87e574d8b2927a82170f0d6dbca56e1bd9268a74df333fd342fc6cf7eac76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 21:04:53 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
last-modified: Tue, 06 Sep 2022 08:32:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 8752
etag: "0d8a2099757b4ba87b9c554b37b7a035"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 74309
x-amz-cf-id: xLK9enJIqNjr8gz5D5RIxI3LSQbhL11yT-vsHvfDTmaItBe_szob4w==

GET
DATA 200
OK truncated
/ 207 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8435aa6b4c48c34a0c144ef1ff3a9ff10559ecc2b4331c8de0673923032266f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 _Incapsula_Resource
www.sickkidsfoundation.com/ 1 B
35 B 177ms
176ms Image
text/plain 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/_Incapsula_Resource?SWKMTFSR=1&e=0.6062444131100284
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 main.MWI5ZjkwYWMwMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 234 KB
66 KB 18ms
18ms Script
application/javascript 23.35.149.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI5ZjkwYWMwMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.149.89 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-35-149-89.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ee3a94394da6a061c63b8c4333b600ce2720480a2ab8a80b3df720b2294deaf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id: 2659874
date: Tue, 13 Dec 2022 23:26:40 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202212131405212BEDD5FB78DD0E235BB0
vary: Accept-Encoding
x-cache: TCP_HIT from a23-35-149-85.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 012a40166fcbbd3607ca72a9b429edde52c5a1368ec3ae606d6860f58bae3fbf348f9f0465d8eb3b65e9cce1d5f5c3f98e715d0cc375c12d861a231f2cad0094c2b4f9c2f914a1499cdd49ae2bcb3d08f1
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 66474

GET
H2 204 0
bat.bing.com/action/ 0
176 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25070334&Ver=2&mid=b00f53c4-9805-4f63-ba7a-0acf9c5e47e9&sid=98d536107b3d11edb81a91075c437b90&vid=98d60a307b3d11ed8ab213bb2fbaf3de&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=SickKids%20Foundation%20%7C%20Donate&kw=SickKids%20Foundation,%20hospital%20foundation,%20children%27s%20hospital%20foundation,%20donate,%20donate%20online,%20children%27s%20charity,%20fund%20the%20fight,%20fundthefight.ca&p=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&r=&lt=4107&evt=pageLoad&sv=1&rn=602397

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Dec 2022 23:26:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A3F449BC50ED48329F8B709315E31651 Ref B: FRA31EDGE0520 Ref C: 2022-12-13T23:26:40Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1728472720702530 Show response
connect.facebook.net/signals/config/ Frame 26DD 293 KB
84 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1728472720702530?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5b44692e25b184a1b5d7b378f3a3747948733af1388cad5b35043d3898b58c14

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5627812.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 13 Dec 2022 23:26:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86049
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: V1RkQWRNr57azLTsukIKZRGTW+S/pWRtHf3qalkJV4E3PLLrpNm4/rmVi7B7i9icYzhI4vBE5IHBIC/L0JsH3A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ra.pixel
aa.agkn.com/adscores/ Frame 9E63 43 B
500 B 120ms
31ms Image
image/gif 18.200.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/ra.pixel?sid=9212273008
Requested by: Host: d.agkn.com
URL: https://d.agkn.com/iframe/8301/?che=1258347681&type=3888903
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.78.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-78-128.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d.agkn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:26:40 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

OPTIONS
H2 200 tp2
c.jabmo.app/com.snowplowanalytics.snowplow/ Frame 0
0 176ms
33ms Preflight 34.253.40.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.jabmo.app/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.40.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-40-236.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.sickkidsfoundation.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.sickkidsfoundation.com
access-control-max-age: 600
content-length: 0
date: Tue, 13 Dec 2022 23:26:40 GMT
server: nginx

POST
H2 200 tp2 Show response
c.jabmo.app/com.snowplowanalytics.snowplow/ 2 B
328 B 90ms
30ms XHR
text/plain 34.253.40.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.jabmo.app/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d22d1xpx4ztuef.cloudfront.net
URL: https://d22d1xpx4ztuef.cloudfront.net/jb-cdn-sp-3.5.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.40.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-40-236.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.sickkidsfoundation.com
date: Tue, 13 Dec 2022 23:26:40 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 / Show response
api.ipify.org/ 10 B
103 B 442ms
134ms XHR
text/plain 173.231.16.76
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/
Requested by: Host: t.jabmo.app
URL: https://t.jabmo.app/tag?az=aWRTdWJzY3JpYmVyPTI5MjI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.16.76 , United States, ASN18450 (WEBNX, US),
Reverse DNS: 173-231-16-76.static.webnx.com
Software: /
Resource Hash: c167fb135967791605f767f151d6e7c38828b0f9e27cb2b0b80ec5b5c7f8028e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: https://www.sickkidsfoundation.com
date: Tue, 13 Dec 2022 23:26:40 GMT
content-length: 10
vary: Origin
content-type: text/plain

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame 4AB7 2 KB
1 KB 30ms
7ms Document
text/html 143.204.215.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-302599.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-118.fra53.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 931478
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 04:42:02 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-id: nUZwKw1KV8aw47lOGT__QeauA2qW3lXBYt6wTudd9kHZG2oD-Z9DTQ==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 identify_a213e.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 16ms
16ms Script
application/javascript 23.35.149.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_a213e.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI5ZjkwYWMwMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.149.89 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-35-149-89.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id: 2659882
date: Tue, 13 Dec 2022 23:26:40 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202212131405223D2FEE6795D3A827DAEC
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-35-149-85.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0182ba66fde4676ac61afd0fab53dd12317e271c35cb085039331026525f44b5c14ee828f20f35cdf327c2c39ad0badc32b0fd852ae7dfb631b7b04eb051b0cecb52143d05ad8fd19aa13329d061ae8bd6
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30962

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
688 B 124ms
124ms Ping
application/octet-stream 23.35.149.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI5ZjkwYWMwMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.149.89 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-35-149-89.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4898971d.2659894
date: Tue, 13 Dec 2022 23:26:40 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-35-149-85.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 104,23.35.149.85
server-timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=23, inner; dur=20
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202212132326401D11CDA7977AA4402263
x-cache-remote: TCP_MISS from a23-220-105-83.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 23,23.220.105.83
x-tt-trace-host: 01c6dafb46f52b986846d986811805a1110089bf332101627e1647d07e05c47b870e0266434f97314ed8c67729ca7e812fa09aa23d05ec95ca3610a9dd5120a4768bd185a8764313edda2573222694555dd847c158c3252fe4afb4f393a21e1898
expires: Tue, 13 Dec 2022 23:26:40 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
688 B 202ms
202ms Ping
application/octet-stream 23.35.149.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI5ZjkwYWMwMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.149.89 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-35-149-89.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 9441e31f.2659895
date: Tue, 13 Dec 2022 23:26:40 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-35-149-85.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 181,23.35.149.85
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=99, inner; dur=93
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20221213232640C0D70E8B29843F401003
x-cache-remote: TCP_MISS from a23-220-105-85.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 99,23.220.105.85
x-tt-trace-host: 01c6dafb46f52b986846d986811805a1110089bf332101627e1647d07e05c47b878e161c6bb655ebbcfe3388a0bea2800fa9f2a88147703122fbef126d1f9cca468babd13798ce9391942a38abccfb15c68fafbcd415644408e61d4f1b7f15e9a5
expires: Tue, 13 Dec 2022 23:26:40 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 26DD 0
18 B 19ms
8ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1728472720702530&ev=PageView&dl=https%3A%2F%2F5627812.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPzS4Z3f9_sCFYTOsgod4iYHAQ%3Bsrc%3D5627812%3Btype%3Dsickk0%3Bcat%3Dsickk0%3Bord%3D8533521524928%3Bgtm%3D2wgbu0%3Bauiddc%3D445717602.1670974000%3B~oref%3Dhttps%253A%252F%252Fwww.sickkidsfoundation.com%252F%3F&rl=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&if=true&ts=1670974000670&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&it=1670974000577&coo=false&exp=a0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5627812.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 13 Dec 2022 23:26:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/302599/ 147 B
322 B 105ms
34ms XHR
application/json 52.215.128.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/302599/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e446dd48ad4c173d0779.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.128.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-128-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 281d704874a4f296b2e6ec2fcd9464321440a876204662f267df4b0347aff7ca

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 13 Dec 2022 23:26:40 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 / Show response
ct.pinterest.com/user/ 533 B
488 B 82ms
40ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612982544860&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1670974000704&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3dd9777e4bf37ebda9d52c257d4481a7793947d4793cdddef7218468a20c3cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pin-unauth: dWlkPVlUWTBOVGsxT1RZdFl6TmtaUzAwTVdRM0xUazNZbU10WVRWa05qYzJaRGt6T0RReQ
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Tue, 13 Dec 2022 23:26:40 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sickkidsfoundation.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
x-pinterest-rid: 9850804948614026
content-length: 373
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 533 B
762 B 77ms
35ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&tid=2612982544860&cb=1670974000704&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3dd9777e4bf37ebda9d52c257d4481a7793947d4793cdddef7218468a20c3cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pin-unauth: dWlkPVl6UmxNVEE0WkdVdE5tVXdaUzAwWVRjekxXRXpZV1V0T1RBd01HRmtOelkxTURRNQ
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Tue, 13 Dec 2022 23:26:40 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sickkidsfoundation.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1128944548819221
content-length: 373
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
96 B 80ms
39ms Image
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2612982544860&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.sickkidsfoundation.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%229a94ee76%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1670974000705
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:26:40 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1768091775239311
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
324 B 36ms
36ms Image
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&tid=2612982544860&cb=1670974000794&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.sickkidsfoundation.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%229a94ee76%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:26:40 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1384827989675298
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/sync/ 2 KB
2 KB 92ms
33ms Script
text/javascript 23.200.212.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/js?sync=auto&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1
Requested by: Host: c212.net
URL: https://c212.net/c/etag/?clientId=y3q9pMjP&pixel=0&dmp=1&e1=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.212.240 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-212-240.deploy.static.akamaitechnologies.com
Software: MT3 180 1fd3e2d master cdg-pixel-x7 config:1.0.0 /
Resource Hash: eea5922a6a92cbf1d4508955703af326aca723a1b5a2b7ca1bac6a41596036a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 23:26:40 GMT
Server: MT3 180 1fd3e2d master cdg-pixel-x7 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1578
Expires: Tue, 13 Dec 2022 23:26:39 GMT

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame CC4D 3 KB
1 KB 84ms
50ms Document
text/html 23.200.212.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=2f546399-0a30-4200-8f24-1e7c9783541a&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/js?sync=auto&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.212.240 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-212-240.deploy.static.akamaitechnologies.com
Software: MT3 180 1fd3e2d master cdg-pixel-x11 config:1.0.0 /
Resource Hash: e3b50d7e505547444624505d0e4dca2b56966b8fc1aa8b8bba8a21f5f7b83c1c

Request headers

Referer: https://www.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 954
Content-Type: text/html
Date: Tue, 13 Dec 2022 23:26:40 GMT
Expires: Tue, 13 Dec 2022 23:26:39 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 180 1fd3e2d master cdg-pixel-x11 config:1.0.0
Vary: Accept-Encoding

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ 0
480 B 47ms
46ms Image
image/gif 23.200.212.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.212.240 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-212-240.deploy.static.akamaitechnologies.com
Software: MT3 180 1fd3e2d master zrh-pixel-x31 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 23:26:40 GMT
Server: MT3 180 1fd3e2d master zrh-pixel-x31 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Tue, 13 Dec 2022 23:26:39 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
8ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=250085185187976&ev=Microdata&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&rl=&if=false&ts=1670974000923&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SickKids%20Foundation%20%7C%20Donate%22%2C%22meta%3Adescription%22%3A%22Your%20donations%20directly%20support%20SickKids%20Foundation.%20%20Funds%20are%20distributed%20in%20the%20areas%20of%20most%20need%20including%20research%2C%20clinical%20advances%20and%20compassionate%20care%20at%20The%20Hospital%20for%20Sick%20Children.%22%2C%22meta%3Akeywords%22%3A%22SickKids%20Foundation%2C%20hospital%20foundation%2C%20children%27s%20hospital%20foundation%2C%20donate%2C%20donate%20online%2C%20children%27s%20charity%2C%20fund%20the%20fight%2C%20fundthefight.ca%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22I%27ve%20joined%20the%20fight!%22%2C%22og%3Adescription%22%3A%22Join%20us.%20Make%20a%20gift%20with%20a%20lasting%20impact%20by%20becoming%20a%20SickKids%20monthly%20donor%20today.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.sickkidsfoundation.com%2F-%2Fmedia%2Fimages%2Fskf%2Fhomepage%2Ffall-2019%2F1019030-i-donated-post-image.ashx%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1670974000419.221548578&it=1670974000364&coo=false&es=automatic&tm=3&exp=a0&rqm=GET

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 13 Dec 2022 23:26:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
8ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1728472720702530&ev=Microdata&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&rl=&if=false&ts=1670974000948&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SickKids%20Foundation%20%7C%20Donate%22%2C%22meta%3Adescription%22%3A%22Your%20donations%20directly%20support%20SickKids%20Foundation.%20%20Funds%20are%20distributed%20in%20the%20areas%20of%20most%20need%20including%20research%2C%20clinical%20advances%20and%20compassionate%20care%20at%20The%20Hospital%20for%20Sick%20Children.%22%2C%22meta%3Akeywords%22%3A%22SickKids%20Foundation%2C%20hospital%20foundation%2C%20children%27s%20hospital%20foundation%2C%20donate%2C%20donate%20online%2C%20children%27s%20charity%2C%20fund%20the%20fight%2C%20fundthefight.ca%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22I%27ve%20joined%20the%20fight!%22%2C%22og%3Adescription%22%3A%22Join%20us.%20Make%20a%20gift%20with%20a%20lasting%20impact%20by%20becoming%20a%20SickKids%20monthly%20donor%20today.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.sickkidsfoundation.com%2F-%2Fmedia%2Fimages%2Fskf%2Fhomepage%2Ffall-2019%2F1019030-i-donated-post-image.ashx%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1670974000419.221548578&it=1670974000364&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 13 Dec 2022 23:26:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame CC4D 43 B
516 B 36ms
36ms Image
image/gif 23.200.212.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=0:1&mt_cb=747170&mop_top=
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=2f546399-0a30-4200-8f24-1e7c9783541a&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.212.240 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-212-240.deploy.static.akamaitechnologies.com
Software: MT3 180 1fd3e2d master zrh-pixel-x27 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=2f546399-0a30-4200-8f24-1e7c9783541a&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 23:26:41 GMT
Server: MT3 180 1fd3e2d master zrh-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Tue, 13 Dec 2022 23:26:40 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame CC4D 0
480 B 31ms
31ms Image
image/gif 23.200.212.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=2f546399-0a30-4200-8f24-1e7c9783541a&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.212.240 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-212-240.deploy.static.akamaitechnologies.com
Software: MT3 180 1fd3e2d master cdg-pixel-x26 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=2f546399-0a30-4200-8f24-1e7c9783541a&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 23:26:41 GMT
Server: MT3 180 1fd3e2d master cdg-pixel-x26 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Tue, 13 Dec 2022 23:26:40 GMT

GET
H2 204 adjabmo
t.jabmo.app/ 0
138 B 32ms
32ms Image
text/plain 52.17.244.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.jabmo.app/adjabmo?ai=0&ip=81.95.5.41&sid=2922&spduid=8c0998f4-402b-426d-8ab8-df1f4576f73f
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.244.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-244-214.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:41 GMT

GET
H2 200 sync
c212.net/c/ Frame CC4D 0
250 B 386ms
386ms Image
text/plain 65.9.66.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c212.net/c/sync?u=&c=US&dmpId=1&pid=2f546399-0a30-4200-8f24-1e7c9783541a
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-93.fra56.r.cloudfront.net
Software: Jetty(9.4.31.v20200723) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:42 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
server: Jetty(9.4.31.v20200723)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
server-timing: intid;desc=1608c81226787e6b
content-length: 0
x-amz-cf-id: B8zdsvZAP2EbZqVkogfcguuGipcxrch2ecfvKzpEm8PqNvHnze2DGw==

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame CC4D 43 B
516 B 38ms
37ms Image
image/gif 23.200.212.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=1:1&mt_cb=627156&check=2f546399-0a30-4200-8f24-1e7c9783541a&mop_top=
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.212.240 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-212-240.deploy.static.akamaitechnologies.com
Software: MT3 180 1fd3e2d master zrh-pixel-x10 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=2f546399-0a30-4200-8f24-1e7c9783541a&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 23:26:42 GMT
Server: MT3 180 1fd3e2d master zrh-pixel-x10 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Tue, 13 Dec 2022 23:26:41 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 26DD 0
15 B 8ms
8ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1728472720702530&ev=Microdata&dl=https%3A%2F%2F5627812.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPzS4Z3f9_sCFYTOsgod4iYHAQ%3Bsrc%3D5627812%3Btype%3Dsickk0%3Bcat%3Dsickk0%3Bord%3D8533521524928%3Bgtm%3D2wgbu0%3Bauiddc%3D445717602.1670974000%3B~oref%3Dhttps%253A%252F%252Fwww.sickkidsfoundation.com%252F%3F&rl=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&if=true&ts=1670974002173&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&it=1670974000577&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5627812.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 13 Dec 2022 23:26:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 611B 0
294 B 53ms
19ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=1da237a8-8122-4c02-9fcf-0aa6fde57222&u_scsid=30d38c15-c913-4e60-bb0b-86d4bab5392f&u_sclid=332e9fe2-8c2f-4f69-8d36-e8e55ac0c5b3

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 13 Dec 2022 23:26:42 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 1da237a8-8122-4c02-9fcf-0aa6fde57222.js Show response
tr.snapchat.com/config/com/ 144 B
541 B 54ms
20ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/1da237a8-8122-4c02-9fcf-0aa6fde57222.js

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

a25f0fe2d5ffb237188121e6df1c609b8e7fda449faf07a048160a7818043198

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/
Origin: https://www.sickkidsfoundation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 23:26:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.sickkidsfoundation.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 p
tr.snapchat.com/ 68 B
352 B 55ms
21ms Ping
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 13 Dec 2022 23:26:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://www.sickkidsfoundation.com
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 5
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 5791 565 B
423 B 36ms
36ms Document
text/html 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://www.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 13 Dec 2022 23:26:42 GMT
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 2
x-pinterest-rid: 5208958815094530

GET
H/1.1 200
OK app_open Show response
ads.connectedinteractive.com/api/web/100/8092782a3475b91c78e512ffafa20c56/ 2 B
564 B 339ms
122ms XHR
application/json 135.84.189.37
ASTUTEHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.connectedinteractive.com/api/web/100/8092782a3475b91c78e512ffafa20c56/app_open?pool_uuid=-1&pool_region=-1&ci_js_uuid=8b99053c-408f-40fc-989f-84f2ee41ec75&cb=1670974005368
Requested by: Host: d3htn85c6cao65.cloudfront.net
URL: https://d3htn85c6cao65.cloudfront.net/libraries/ci_events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.189.37 Toronto, Canada, ASN54527 (ASTUTEHOSTING, CA),
Reverse DNS
Software: nginx/1.16.0 / PHP/7.4.29
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 23:26:43 GMT
PMM-Response: 0
Server: nginx/1.16.0
X-Powered-By: PHP/7.4.29
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.sickkidsfoundation.com
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 10784Monthly-LP-Retargeting Show response
ads.connectedinteractive.com/api/web/100/8092782a3475b91c78e512ffafa20c56/ 145 B
529 B 339ms
122ms XHR
application/json 135.84.189.37
ASTUTEHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.connectedinteractive.com/api/web/100/8092782a3475b91c78e512ffafa20c56/10784Monthly-LP-Retargeting?pool_uuid=-1&pool_region=-1&ci_js_uuid=8b99053c-408f-40fc-989f-84f2ee41ec75&cb=1670974005369
Requested by: Host: d3htn85c6cao65.cloudfront.net
URL: https://d3htn85c6cao65.cloudfront.net/libraries/ci_events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.189.37 Toronto, Canada, ASN54527 (ASTUTEHOSTING, CA),
Reverse DNS
Software: nginx/1.16.0 / PHP/7.4.29
Resource Hash: eb651673d966f77afdabf0f28889227a8ba3ee4e8ddcf38341a031cdbf62a6b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 23:26:43 GMT
PMM-Response: 0
Server: nginx/1.16.0
X-Powered-By: PHP/7.4.29
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.sickkidsfoundation.com
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 10783--LP-Retargeting Show response
ads.connectedinteractive.com/api/web/100/c4a103bd3358fe0206b987b42fac6906/ 2 B
385 B 340ms
122ms XHR
application/json 135.84.189.37
ASTUTEHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.connectedinteractive.com/api/web/100/c4a103bd3358fe0206b987b42fac6906/10783--LP-Retargeting?pool_uuid=-1&pool_region=-1&ci_js_uuid=8b99053c-408f-40fc-989f-84f2ee41ec75&cb=1670974005369
Requested by: Host: d3htn85c6cao65.cloudfront.net
URL: https://d3htn85c6cao65.cloudfront.net/libraries/ci_events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.189.37 Toronto, Canada, ASN54527 (ASTUTEHOSTING, CA),
Reverse DNS
Software: nginx/1.16.0 / PHP/7.4.29
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 23:26:43 GMT
PMM-Response: 0
Server: nginx/1.16.0
X-Powered-By: PHP/7.4.29
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.sickkidsfoundation.com
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H3

200

src=8353444;dc_pre=CMDaq6Df9_sCFRhCkQUd8FYLsg;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8353444;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=8353444;dc_pre=CMDaq6Df9_sCFRhCkQUd8FYLsg;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://adservice.google.com/ddm/fls/z/src=8353444;dc_pre=CMDaq6Df9_sCFRhCkQUd8FYLsg;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

42 B
63 B

61ms
44ms

Image
image/gif

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8353444;dc_pre=CMDaq6Df9_sCFRhCkQUd8FYLsg;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Protocol

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:26:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 23:26:45 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=8353444;dc_pre=CMDaq6Df9_sCFRhCkQUd8FYLsg;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 08:11:00	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
c212.net/c	1970-01-20 12:35:58	Name: c Value: 0%3A7fffffff%3A16a0018a%3A63990a30%3A2cc9
www.sickkidsfoundation.com/	1969-12-31 23:59:59	Name: shell#lang Value: en
www.sickkidsfoundation.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: c0pdilm02u4gof1nhjmmwtfx
.sickkidsfoundation.com/	1970-01-20 16:54:45	Name: visid_incap_901569 Value: ddrMT8stTOiXZmgZ2pP47S0KmWMAAAAAQUIPAAAAAAAeFqxz9t2PmfiyleNdTht0
.sickkidsfoundation.com/	1969-12-31 23:59:59	Name: incap_ses_1025_901569 Value: lesXUDXzRVIxQrVnzog5Di4KmWMAAAAAWbtHYhw7FION3X4uhcD72w==
.bing.com/	1970-01-20 17:31:10	Name: MUID Value: 3671FC932F1A6F5A100CEEEA2E916E59
.sickkidsfoundation.com/	1970-01-20 10:19:10	Name: _gcl_au Value: 1.1.445717602.1670974000
.sickkidsfoundation.com/	1970-01-20 17:45:34	Name: _ga Value: GA1.2.1615954759.1670974000
.sickkidsfoundation.com/	1970-01-20 08:11:00	Name: _gid Value: GA1.2.1021260136.1670974000
.sickkidsfoundation.com/	1970-01-20 08:09:34	Name: _dc_gtm_UA-66351416-1 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: dXQ7MgJ8s2k
.youtube.com/	1970-01-20 12:28:46	Name: VISITOR_INFO1_LIVE Value: EVOz98-3itc
.sickkidsfoundation.com/	1969-12-31 23:59:59	Name: _schn Value: _qupdqv
.sickkidsfoundation.com/	1970-01-20 17:39:20	Name: _scid Value: a55e23f9-3548-4e64-9ec7-71a0c77dcd8d
.sickkidsfoundation.com/	1970-01-20 10:19:10	Name: _fbp Value: fb.1.1670974000419.221548578
.doubleclick.net/	1970-01-20 17:31:10	Name: IDE Value: AHWqTUlJ4LrGNpTg9GXfLShEL9HN5o_EV5xJTUKazw1rb-oK8N947U3iwm_Q8qZhIdk
.www.sickkidsfoundation.com/	1970-01-20 08:11:00	Name: ln_or Value: d
.sickkidsfoundation.com/	1970-01-20 08:09:35	Name: tfpsi Value: c6a098ff-37e1-4c20-91f7-bae2cf843124
.t.co/	1970-01-20 17:45:34	Name: muc_ads Value: 1c4bfd63-b0e7-4653-afa1-f4f6d8f7fdb1
.twitter.com/	1970-01-20 17:45:34	Name: personalization_id Value: "v1_wXYgrJQmvWHn2Wun4gqcwg=="
www.sickkidsfoundation.com/	1970-01-20 08:09:34	Name: ___utmvc Value: Svk207YJljAo5C14b6VG/f/Cn5sbrLWohFGnhJl3UTwKwQguLKIYcyNV3ei0osQ0BInpFhsuaVIWVTENS4hbgNFsppX2qd89M1Z5/3qPeM+EjuyWfVmeuJp67lJONYgBQ5cgfvtFurPUH00ZDnBELvNmNy4W3NiySoLTq8SvNb+sn41+HnRG/ITStpvhc7kd8PLr91sY5KI44E93X/cSXagxLsisJENWlibHoE9/FvcC99p2C+aKVCnKmygLCjWodXvCZIX/HuKAqNhOd5gW/yYstiOdi+tePsfMtGdK4azbgcDLY0OP+uLHikedzKqsbVkveTMvw5wKFOEjopA0Oj9HVDrM0bU4G4Es83rgoXSykyV+9TDOv+192Vn6l8P8o0dp3llqAoPLPDKFyv0Qb64u5iSkzM0b2cZhIh76HPoGjWK/e2CvqzRtUup2ru2Y0Itxs8Vh5AHtENvfw5zdifwysuBe1E61OqGaZtwq0dhoLaEWXBFSw8kMlVjm9DZYNvqlxvfEg9DYXX2aDZtWwjgBhap4ZOS0OoieNvmxEfyGr043Lvx1+Qngkm87Y3uiwv+heJnfbnmt6ReHwiiQFNPqQBXfCEnt/S93IRis4okzy31FvwEidPSg2gCpYz9ThPbDQ7IY1Hi0WVjJMX7krmpd/c8O+hxa5jkW83noyWqNyawuNaXseiYxEPYnpMwXK7My2HES3zPXspXIkaSLvULi+XL4JmsEPWX3ASn03AE4cFvnpMidPHVfroSmf1aNWB1kPstGbExcPfpqRYQwMDtmWqJ+r0hBHfwA0IBth3vGlSD4KSpFT/ljcRdcacOrBx1i+VY2zeC+3mk0n2F4wgHHm3BYqQAPCoECt8Q3nxlF08JUSjm2wdxQZKKyhPdrt55pUEcrYtsyoFlbHimu+nDgsHpQiFcav2654zCrZA+ae0ebv+6SPjecpphJrWyYkEj/eLIXzolSzNA6ZeQiRD9vYqAEq0A2jJgqrPEb+eCyqyOT8cWllfDgr1pYTp6Z5qPIGCrLkwWpBdCRaXSUR0UocSJcEMCDYxFTSwh8KK7xfKaxvpWoCbe8U37AZzQwhVNoH8yVpwLQ0/AxJ8Waa9jYv4R3Q7xlezPN1CTLOCLKg1G5UXCXDU7GscSUnx2Hk33mwGm+RIDkhZkFVTu8OcAGpZsVdNUjtxeYcxlZtjNzCJxVIcziWcx23L3qfhxj1LQi9XXYuNgbcIK2h5ESU6YqbIYOXpic0Ilr5UfMlJXx5tngp3qvP+xakTUrC0Jfj6Z0Wv83Y12flIHLINO0mn2CmF7m6FK9M6BnkrrmVTtFjXH0gG3/c16eL8NZzhmAbUUB3j1bilSexjWETUviALFG4QMMIHOxX4Roqf5Yc5uGa9MimbPgN95en50vbJGpBKFaDoclfwzuk492szcBloKuCnONf7rkWeW2cWaIzRiRbvcm9q27OfwNJ74iWGvdqSXimYm8sIN+ges/Ix8hSlHzXBaFc/m3j9LIkMUJRrRlYgoevEYPewk15Nz5jlooGJ3gxngvcjDFB6bipuQI4UAZGSTagK4oNKbQmkSs7D+SpybOgwfchFopmMC9EMsS6EGppJYsjcReS/FajcBVzAr4VQ6k0DDIMBDCRzhEYsiS7ZFc186///a5NpQ7zYLxWy3SwDBn+PqYPbbDp+SSVzHf+bMEhY+E3qkwVPZfv2TL2wGyEgcWZ7JMOciB9oKecsjc6QKJ8xSHDKgdSkCYM1F0F6xV6SguHyEOOvg28WKeAJvtM3hycs3QWHBh7ZKo0sVentubSq5iKQp4+Lr4alwd1GgwoYyjXQmzb71ObNJ0U7aMXLybDjbNKC5JEJB2Y6lyvk9l637ss9+FV1IKMF9AredBA16MfAYzQeRiCdXAmRoKif3whn+Rmv2z4J9ja5OWSXwalTDODlavmFfrrd7rs7Ao6CaxzWYmMlTEVR/hwftVvSWQ9ueSY//+sIZajPu0g6axrP4SCOWwEPPiPAwDVDqNLQzikm80w99ULhj6Lz0RuBOyWI1IKeZk2Yb+lLJMFRrb/tfVrmi/6LYQnWSCj61EfiY20l5IJQS2yDkVL5pmscEwyXVYOUBg6abkSeKGX5tg1Kmos+5Pd4KK+H7isG9XwyBoTF2l41jacu+/F46Tfx47Lx0LcybMZbfDYn/jjMj6Eqgu9EqOHv9FQMru6ksU3X96ewL3yty9z4b2Xq0paYNQrN2Y9N+cJiXkb9fmPCSCA5RL+8CJbwPibxKo5TRAuOBbmnmA/ki372aDp+QjVX1kmUsuY5SY1gGt39LmHpYfOvhH75z+9mMW1NSNTd3B096VOwQVzoZUbFOepjQY5W0xRSH+3wQjt/CqVdktSI2JSIAqFOVThppYfzIcrlyDYC9pxInx3gqmI1vdliZ3amCb4ZGwitZy8YhyDu+XVKBhgyOeGZCkcPMmtExKcbEfeAfpe3TZXUiYW7QFPkQhluPrl0ZDBaywvccblkdGOf0RmBziOogbHyHT50F0//Oe/DtFMTe8L1TMVyYHTeXLrguMlvIfd/SqVWqBT9Ym+RRZboJKv/c+4fS7J8Mq0/hGjETZ8PzTqizwMiTpQOWS5gv7Kwi32wFsOZthdOFCMnclokE4IblFJgcq3+SIojszQAxTj3hCWvK7mANTNlC84v6dKh71xPFR57j2LGRpZ2VzdD0xODQ3OTYscz03ZDdhNjk5ZTliODk2YTc5NjNhMDljYTc4NzZiYTg4Yzg2Nzg3YTkyOTU3ZDdjYTRhNTZhYWJhYzdiNjVhMzdlODg2ZjljODI4Nzg5NzE3NA==
.sickkidsfoundation.com/	1970-01-20 08:11:00	Name: _uetsid Value: 98d536107b3d11edb81a91075c437b90
.agkn.com/	1970-01-20 16:55:10	Name: ab Value: 0001%3A9O1P2Skqz38dxaazLZfVb%2F35jG4fmSsC
.agkn.com/	1970-01-20 16:55:10	Name: u Value: C\|0AAArK8awKyvGsAAAAAAA
.sickkidsfoundation.com/	1970-01-20 17:31:10	Name: _uetvid Value: 98d60a307b3d11ed8ab213bb2fbaf3de
.tiktok.com/	1970-01-20 17:31:10	Name: _ttp Value: 2Isd0Mmi0YapXKe6znEgy3wngV6
.sickkidsfoundation.com/	1970-01-20 08:09:35	Name: JabmoSP0ses.106a Value: *
.sickkidsfoundation.com/	1970-01-20 16:55:10	Name: JabmoSP0id.106a Value: 8c0998f4-402b-426d-8ab8-df1f4576f73f.1670974001.1.1670974001..71de68c8-dbdd-48d6-aa45-aa7dfb3ffb40..f2838115-03a6-4875-9735-f9775af1663e.1670974000608.1
.sickkidsfoundation.com/	1970-01-20 17:31:10	Name: _tt_enable_cookie Value: 1
.sickkidsfoundation.com/	1970-01-20 17:31:10	Name: _ttp Value: tDzbPYJ9REP4beJBnqK0FDQN4KB
.linkedin.com/	1970-01-20 08:52:46	Name: UserMatchHistory Value: AQJ2cvUTTdn2RgAAAYUNz83mcDq88R9gpQrti7awGt95RBrjytuVDiKqvsMKmGPoKNH97ZrfHTNsuQ
.linkedin.com/	1970-01-20 08:52:46	Name: AnalyticsSyncHistory Value: AQJ_hh2w6zWtywAAAYUNz83m7Fw1U5SQKKszrSG--APjSDG_1NAjg42FNgJzUQj863frvPFGDZ0UohgxTjsWTg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:55:10	Name: bcookie Value: "v=2&f15c2033-dd3b-4af8-805f-7f87ff85907f"
.linkedin.com/	1970-01-20 08:11:00	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2802:u=1:x=1:i=1670974000:t=1671060400:v=2:sig=AQHC1TuZgSuW9ICzac-3RuqbkDZQyKFu"
.sickkidsfoundation.com/	1970-01-20 16:55:10	Name: _hjSessionUser_302599 Value: eyJpZCI6IjdmMjJlMDhmLTcxYWQtNTI4NC04OTg5LTM5ZGExNWZhYzA4MSIsImNyZWF0ZWQiOjE2NzA5NzQwMDA0NjYsImV4aXN0aW5nIjpmYWxzZX0=
.sickkidsfoundation.com/	1970-01-20 08:09:35	Name: _hjFirstSeen Value: 1
www.sickkidsfoundation.com/	1970-01-20 08:09:34	Name: _hjIncludedInSessionSample Value: 0
.sickkidsfoundation.com/	1970-01-20 08:09:35	Name: _hjSession_302599 Value: eyJpZCI6IjhkYjE4NzJlLTdkNmQtNGE1Ni1hOWY4LTBiNGJhNzJlYWVmZCIsImNyZWF0ZWQiOjE2NzA5NzQwMDA2OTIsImluU2FtcGxlIjpmYWxzZX0=
www.sickkidsfoundation.com/	1970-01-20 08:09:34	Name: _hjIncludedInPageviewSample Value: 1
.sickkidsfoundation.com/	1970-01-20 08:09:35	Name: _hjAbsoluteSessionInProgress Value: 0
.sickkidsfoundation.com/	1970-01-20 16:55:10	Name: _pin_unauth Value: dWlkPVlUWTBOVGsxT1RZdFl6TmtaUzAwTVdRM0xUazNZbU10WVRWa05qYzJaRGt6T0RReQ
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:55:10	Name: bscookie Value: "v=1&202212132326400854a744-2df5-4d64-8e24-d15e0843198aAQGHAqoSFByjP-10YvZ2QVXYZvA_TCOT"
.linkedin.com/	1970-01-20 12:28:46	Name: li_gc Value: MTswOzE2NzA5NzQwMDA7MjswMjHUBO5NSLiI3zp2eiBRCiB+ZINq9ekp/uVEKdheqZZM0Q==
.ct.pinterest.com/	1970-01-20 16:55:10	Name: _pinterest_ct_ua Value: "TWc9PSYvZHFUVFV2Z2hhdUxLN3U0K1FlNWdGS25oYWN3NFZtNGh0SVlkajhiUjhvN0MwV2hRUHBqT0VoNEJsN0hrZzlacVM2NmRmYmFaci9vQXdLSldzK2xkSXJReUFkNjhFU21KOVlkQitxKy9tdz0mblh4c2g0elk4WUsrZ2R5NkdycmkybnVSdzNrPQ=="
c.jabmo.app/	1970-01-20 16:55:10	Name: sp Value: e0c751f4-f0cb-42e5-81a4-970a1ee3d56a
.mathtag.com/	1970-01-20 17:35:29	Name: uuid Value: 2f546399-0a30-4200-8f24-1e7c9783541a
.mathtag.com/	1970-01-20 08:52:46	Name: mt_misc Value: mt_bt:1
.mathtag.com/	1970-01-20 08:52:46	Name: mt_mop Value:
.demdex.net/	1970-01-20 12:28:46	Name: demdex Value: 19356372302556879013132162732842752863
.dpm.demdex.net/	1970-01-20 12:28:46	Name: dpm Value: 19356372302556879013132162732842752863
.mxptint.net/	1970-01-20 17:45:34	Name: mxpim Value: R35CA9_FADAAB3F_1A77F961.1.63990A3063990A31000000000000000000000000000000000000000063990A31
.yahoo.com/	1970-01-20 16:55:31	Name: A3 Value: d=AQABBDEKmWMCEHO4nhJfX1TcvKjoFq8Uvc4FEgEBAQFbmmOiYwAAAAAA_eMAAA&S=AQAAAiZj52ih_j_dPedLNLWk6Ts
.analytics.yahoo.com/	1970-01-20 16:55:10	Name: IDSYNC Value: 17mu~28tz
.snapchat.com/	1970-01-20 17:31:10	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ3AIAwDwYkiGUrzZRxTwRQZnjtIP/p3zPM5hjfhjkKcFxYr3apaosmQeukCYPS2wDIAAAA=
.connectedinteractive.com/	1970-01-20 08:09:37	Name: 8092782a3475b91c78e512ffafa20c56_open Value: 1670974005

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bcp.crwdcntrl.net/5/c=12995?https://ad.crwdcntrl.net/5/c=12995/pe=y/callback=ci_events.pool_callback Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.sickkidsfoundation.com/ Message: Refused to execute script from 'https://bcp.crwdcntrl.net/5/c=12995?https://ad.crwdcntrl.net/5/c=12995/pe=y/callback=ci_events.pool_callback' because its MIME type ('image/gif') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5627812.fls.doubleclick.net
aa.agkn.com
ad.doubleclick.net
ads.connectedinteractive.com
adservice.google.com
aep.mxptint.net
analytics.tiktok.com
analytics.twitter.com
api.ipify.org
bat.bing.com
bcp.crwdcntrl.net
c.jabmo.app
c212.net
cdn.c212.net
cdn.linkedin.oribi.io
cm.g.doubleclick.net
cm.teads.tv
connect.facebook.net
ct.pinterest.com
d.agkn.com
d22d1xpx4ztuef.cloudfront.net
d3htn85c6cao65.cloudfront.net
dpm.demdex.net
googleads.g.doubleclick.net
in.hotjar.com
insight.adsrvr.org
mpp.mxptint.net
p.teads.tv
pixel.mathtag.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.pinimg.com
sc-static.net
script.hotjar.com
secure.adnxs.com
sickkidsfoundation.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
t.jabmo.app
t.teads.tv
tr.snapchat.com
ups.analytics.yahoo.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.sickkidsfoundation.com
www.youtube.com
104.244.42.133
104.244.42.195
107.154.138.76
107.154.141.76
13.107.42.14
13.32.27.21
135.84.189.37
142.250.186.38
142.250.186.98
143.204.207.250
143.204.214.56
143.204.215.118
146.75.120.157
151.101.192.84
172.217.16.198
173.231.16.76
18.192.134.201
18.200.78.128
185.89.210.153
2.22.77.98
23.200.212.240
23.35.149.89
2600:9000:2057:a800:a:ac8:89c0:21
2600:9000:206f:4000:2:53b2:240:93a1
2600:9000:206f:c400:16:cfb1:a0c0:93a1
2620:1ec:22::14
2620:1ec:c11::200
2a00:1450:4001:806::200e
2a00:1450:4001:809::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c0b::9b
2a02:26f0:3500:16::215:14a0
2a02:26f0:3500:886::1931
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.126.56.137
34.253.40.236
35.190.43.134
38.68.201.139
4.78.226.224
52.17.244.214
52.17.7.52
52.215.128.208
52.223.40.198
54.170.10.162
65.9.66.93
99.86.4.101
06ee1945f49d2b63fb4bd1e21c880cfd59480b896aa570edf42d46a78706947c
0dbe4e359691cb6e52645dd62f303ca38a794fc0007ce21216c970618bf34c3f
10fdc76cd92396525cf18941196d2251aa4d0c05ba2a0a5421e3af99c01503ae
127ed38a4225bf1e539654ce93433380bfe10c5796588d6309ecec6afe02a3c9
128c0e851a14ef5126d9d8aa410751a1949dace5fae48e510100cc22aa22bb8d
14e0e9e6ada3040dacca5c75fa38a833a2c07e07313f4c597da40c0a9d563d90
1598d5561779547d3fb26f8c6d016653de34203d8ac2b711cc64cb22356db68a
188df28d9a43df9305e789776e4eed7f4afdd7c1d391dc5706d816af46554ede
198f185492b002abf346368e3c4ef32ba0113626d588e607e5ed1997bc9c8906
218b8c71bb8e4d353e81436dc551adb3e5c413a96f0c8f18981e72d13c526d1f
23faa7bfa1dac55dee23590cd2bd96b8abcf68ff4aa74c65f345e1a69895ce01
247ea2a3ce27b5a481a8e4dd2285ec1652a9bf870571a01f40c7d213103971c2
2586de1bdd33fe18d0f47459d71c851444d7415898fddceb4248b6d11d24033a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
281d704874a4f296b2e6ec2fcd9464321440a876204662f267df4b0347aff7ca
28e7e652bdb6c55c2347e51f218cacfca5645711fa919dc879b25a5c88991aed
2c65cd627cb4b73ece246a55e08dd1da18231fe448147c415f23407724b4b4f3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3dd9777e4bf37ebda9d52c257d4481a7793947d4793cdddef7218468a20c3cf6
42b1ed60cbdf88e3c800046c8cccb40d31206a5fe16d86d67cf28184d68c3e07
44cec66e8f45f1c1573be7ee656b280f475f07b608982b8e68c742363d202ee1
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51f7f156fa7d1ca539d8c26cc8f8e4dfc5c8ebe6d75c1ec906a3bac51e202120
521cee3884da643fafcf11d44f1599abb166cfc20c730385e4cd273b7fedab92
52a1d0f52f460e327988c355867521b4de4af61472d94935afb22dd20cfea935
55d7167ac39f38aa324234b7ae529849dd9553bfdb6dd4f9e6971dbe91f129c5
57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
5b44692e25b184a1b5d7b378f3a3747948733af1388cad5b35043d3898b58c14
5d9d7e78e22202af03b2d09ad31952e031e3423006cba4a29fd506c5664c7761
60933856d2d830423c0cae3d36c6c5a1502b247996f0bf476fbf2c542e49362a
61ed697adcb10f1530bf63fd24d054c4b349911eb7e32d73300ebec8b792af65
63cbb4d3bd7ad1f3eeaa54b37a2e137be0836466218d3bd4ab2b0ef3eb82fc3b
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c
694bc35fc07d7091b82ee02e6b7cbcacc69edb23c9dfd515a18647d684456c51
6bf87e574d8b2927a82170f0d6dbca56e1bd9268a74df333fd342fc6cf7eac76
6d4ce206402d2f4a658e653d8722cd8b7df7ba0354b0930eb5bb0f7722bc4a43
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c
764321796f5e9fa203bf462c491502a824f60e5e1a5f81be8f00cad70528207b
77358e88e4d70191891544307a0a8677145d760e51eddef0293111d5a3008683
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c929d6fcd1528efa7836364c9b83f2d9f31849f8412ad984f0952b6ddd84d60
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83570984ac066eae1a59773c11bfef094e6557791d7456d492b306c8257adf43
8435aa6b4c48c34a0c144ef1ff3a9ff10559ecc2b4331c8de0673923032266f3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b273fe0ae11dfeb96f7a56f1b5ecd2d76500147927ad557356faa5227d17032
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e7886ca694961f682698c0b5130d818c003f6011d3a6a24a7bc768fe128f17a
905de7fd4899868cd6349387996673bd1cdfe3768d409f844bd8b0796b0f35ec
92d37ecd96baf17cac29d16b9f2ff45ef00d4179e5d1f7ab786a4005d3b8e2ff
9611157a5a58bb3e7b32b98a53aaa7f8ef7043e1748a638923f567cb01cfcb3d
972b0263de6529e1c3f0e8f6a6a200684126a893482fd75e67dbf9916bf5bda9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a00c3a6727034456bab42599aa7e7a40df410fb582b30b1622b47a2977e1346b
a25f0fe2d5ffb237188121e6df1c609b8e7fda449faf07a048160a7818043198
a3a811f50d5add19334decb077985c361fafa4443cb0fb74ddab07c302ebd767
a9bae822288365e478a012a878f420a8d882140366921b778ee6f04883aaa96b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ed35215b3bf2f36f707ca2e771c287248aff0934063d907388baa5cfca14a3
b2b5f287e815da96dbd8a5b75df6679aa78a6590f2c82aafdb6c33bd147ed0e4
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6cb09e57c1ed08553566bda474cf9681c03fc4ba091731c81c78a6a4226740b
c167fb135967791605f767f151d6e7c38828b0f9e27cb2b0b80ec5b5c7f8028e
c5edc0a6a6d86fd6d723b61d5062a1a1e2bcf3b770cdb22d9ce5ec42ad963b6c
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cf35a3f6a17cd67aac2232d2db48d01d580258f75ee101017b88a336807f73eb
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d6af43677b5ee5433fab178cd71cfe6e141078fb257c7a73bc320ec9766f3e02
e373248cb1f907c7a114b548604301707864b6b8a01176be3e039d4c951aa637
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b50d7e505547444624505d0e4dca2b56966b8fc1aa8b8bba8a21f5f7b83c1c
e6d9b490bde45d14a4f88a44e74bd6043a7cad3239acc7fbebbf4be122ef308a
e84693d9dec4bea6ff42b29fca1138a9813c4aa497fe05ff0fe569bcb84dd1ce
eb651673d966f77afdabf0f28889227a8ba3ee4e8ddcf38341a031cdbf62a6b4
ee3a94394da6a061c63b8c4333b600ce2720480a2ab8a80b3df720b2294deaf5
eea5922a6a92cbf1d4508955703af326aca723a1b5a2b7ca1bac6a41596036a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08b39bfcfab4494b7109d2afc03ff8c6f57e5bbe6cbf875af0be501f2598a7a
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f70d6b776764d40f70d36c0d47cbf3cf94d8cfa967b5249d986c0dc5e6f8ab89
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

www.sickkidsfoundation.com Open in urlscan Pro 107.154.141.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

121 Requests

98 %HTTPS

33 %IPv6

36 Domains

54 Subdomains

45 IPs

7 Countries

2669 kBTransfer

5194 kBSize

58 Cookies

12 Outgoing links

Page URL History

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sickkidsfoundation.com Open in urlscan Pro
107.154.141.76 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

98 %
HTTPS

33 %
IPv6

36
Domains

54
Subdomains

45
IPs

7
Countries

2669 kB
Transfer

5194 kB
Size

58
Cookies

121 HTTP transactions
1 data transactions