www.sickkidsfoundation.com Open in urlscan Pro
107.154.141.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.e2rm.com/wf/click?upn=6CUSxnxUtq-2FbBCC7hxTXD-2Bn8Q4t9Cq6tot0rKVz3f-2F6k-2FDpF39uPHtDQtUXsr9cI_eUuU84np9b...
Effective URL:
https://www.sickkidsfoundation.com/
Submission: On June 17 via manual (June 17th 2019, 11:03:45 pm UTC) from CA

Summary HTTP 68 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 25 domains to perform 68 HTTP transactions. The main IP is 107.154.141.76, located in United States and belongs to INCAPSULA - Incapsula Inc, US. The main domain is www.sickkidsfoundation.com.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on June 4th 2019. Valid for: 6 months.

This is the only time www.sickkidsfoundation.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.52 167.89.118.52	11377 (SENDGRID) (SENDGRID - SendGrid)
1 28	107.154.141.76 107.154.141.76	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	147.75.205.49 147.75.205.49	54825 (PACKET) (PACKET - Packet Host)
1	151.101.36.157 151.101.36.157	54113 (FASTLY) (FASTLY - Fastly)
1	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	143.204.208.43 143.204.208.43	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	38.68.201.139 38.68.201.139	174 (COGENT-174) (COGENT-174 - Cogent Communications)
2 2	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	38.67.14.225 38.67.14.225	174 (COGENT-174) (COGENT-174 - Cogent Communications)
2 2	52.214.222.48 52.214.222.48	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	2a00:1288:110... 2a00:1288:110:833::4000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	204.2.255.237 204.2.255.237	2914 (NTT-COMMU...) (NTT-COMMUNICATIONS-2914 - NTT America)
1	52.51.120.75 52.51.120.75	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	172.217.22.6 172.217.22.6	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:816::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.83.82 147.75.83.82	54825 (PACKET) (PACKET - Packet Host)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	147.75.83.19 147.75.83.19	54825 (PACKET) (PACKET - Packet Host)
6	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
4 6	52.18.108.235 52.18.108.235	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	34.249.111.226 34.249.111.226	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER - Twitter Inc.)
2 6	50.23.67.73 50.23.67.73	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
2 2	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
68	27

1 167.89.118.52 (United States) 1 redirects

ASN11377 (SENDGRID - SendGrid, Inc., US)
PTR: o16789118x52.outbound-mail.sendgrid.net

email.e2rm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 107.154.141.76 (United States) 1 redirects

ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 107.154.141.76.ip.incapdns.net

www.sickkidsfoundation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.205.49 (Chicago, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-26

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.36.157 (Amsterdam, Netherlands)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.208.43 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-43.fra53.r.cloudfront.net

d3htn85c6cao65.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.68.201.139 (United States) 1 redirects

ASN174 (COGENT-174 - Cogent Communications, US)

mpp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.210.2 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.67.14.225 (United States) 2 redirects

ASN174 (COGENT-174 - Cogent Communications, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.222.48 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-214-222-48.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:833::4000 (United Kingdom) 2 redirects

ASN34010 (YAHOO-IRD, GB)

ad.yieldmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.2.255.237 (United States)

ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US)

yhp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.120.75 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-51-120-75.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.6 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f6.1e100.net

5627812.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.83.82 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-29

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.83.19 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-24

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.18.108.235 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-18-108-235.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.111.226 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-249-111-226.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 50.23.67.73 (San Jose, United States) 2 redirects

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 49.43.1732.ip4.static.sl-reverse.com

ads.connectedinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.102 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s42-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	sickkidsfoundation.com 1 redirects www.sickkidsfoundation.com	3 MB
8	doubleclick.net 6 redirects cm.g.doubleclick.net 5627812.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net	4 KB
7	crwdcntrl.net 4 redirects bcp.crwdcntrl.net ad.crwdcntrl.net	4 KB
6	connectedinteractive.com 2 redirects ads.connectedinteractive.com	3 KB
6	facebook.com www.facebook.com	787 B
5	facebook.net connect.facebook.net	198 KB
4	mxptint.net 3 redirects mpp.mxptint.net aep.mxptint.net yhp.mxptint.net	2 KB
3	google.com 1 redirects www.google.com adservice.google.com	407 B
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	91 KB
2	google.de www.google.de	218 B
2	demdex.net 2 redirects dpm.demdex.net	1 KB
2	bing.com bat.bing.com	7 KB
2	google-analytics.com www.google-analytics.com	17 KB
1	twitter.com analytics.twitter.com	672 B
1	t.co t.co	487 B
1	ytimg.com s.ytimg.com	8 KB
1	adsrvr.org insight.adsrvr.org	260 B
1	yahoo.com 1 redirects ads.yahoo.com	683 B
1	yieldmanager.com 1 redirects ad.yieldmanager.com	749 B
1	cloudfront.net d3htn85c6cao65.cloudfront.net	25 KB
1	youtube.com www.youtube.com	1 KB
1	googleadservices.com www.googleadservices.com	9 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	50 KB
1	e2rm.com 1 redirects email.e2rm.com	244 B
68	25

	Domain	Requested by
28	www.sickkidsfoundation.com	1 redirects www.sickkidsfoundation.com
6	ads.connectedinteractive.com	2 redirects d3htn85c6cao65.cloudfront.net
6	bcp.crwdcntrl.net	4 redirects
6	www.facebook.com	www.sickkidsfoundation.com
5	connect.facebook.net	www.sickkidsfoundation.com connect.facebook.net
2	ad.doubleclick.net	2 redirects
2	www.google.de	www.sickkidsfoundation.com
2	www.google.com	1 redirects www.sickkidsfoundation.com
2	5627812.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	dpm.demdex.net	2 redirects
2	aep.mxptint.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	bat.bing.com	www.googletagmanager.com www.sickkidsfoundation.com
2	www.google-analytics.com	www.googletagmanager.com www.sickkidsfoundation.com
1	adservice.google.com
1	analytics.twitter.com	static.ads-twitter.com
1	ad.crwdcntrl.net	www.sickkidsfoundation.com
1	vars.hotjar.com	static.hotjar.com
1	t.co	www.sickkidsfoundation.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	s.ytimg.com	www.youtube.com
1	script.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	1 redirects
1	insight.adsrvr.org	www.sickkidsfoundation.com
1	yhp.mxptint.net	www.sickkidsfoundation.com
1	ads.yahoo.com	1 redirects
1	ad.yieldmanager.com	1 redirects
1	mpp.mxptint.net	1 redirects
1	d3htn85c6cao65.cloudfront.net	www.sickkidsfoundation.com
1	www.youtube.com	www.sickkidsfoundation.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googletagmanager.com	www.sickkidsfoundation.com
1	email.e2rm.com	1 redirects
68	35

This site contains links to these domains. Also see Links.

Domain
secure.sickkidsfoundation.com
www.facebook.com
www.twitter.com
www.youtube.com
www.instagram.com
www.imaginecanada.ca
www.sickkids.ca

Subject Issuer	Validity	Valid
incapsula.com GlobalSign CloudSSL CA - SHA256 - G3	`2019-06-04` - `2019-11-27`	6 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 5	`2017-07-20` - `2019-07-10`	2 years	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-06-08` - `2019-09-06`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2018-08-16` - `2019-08-21`	a year	crt.sh
www.googleadservices.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
*.mxptint.net Starfield Secure Certificate Authority - G2	`2017-08-02` - `2020-08-02`	3 years	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.doubleclick.net Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-06-08` - `2019-09-06`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-06-08` - `2019-09-06`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.connectedinteractive.com Go Daddy Secure Certificate Authority - G2	`2018-05-22` - `2020-05-22`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://www.sickkidsfoundation.com/
Frame ID: 5B63E5E3D6F5E18BBBCCBF92B5BBA666
Requests: 67 HTTP requests in this frame

Frame: https://5627812.fls.doubleclick.net/activityi;dc_pre=CNrUrIbQ8eICFYa43god-S8OYA;src=5627812;type=sickk0;cat=sickk0;ord=5203836196636;gtm=2wg651;auiddc=682799121.1560812603;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F
Frame ID: 0C63E6A62878E0A97B256BA9C3741097
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: A05296853FEACA04092C1D6E77ADCE01
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://email.e2rm.com/wf/click?upn=6CUSxnxUtq-2FbBCC7hxTXD-2Bn8Q4t9Cq6tot0rKVz3f-2F6k-2FDpF39uPHtD... HTTP 302
http://www.sickkidsfoundation.com/ HTTP 301
https://www.sickkidsfoundation.com/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Page Statistics

68
Requests

100 %
HTTPS

38 %
IPv6

25
Domains

35
Subdomains

27
IPs

6
Countries

3847 kB
Transfer

5450 kB
Size

1
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.sickkidsfoundation.com/donate
Title: Donate

Search URL Search Domain Scan URL

URL: https://secure.sickkidsfoundation.com/donate/onetime?utm_campaign=raptors&utm_source=homepage&utm_medium=panel1?
Title: DONATE

Search URL Search Domain Scan URL

URL: https://secure.sickkidsfoundation.com/donate/onetime?utm_campaign=raptors&utm_source=homepage&utm_medium=panel2&_ga=2.267405966.1007688290.1560173856-709977590.1558038367&_gac=1.217342242.1559674749.EAIaIQobChMIvb_Fpbvq2gIV17XACh2U0g4pEAAYASAAEgL64_D_BwE
Title: DONATE

Search URL Search Domain Scan URL

URL: https://secure.sickkidsfoundation.com/donate
Title: JOIN NOW

Search URL Search Domain Scan URL

URL: https://secure.sickkidsfoundation.com/donate/
Title: DONATE

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sickkidsfoundation
Title: FB

Search URL Search Domain Scan URL

URL: http://www.twitter.com/sickkids
Title: TW

Search URL Search Domain Scan URL

URL: http://www.youtube.com/sickkidsfoundation
Title: YT

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sickkidsvs/
Title: IG

Search URL Search Domain Scan URL

URL: http://www.imaginecanada.ca/standards

Search URL Search Domain Scan URL

URL: http://www.sickkids.ca/
Title: The Hospital For Sick Children

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.e2rm.com/wf/click?upn=6CUSxnxUtq-2FbBCC7hxTXD-2Bn8Q4t9Cq6tot0rKVz3f-2F6k-2FDpF39uPHtDQtUXsr9cI_eUuU84np9bPLll5GLc-2FHhu7XzV8OBsUOJRGfU-2Fh5fxv5D9ehdjt2bGw39qy-2FJu-2FZ9ZnQoEbBIDxLhqfy64-2FoiuW0A0E-2FN3kQ0t5I31C9OtD98NUv-2BAp9O4TgFqs3tcpY3ZFUE9KNx-2FACHaqAK3c0KcVwD68SkVFxNLhsR8d-2FGJs32waNgixWeCZ3DoyxeQsFSJyzIhIKeVpe6BcSUdvxAqLdVdZjyZ8o87Nn18jTuOPVeQDTXARBFzdcelREqvCid-2FHi9ByywZPGwuLwCU42JfdEIDKQEEeY7-2FXBKWB9iMRLahDYe3A8fRS1tEWT11oe9JR-2FU1AaLuHG3t1XgbOLJeX6mdevR8bVPDo9MtlOIaOXPG-2BvxJqIXaXEe65hRKukc3SJmoL6WoDvsw-2FrFfekilwmTY-2Fz3TzZ5HlJWGiIqLsESQl8G8hoNVmQLgy4RGgSTJ3yejRSLKxn5AHgLZllSJNQnpXfQbbvlkvT-2F2m5DcCdpWOs4XpvgNW-2FfNatcX0qLDlgBaOWkP0O6YUluXU92ivJkJ9BkxVRUDj-2FM7rVa4tUx4cPZzKml1frsyLGH5aG HTTP 302
http://www.sickkidsfoundation.com/ HTTP 301
https://www.sickkidsfoundation.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://mpp.mxptint.net/2/27791/?rnd=%n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_hm=UjM1Q0E5X0I5MzE1RkNDXzVEQzAwMTBB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_hm=UjM1Q0E5X0I5MzE1RkNDXzVEQzAwMTBB&google_tc= HTTP 302
https://aep.mxptint.net/sn.ashx HTTP 302
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R35CA9_B9315FCC_5DC0010A&redir=https://aep.mxptint.net/sn.ashx?ak=1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=75557&dpuuid=R35CA9_B9315FCC_5DC0010A&redir=https://aep.mxptint.net/sn.ashx HTTP 302
https://aep.mxptint.net/sn.ashx HTTP 302
https://ad.yieldmanager.com/cms/v1?esig=1~65c748d283ef3bc4e68485fe6275d8bb43ca6d1e&nwid=10000648255&sigv=1 HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~65c748d283ef3bc4e68485fe6275d8bb43ca6d1e&nwid=10000648255&sigv=1&_msd=1 HTTP 302
https://yhp.mxptint.net/yahoo.ashx?xid=E0

Request Chain 35

https://5627812.fls.doubleclick.net/activityi;src=5627812;type=sickk0;cat=sickk0;ord=5203836196636;gtm=2wg651;auiddc=682799121.1560812603;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F HTTP 302
https://5627812.fls.doubleclick.net/activityi;dc_pre=CNrUrIbQ8eICFYa43god-S8OYA;src=5627812;type=sickk0;cat=sickk0;ord=5203836196636;gtm=2wg651;auiddc=682799121.1560812603;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F

Request Chain 39

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j76&tid=UA-66351416-1&cid=14309878.1560812604&jid=975281330&gjid=329235773&_gid=1488599756.1560812604&_u=YGBAgAAB~&z=783121678 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66351416-1&cid=14309878.1560812604&jid=975281330&_v=j76&z=783121678 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66351416-1&cid=14309878.1560812604&jid=975281330&_v=j76&z=783121678&slf_rd=1&random=2701236055

Request Chain 58

https://bcp.crwdcntrl.net/5/c=12995?https://ad.crwdcntrl.net/5/c=12995/pe=y/callback=ci_events.pool_callback HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=12995?https://ad.crwdcntrl.net/5/c=12995/pe=y/callback=ci_events.pool_callback HTTP 302
https://ad.crwdcntrl.net/5/c=12995/pe=y/callback=ci_events.pool_callback

Request Chain 64

https://ad.doubleclick.net/ddm/activity/src=8353444;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8353444;dc_pre=CIK3yInQ8eICFRqhewodMuYC7A;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8353444;dc_pre=CIK3yInQ8eICFRqhewodMuYC7A;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 65

https://ads.connectedinteractive.com/external/dmp/custom_event/0/8092782a3475b91c78e512ffafa20c56/10784Monthly-LP-Retargeting?&cb=1560812609469 HTTP 302
https://bcp.crwdcntrl.net/5/c=12996/rand=1560812610/seg=application%20:%20appid%20184%20:%20cusevt_id%20168/seg=appgeo%20:%20country%20:%20germany%20:%20region%20:%20%20:%20city%20:%20 HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=12996/rand=1560812610/seg=application%20:%20appid%20184%20:%20cusevt_id%20168/seg=appgeo%20:%20country%20:%20germany%20:%20region%20:%20%20:%20city%20:%20

Request Chain 67

https://ads.connectedinteractive.com/external/dmp/custom_event/0/8092782a3475b91c78e512ffafa20c56/app_open?&cb=1560812609469 HTTP 302
https://bcp.crwdcntrl.net/5/c=12996/rand=1560812610/seg=application%20:%20appid%20184%20:%20cusevt_id%2013/seg=appgeo%20:%20country%20:%20germany%20:%20region%20:%20%20:%20city%20:%20 HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=12996/rand=1560812610/seg=application%20:%20appid%20184%20:%20cusevt_id%2013/seg=appgeo%20:%20country%20:%20germany%20:%20region%20:%20%20:%20city%20:%20

68 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.sickkidsfoundation.com/
Redirect Chain

http://email.e2rm.com/wf/click?upn=6CUSxnxUtq-2FbBCC7hxTXD-2Bn8Q4t9Cq6tot0rKVz3f-2F6k-2FDpF39uPHtDQtUXsr9cI_eUuU84np9bPLll5GLc-2FHhu7XzV8OBsUOJRGfU-2Fh5fxv5D9ehdjt2bGw39qy-2FJu-2FZ9ZnQoEbBIDxLhqfy6...
http://www.sickkidsfoundation.com/
https://www.sickkidsfoundation.com/

67 KB
10 KB

950ms
668ms

Document
text/html

107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f943dca12ff7d767856f81039f27225d628f4c428f05e9adcbf4711f2b36b9cf

Request headers

:method: GET
:authority: www.sickkidsfoundation.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/8.5
set-cookie: ASP.NET_SessionId=ccxh0e0zd5zfr1mkdsw2c2ge; path=/; HttpOnly visid_incap_901569=7bgjcj1JSLKIgNqAhBc1mzkcCF0AAAAAQUIPAAAAAAD1V7Vwn6+KL38jNnVF3w4e; expires=Tue, 16 Jun 2020 11:54:30 GMT; path=/; Domain=.sickkidsfoundation.com incap_ses_474_901569=V1nnORQRqH7zyCS0zv2TBjocCF0AAAAAX7Vcu7WaQuEFp73o0pbPbA==; path=/; Domain=.sickkidsfoundation.com
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Mon, 17 Jun 2019 23:03:22 GMT
x-iinfo: 10-8691055-8691056 NNNN CT(109 240 0) RT(1560812601662 0) q(0 0 4 0) r(5 7) U12
x-cdn: Incapsula

Redirect headers

Location: https://www.sickkidsfoundation.com/
Content-Length: 0
Connection: close

GET
H2 200 bootstrap-theme.min.css
www.sickkidsfoundation.com/css/dependencies/bootstrap3/ 23 KB
4 KB 481ms
478ms Stylesheet
text/css 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/css/dependencies/bootstrap3/bootstrap-theme.min.css
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 8b273fe0ae11dfeb96f7a56f1b5ecd2d76500147927ad557356faa5227d17032

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:22 GMT
content-encoding: gzip
last-modified: Tue, 09 May 2017 15:48:38 GMT
x-cdn: Incapsula
etag: "8b117fb9dbc8d21:0"
content-type: text/css
status: 200
x-iinfo: 10-8691225-8684170 2VNN RT(1560812602362 0) q(0 0 0 -1) r(5 5) U18
cache-control: max-age=604800, public
content-length: 4370
expires: Mon, 24 Jun 2019 23:03:22 GMT

GET
H2 200 bootstrap.min.css
www.sickkidsfoundation.com/css/dependencies/bootstrap3/ 118 KB
27 KB 484ms
481ms Stylesheet
text/css 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/css/dependencies/bootstrap3/bootstrap.min.css
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
content-encoding: gzip
last-modified: Tue, 09 May 2017 15:48:38 GMT
x-cdn: Incapsula
etag: "ad5f7fb9dbc8d21:0"
content-type: text/css
status: 200
x-iinfo: 10-8691226-8675407 2VNN RT(1560812602366 0) q(0 0 0 -1) r(5 5) U18
cache-control: max-age=604800, public
content-length: 27680
expires: Mon, 24 Jun 2019 23:03:23 GMT

GET
H2 200 longpage
www.sickkidsfoundation.com/bundles/css/ 100 KB
22 KB 129ms
126ms Stylesheet
text/css 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/css/longpage?v=ZQfia0mq_9SMT9rJLC4ibRLCGQtXLLbgvdt8qo6BLzs1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c77eba3dc0d4400f9d3dbf94bcb93ac2d941c14037e61636fca8606a2c097776

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:22 GMT
content-encoding: gzip
last-modified: Mon, 17 Jun 2019 23:03:22 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
x-iinfo: 10-8691227-8691056 PNNN RT(1560812602369 0) q(0 0 0 -1) r(1 1) U18
cache-control: public
content-length: 21876
x-cdn: Incapsula
expires: Tue, 16 Jun 2020 23:03:22 GMT

GET
H2 200 modernizr Show response
www.sickkidsfoundation.com/bundles/ 3 KB
2 KB 138ms
136ms Script
text/javascript 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/modernizr?v=9yygsVk3I-guoeu6EUt0fzBjgzee2gP6Y9SNVDkhZoc1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 44cec66e8f45f1c1573be7ee656b280f475f07b608982b8e68c742363d202ee1

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:22 GMT
content-encoding: gzip
last-modified: Mon, 17 Jun 2019 23:03:22 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
x-iinfo: 10-8691228-8691229 NNNN CT(0 0 0) RT(1560812602372 0) q(0 0 0 -1) r(1 1) U18
cache-control: public
content-length: 1615
x-cdn: Incapsula
expires: Tue, 16 Jun 2020 23:03:22 GMT

GET
H2 200 header Show response
www.sickkidsfoundation.com/bundles/ 159 B
431 B 137ms
135ms Script
text/javascript 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/header?v=dJ6LOVfv49i9fuAW3MbtcyjUkVM3bJ8e5r4OUmJ-dUE1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 694bc35fc07d7091b82ee02e6b7cbcacc69edb23c9dfd515a18647d684456c51

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:22 GMT
content-encoding: gzip
last-modified: Mon, 17 Jun 2019 23:03:22 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
x-iinfo: 10-8691230-8691231 NNNN CT(0 0 0) RT(1560812602375 0) q(0 0 0 -1) r(1 1) U18
cache-control: public
content-length: 214
x-cdn: Incapsula
expires: Tue, 16 Jun 2020 23:03:22 GMT

GET
H2 200 jquery Show response
www.sickkidsfoundation.com/bundles/ 91 KB
41 KB 249ms
247ms Script
text/javascript 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/jquery?v=7AMc9pBn1GIYDuJDXGstN7nku_447XMEtvGIFvLEuGs1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b6cb09e57c1ed08553566bda474cf9681c03fc4ba091731c81c78a6a4226740b

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:22 GMT
content-encoding: gzip
last-modified: Mon, 17 Jun 2019 23:03:22 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
x-iinfo: 10-8691232-8691233 NNNN CT(0 0 0) RT(1560812602376 0) q(0 0 0 -1) r(1 3) U18
cache-control: public
content-length: 42005
x-cdn: Incapsula
expires: Tue, 16 Jun 2020 23:03:22 GMT

GET
H2 200 sickkids_vs_logo.png
www.sickkidsfoundation.com/-/media/images/skf/common/ 83 KB
83 KB 736ms
734ms Image
image/png 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/common/sickkids_vs_logo.png?h=160&w=240&la=en&hash=0D0F46C58F7158769061282A6B580295AFCEB33D
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1ac1851e1d7f0afdbf8037a3cc9df67b12b7a67771545718f551b922ff73b6c4

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:22 GMT
last-modified: Mon, 24 Apr 2017 15:04:35 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
status: 200
x-iinfo: 10-8691234-8690509 2NNN RT(1560812602377 0) q(0 1 1 -1) r(7 7) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="sickkids_vs_logo.png"
accept-ranges: bytes
content-length: 84640
x-cdn: Incapsula
expires: Mon, 24 Jun 2019 23:03:23 GMT

GET
H2 200 0519069-raptors_challenge_homepage_r2.jpg
www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/top-hero-panel/ 1023 KB
1 MB 742ms
740ms Image
image/jpeg 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/top-hero-panel/0519069-raptors_challenge_homepage_r2.jpg
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f9bcfce2bd48579a31b2bef8a17adb4d8859664d2acded5c869df93e689df5bb

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:22 GMT
last-modified: Fri, 31 May 2019 19:24:25 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
status: 200
x-iinfo: 10-8691235-8690745 2NNN RT(1560812602377 0) q(0 1 1 -1) r(7 7) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="0519069 Raptors_Challenge_Homepage_r2.jpg"
accept-ranges: bytes
content-length: 1047791
x-cdn: Incapsula
expires: Mon, 24 Jun 2019 23:03:23 GMT

GET
H2 200 flag.png
www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/ 158 KB
159 KB 251ms
249ms Image
image/png 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/flag.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0d2a53d52dbdddd75ea52cb98b388faf9bc646174f4e3c618b3fb0ab027c89f7

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:22 GMT
last-modified: Thu, 01 Mar 2018 16:20:53 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
status: 200
x-iinfo: 10-8691380-8684170 2NNN RT(1560812602900 0) q(0 0 0 -1) r(2 2) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="flag.png"
accept-ranges: bytes
content-length: 161803
x-cdn: Incapsula
expires: Mon, 24 Jun 2019 23:03:23 GMT

GET
H2 200 0519069-raptors_challenge_thermometer_bg4.jpg
www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/mixed-content-vs5000/ 1 MB
1 MB 287ms
285ms Image
image/jpeg 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/mixed-content-vs5000/0519069-raptors_challenge_thermometer_bg4.jpg
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2b3b50553dd965f22d904694e23b549aa28ff7f5c8eeaa99fc4ebdc328dad71b

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:22 GMT
last-modified: Fri, 31 May 2019 19:31:21 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
status: 200
x-iinfo: 10-8691381-8675407 2NNN RT(1560812602901 0) q(0 0 0 -1) r(2 2) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="0519069 Raptors_Challenge_Thermometer_BG4.jpg"
accept-ranges: bytes
content-length: 1083383
x-cdn: Incapsula
expires: Mon, 24 Jun 2019 23:03:23 GMT

GET
H2 200 cta-block.jpg
www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/ 35 KB
35 KB 625ms
624ms Image
image/jpeg 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/cta-block.jpg
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0dbe4e359691cb6e52645dd62f303ca38a794fc0007ce21216c970618bf34c3f

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
last-modified: Thu, 28 Sep 2017 16:24:07 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
status: 200
x-iinfo: 10-8691382-8690778 2NNN RT(1560812602901 0) q(0 0 0 -1) r(6 6) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="cta-block.jpg"
accept-ranges: bytes
content-length: 35839
x-cdn: Incapsula
expires: Mon, 24 Jun 2019 23:03:23 GMT

GET
H2 200 homepage_-fundthefight_ca_crews_1481x892.jpg
www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/mixed-content-vs5000/ 781 KB
785 KB 853ms
852ms Image
image/jpeg 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/homepage-mixed-component-images/mixed-content-vs5000/homepage_-fundthefight_ca_crews_1481x892.jpg
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0ce500b30c2ad8c54aa8f557f3b312e1451a685af1050d9c25ece1c561a8acb5

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
last-modified: Fri, 21 Dec 2018 19:14:21 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
status: 200
x-iinfo: 10-8691383-8686684 2NNN RT(1560812602902 0) q(0 6 6 -1) r(8 8) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="Homepage_ fundthefight_ca_Crews_1481x892.jpg"
accept-ranges: bytes
content-length: 800203
x-cdn: Incapsula
expires: Mon, 24 Jun 2019 23:03:23 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 318 KB
50 KB 91ms
90ms Script
application/javascript 2a00:1450:4001:809::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6980b21c71241d5f501f4f3f9e4b73313e37b34b2fb29e12250d5be4a47bb677

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
content-encoding: br
last-modified: Thu, 13 Jun 2019 17:57:39 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 51526
x-xss-protection: 0
expires: Mon, 17 Jun 2019 23:03:23 GMT

GET
H2 200 longpage Show response
www.sickkidsfoundation.com/bundles/ 26 KB
11 KB 140ms
139ms Script
text/javascript 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/longpage?v=znuKl3m7ZKp6rrhj-olcoT_erUeXjYuV-V3qDmagw-A1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 06ee1945f49d2b63fb4bd1e21c880cfd59480b896aa570edf42d46a78706947c

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:22 GMT
content-encoding: gzip
last-modified: Mon, 17 Jun 2019 23:03:23 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
x-iinfo: 10-8691378-8691233 PNNN RT(1560812602899 0) q(0 0 0 -1) r(2 2) U18
cache-control: public
content-length: 11071
x-cdn: Incapsula
expires: Tue, 16 Jun 2020 23:03:23 GMT

GET
H2 200 desktop-header-background.png
www.sickkidsfoundation.com/images/ 40 KB
41 KB 806ms
805ms Image
image/png 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/desktop-header-background.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: d6af43677b5ee5433fab178cd71cfe6e141078fb257c7a73bc320ec9766f3e02

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/longpage?v=ZQfia0mq_9SMT9rJLC4ibRLCGQtXLLbgvdt8qo6BLzs1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
last-modified: Tue, 09 May 2017 15:48:38 GMT
x-cdn: Incapsula
etag: "a6658fb9dbc8d21:0"
content-type: image/png
status: 200
x-iinfo: 10-8691385-8690380 2VNN RT(1560812602916 0) q(0 6 6 -1) r(8 8) U18
cache-control: max-age=604800, public
content-length: 41317
expires: Mon, 24 Jun 2019 23:03:23 GMT

GET
H2 200 scroll-notice.png
www.sickkidsfoundation.com/images/longpage/ 3 KB
3 KB 812ms
811ms Image
image/png 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/longpage/scroll-notice.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 9611157a5a58bb3e7b32b98a53aaa7f8ef7043e1748a638923f567cb01cfcb3d

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/longpage?v=ZQfia0mq_9SMT9rJLC4ibRLCGQtXLLbgvdt8qo6BLzs1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
last-modified: Tue, 31 Oct 2017 15:23:30 GMT
x-cdn: Incapsula
etag: "d91a1f355c52d31:0"
content-type: image/png
status: 200
x-iinfo: 10-8691386-8690780 2VNN RT(1560812602918 0) q(0 7 7 -1) r(8 8) U18
cache-control: max-age=604800, public
content-length: 3393
expires: Mon, 24 Jun 2019 23:03:23 GMT

GET
H2 200 sickkids-footer-logo.png
www.sickkidsfoundation.com/images/ 3 KB
3 KB 849ms
848ms Image
image/png 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/sickkids-footer-logo.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: a9bae822288365e478a012a878f420a8d882140366921b778ee6f04883aaa96b

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/longpage?v=ZQfia0mq_9SMT9rJLC4ibRLCGQtXLLbgvdt8qo6BLzs1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
last-modified: Tue, 09 May 2017 15:48:38 GMT
x-cdn: Incapsula
etag: "3ca397b9dbc8d21:0"
content-type: image/png
status: 200
x-iinfo: 10-8691387-8690778 2VNN RT(1560812602919 0) q(0 7 7 -1) r(8 8) U18
cache-control: max-age=604800, public
content-length: 3055
expires: Mon, 24 Jun 2019 23:03:23 GMT

GET
H2 200 trustmark.png
www.sickkidsfoundation.com/images/ 17 KB
17 KB 928ms
928ms Image
image/png 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/trustmark.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: f70d6b776764d40f70d36c0d47cbf3cf94d8cfa967b5249d986c0dc5e6f8ab89

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/longpage?v=ZQfia0mq_9SMT9rJLC4ibRLCGQtXLLbgvdt8qo6BLzs1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:24 GMT
last-modified: Tue, 31 Oct 2017 15:23:30 GMT
x-cdn: Incapsula
etag: "ea411f355c52d31:0"
content-type: image/png
status: 200
x-iinfo: 10-8691388-8690380 2VNN RT(1560812602920 0) q(0 8 8 -1) r(9 9) U18
cache-control: max-age=604800, public
content-length: 16916
expires: Mon, 24 Jun 2019 23:03:24 GMT

GET
H2 200 footer-hbar-dots.png
www.sickkidsfoundation.com/images/ 105 B
245 B 931ms
931ms Image
image/png 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/footer-hbar-dots.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 61ed697adcb10f1530bf63fd24d054c4b349911eb7e32d73300ebec8b792af65

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/longpage?v=ZQfia0mq_9SMT9rJLC4ibRLCGQtXLLbgvdt8qo6BLzs1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:24 GMT
last-modified: Tue, 09 May 2017 15:48:38 GMT
x-cdn: Incapsula
etag: "fa7292b9dbc8d21:0"
content-type: image/png
status: 200
x-iinfo: 10-8691389-8690509 2VNN RT(1560812602920 0) q(0 8 8 -1) r(9 9) U18
cache-control: max-age=604800, public
content-length: 105
expires: Mon, 24 Jun 2019 23:03:24 GMT

GET
H2 200 Montserrat-Regular.woff2
www.sickkidsfoundation.com/fonts/ 9 KB
10 KB 272ms
269ms Font
font/woff2 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Montserrat-Regular.woff2
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 905de7fd4899868cd6349387996673bd1cdfe3768d409f844bd8b0796b0f35ec

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.sickkidsfoundation.com/bundles/css/longpage?v=ZQfia0mq_9SMT9rJLC4ibRLCGQtXLLbgvdt8qo6BLzs1
Origin: https://www.sickkidsfoundation.com

Response headers

date: Mon, 17 Jun 2019 23:03:22 GMT
etag: "a6a51e355c52d31:0"
last-modified: Tue, 31 Oct 2017 15:23:30 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: font/woff2
status: 200
x-iinfo: 10-8691390-8691233 PNNN RT(1560812602927 0) q(0 1 1 -1) r(2 2) U18
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9624
x-cdn: Incapsula

GET
H2 200 Montserrat-Bold.woff2
www.sickkidsfoundation.com/fonts/ 9 KB
10 KB 389ms
388ms Font
font/woff2 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Montserrat-Bold.woff2
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 764321796f5e9fa203bf462c491502a824f60e5e1a5f81be8f00cad70528207b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.sickkidsfoundation.com/bundles/css/longpage?v=ZQfia0mq_9SMT9rJLC4ibRLCGQtXLLbgvdt8qo6BLzs1
Origin: https://www.sickkidsfoundation.com

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
etag: "957e1e355c52d31:0"
last-modified: Tue, 31 Oct 2017 15:23:30 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: font/woff2
status: 200
x-iinfo: 10-8691391-8691233 PNNN RT(1560812602928 0) q(0 2 2 -1) r(3 3) U18
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9588
x-cdn: Incapsula

GET
H2 200 skf.woff
www.sickkidsfoundation.com/fonts/ 5 KB
5 KB 508ms
507ms Font
font/x-woff 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/skf.woff
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 14e0e9e6ada3040dacca5c75fa38a833a2c07e07313f4c597da40c0a9d563d90

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.sickkidsfoundation.com/bundles/css/longpage?v=ZQfia0mq_9SMT9rJLC4ibRLCGQtXLLbgvdt8qo6BLzs1
Origin: https://www.sickkidsfoundation.com

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
last-modified: Fri, 15 Mar 2019 18:51:28 GMT
x-cdn: Incapsula
etag: "0b8cc1860dbd41:0"
content-type: font/x-woff
status: 200
x-iinfo: 10-8691392-8690380 2VNN RT(1560812602928 0) q(0 3 3 -1) r(5 5) U18
cache-control: max-age=604800, public
content-length: 5400
expires: Mon, 24 Jun 2019 23:03:23 GMT

GET
H2 200 Oswald-Light.woff2
www.sickkidsfoundation.com/fonts/ 21 KB
21 KB 549ms
549ms Font
font/woff2 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Oswald-Light.woff2
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 92d37ecd96baf17cac29d16b9f2ff45ef00d4179e5d1f7ab786a4005d3b8e2ff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.sickkidsfoundation.com/bundles/css/longpage?v=ZQfia0mq_9SMT9rJLC4ibRLCGQtXLLbgvdt8qo6BLzs1
Origin: https://www.sickkidsfoundation.com

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
etag: "b7cc1e355c52d31:0"
last-modified: Tue, 31 Oct 2017 15:23:30 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: font/woff2
status: 200
x-iinfo: 10-8691393-8691233 PNNN RT(1560812602935 0) q(0 4 4 -1) r(5 5) U18
cache-control: max-age=604800
accept-ranges: bytes
content-length: 21008
x-cdn: Incapsula

GET
H2 200 Oswald-Bold.woff2
www.sickkidsfoundation.com/fonts/ 17 KB
17 KB 677ms
663ms Font
font/woff2 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Oswald-Bold.woff2
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1598d5561779547d3fb26f8c6d016653de34203d8ac2b711cc64cb22356db68a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.sickkidsfoundation.com/bundles/css/longpage?v=ZQfia0mq_9SMT9rJLC4ibRLCGQtXLLbgvdt8qo6BLzs1
Origin: https://www.sickkidsfoundation.com

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
etag: "a6a51e355c52d31:0"
last-modified: Tue, 31 Oct 2017 15:23:30 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: font/woff2
status: 200
x-iinfo: 10-8691394-8691056 PNNN RT(1560812602938 0) q(0 5 5 -1) r(6 6) U18
cache-control: max-age=604800
accept-ranges: bytes
content-length: 17504
x-cdn: Incapsula

GET
H2 200 Oswald-Regular.woff2
www.sickkidsfoundation.com/fonts/ 16 KB
16 KB 684ms
673ms Font
font/woff2 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Oswald-Regular.woff2
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 51f7f156fa7d1ca539d8c26cc8f8e4dfc5c8ebe6d75c1ec906a3bac51e202120

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.sickkidsfoundation.com/bundles/css/longpage?v=ZQfia0mq_9SMT9rJLC4ibRLCGQtXLLbgvdt8qo6BLzs1
Origin: https://www.sickkidsfoundation.com

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
etag: "c8f31e355c52d31:0"
last-modified: Tue, 31 Oct 2017 15:23:30 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-type: font/woff2
status: 200
x-iinfo: 10-8691395-8691233 PNNN RT(1560812602938 0) q(0 5 5 -1) r(6 7) U18
cache-control: max-age=604800
accept-ranges: bytes
content-length: 16020
x-cdn: Incapsula

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 976
date: Mon, 17 Jun 2019 22:47:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17595
expires: Tue, 18 Jun 2019 00:47:07 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 91ms
90ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: 134d9689dd766fbea01b7b16563704e655883a93b76f55a6acf999f67510f8b5

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
content-encoding: gzip
last-modified: Tue, 28 May 2019 20:50:22 GMT
x-msedge-ref: Ref A: 4E387ED268F24773A737684E475B5920 Ref B: VIEEDGE0314 Ref C: 2019-06-17T23:03:23Z
access-control-allow-origin: *
etag: "03b90f79615d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7104

GET
H2 200 hotjar-302599.js Show response
static.hotjar.com/c/ 3 KB
2 KB 115ms
114ms Script
application/javascript 147.75.205.49
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-302599.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.205.49 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-26

Software

openresty /

Resource Hash

3aa31b0d81e57dcb5014144d2cceed6912ddf6db1a959ae379f170895519bc78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 0
status: 200
access-control-max-age: 600
section-io-cache: Miss
x-cache-hit: 1
server: openresty
x-frame-options: SAMEORIGIN
etag: W/539b99453e82bd3c6539613b26406393
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.075
accept-ranges: bytes
section-io-id: d64547a82f621471ae1c9f4f97b0520f

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 308ms
12ms Script
application/javascript 151.101.36.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.36.157 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
content-encoding: gzip
age: 27590
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-ams21039-AMS
last-modified: Tue, 23 Jan 2018 19:05:33 GMT
x-timer: S1560812604.643145,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 23 KB
9 KB 310ms
16ms Script
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 8912
x-xss-protection: 0
server: cafe
etag: 11386026576561889187
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 Jun 2019 23:03:23 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 53 KB
16 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 16120
x-xss-protection: 0
pragma: public
x-fb-debug: YvC+5aatphCf6iL2sz+ev1l8Lc1rklHlftkzhm+D0C9W9uKHR4AY7PbUbeDhEVbZMIciH+eQcS/IlFBLt8gapg==
x-fb-trip-id: 1475214379
date: Mon, 17 Jun 2019 23:03:23 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
1 KB 131ms
22ms Script
application/javascript 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

73867787bab9950a399984f532775d1cd09c05f9f0e350b5d1a7e6462a4c7b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 EST

GET
H/1.1 200
OK ci_events.js Show response
d3htn85c6cao65.cloudfront.net/libraries/ 25 KB
25 KB 1109ms
7ms Script
application/javascript 143.204.208.43
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d3htn85c6cao65.cloudfront.net/libraries/ci_events.js
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.43 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-208-43.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 343fafd4eecdaa61e4e2df66640fba9583346b7257ebeb8af8797ad9eb87b333

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 16 Jun 2019 20:20:19 GMT
Via: 1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jul 2018 15:45:44 GMT
Server: AmazonS3
Age: 5207
ETag: "72b8f49e0b2f8c630b4ffb85f55d6c79"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25243
X-Amz-Cf-Id: REHA2lQkTXIUEGCvjBlNBsub0dWX-I7v87mKbo4HNaSx4gweu7imEw==

GET
H/1.1

200
OK

yahoo.ashx
yhp.mxptint.net/
Redirect Chain

https://mpp.mxptint.net/2/27791/?rnd=%n
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_hm=UjM1Q0E5X0I5MzE1RkNDXzVEQzAwMTBB
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_hm=UjM1Q0E5X0I5MzE1RkNDXzVEQzAwMTBB&google_tc=
https://aep.mxptint.net/sn.ashx
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R35CA9_B9315FCC_5DC0010A&redir=https://aep.mxptint.net/sn.ashx?ak=1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=75557&dpuuid=R35CA9_B9315FCC_5DC0010A&redir=https://aep.mxptint.net/sn.ashx
https://aep.mxptint.net/sn.ashx
https://ad.yieldmanager.com/cms/v1?esig=1~65c748d283ef3bc4e68485fe6275d8bb43ca6d1e&nwid=10000648255&sigv=1
https://ads.yahoo.com/cms/v1?esig=1~65c748d283ef3bc4e68485fe6275d8bb43ca6d1e&nwid=10000648255&sigv=1&_msd=1
https://yhp.mxptint.net/yahoo.ashx?xid=E0

43 B
266 B

719ms
139ms

Image
image/gif

204.2.255.237
NTT America

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yhp.mxptint.net/yahoo.ashx?xid=E0

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.255.237 , United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=-243799408; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 23:03:28 GMT
Cache-Control: no-cache
Content-Type: image/gif
Content-Length: 43
Strict-Transport-Security: max-age=-243799408; includeSubDomains
Expires: -1

Redirect headers

Date: Mon, 17 Jun 2019 23:03:28 GMT
X-Content-Type-Options: nosniff
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location: https://yhp.mxptint.net/yahoo.ashx?xid=E0
Cache-Control: private
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
260 B 139ms
31ms Image
image/gif 52.51.120.75
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=tkox4xf&ct=0:h5zomvk&fmt=3
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.120.75 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-51-120-75.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Mon, 17 Jun 2019 23:03:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type: image/gif

GET
H2

200

activityi;dc_pre=CNrUrIbQ8eICFYa43god-S8OYA;src=5627812;type=sickk0;cat=sickk0;ord=5203836196636;gtm=2wg651;auiddc=682799121.1560812603;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F
5627812.fls.doubleclick.net/ Frame 0C63
Redirect Chain

https://5627812.fls.doubleclick.net/activityi;src=5627812;type=sickk0;cat=sickk0;ord=5203836196636;gtm=2wg651;auiddc=682799121.1560812603;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F?
https://5627812.fls.doubleclick.net/activityi;dc_pre=CNrUrIbQ8eICFYa43god-S8OYA;src=5627812;type=sickk0;cat=sickk0;ord=5203836196636;gtm=2wg651;auiddc=682799121.1560812603;~oref=https%3A%2F%2Fwww.s...

0
0

27ms
26ms

Document
text/html

172.217.22.6
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://5627812.fls.doubleclick.net/activityi;dc_pre=CNrUrIbQ8eICFYa43god-S8OYA;src=5627812;type=sickk0;cat=sickk0;ord=5203836196636;gtm=2wg651;auiddc=682799121.1560812603;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.6 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5627812.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CNrUrIbQ8eICFYa43god-S8OYA;src=5627812;type=sickk0;cat=sickk0;ord=5203836196636;gtm=2wg651;auiddc=682799121.1560812603;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.sickkidsfoundation.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.sickkidsfoundation.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Mon, 17 Jun 2019 23:03:23 GMT
expires: Mon, 17 Jun 2019 23:03:23 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 851
x-xss-protection: 0
set-cookie: IDE=AHWqTUkK_OQweS0IFqtsDL03FJbfsIFi242rtH2EI35wYxHViZVzCiH9NwLX2lOi; expires=Sat, 11-Jul-2020 23:03:23 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Mon, 17 Jun 2019 23:03:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5627812.fls.doubleclick.net/activityi;dc_pre=CNrUrIbQ8eICFYa43god-S8OYA;src=5627812;type=sickk0;cat=sickk0;ord=5203836196636;gtm=2wg651;auiddc=682799121.1560812603;~oref=https%3A%2F%2Fwww.sickkidsfoundation.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 17-Jun-2019 23:18:23 GMT; path=/; domain=.doubleclick.net
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 _Incapsula_Resource Show response
www.sickkidsfoundation.com/ 113 KB
16 KB 41ms
12ms Script
application/javascript 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=412380485
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 2eba6ab2d39bca6a4510b75728da4304248c481d2c2ed20fbc281509d8b7832e

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-encoding: gzip
cache-control: no-cache
content-length: 16534
content-type: application/javascript

GET
DATA 200
OK truncated
/ 207 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8435aa6b4c48c34a0c144ef1ff3a9ff10559ecc2b4331c8de0673923032266f3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 collect
www.google-analytics.com/ 35 B
100 B 6ms
5ms Image
image/gif 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j76&a=936464607&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&ul=en-us&de=UTF-8&dt=SickKids%20Foundation%20%7C%20Donate&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBAgAAB~&jid=975281330&gjid=329235773&cid=14309878.1560812604&tid=UA-66351416-1&_gid=1488599756.1560812604&gtm=2wg651NJ4P25&z=321234214

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jun 2019 20:58:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 353078
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j76&tid=UA-66351416-1&cid=14309878.1560812604&jid=975281330&gjid=329235773&_gid=1488599756.1560812604&_u=YGBAgAAB~&z=783121678
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66351416-1&cid=14309878.1560812604&jid=975281330&_v=j76&z=783121678
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66351416-1&cid=14309878.1560812604&jid=975281330&_v=j76&z=783121678&slf_rd=1&random=2701236055

42 B
109 B

19ms
18ms

Image
image/gif

2a00:1450:4001:81a::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66351416-1&cid=14309878.1560812604&jid=975281330&_v=j76&z=783121678&slf_rd=1&random=2701236055

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jun 2019 23:03:23 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Jun 2019 23:03:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66351416-1&cid=14309878.1560812604&jid=975281330&_v=j76&z=783121678&slf_rd=1&random=2701236055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 250085185187976 Show response
connect.facebook.net/signals/config/ 229 KB
61 KB 95ms
93ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/250085185187976?v=2.8.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

8f2fa112ef5176cde349013f13b790b90146e86b11553c1b5dba56f9afc65438

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: rDCWBQCQHPGY6HZf3lxQ7eCE/9ZBoEei+rX8GWNOaWue0N8aNQucxuNdl0hd/0yNtu83oHxaA0+GDFxJ6AQ74w==
x-fb-trip-id: 1475214379
date: Mon, 17 Jun 2019 23:03:23 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 _Incapsula_Resource
www.sickkidsfoundation.com/ 1 B
261 B 12ms
10ms Image
text/plain 107.154.141.76
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/_Incapsula_Resource?SWKMTFSR=1&e=0.10504171970272935
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
cache-control: no-cache
content-length: 1
content-type: text/plain

GET
H2 204 0
bat.bing.com/action/ 0
173 B 54ms
53ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5435606&Ver=2&mid=b31b060e-aef7-081b-51aa-a1196f6788aa&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=SickKids%20Foundation%20%7C%20Donate&kw=SickKids%20Foundation,%20hospital%20foundation,%20children%27s%20hospital%20foundation,%20donate,%20donate%20online,%20children%27s%20charity,%20fund%20the%20fight,%20fundthefight.ca&p=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&r=&lt=2397&evt=pageLoad&msclkid=N&rn=576412
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Mon, 17 Jun 2019 23:03:23 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: A11361C298F24EEFA1528D946D4B2670 Ref B: VIEEDGE0314 Ref C: 2019-06-17T23:03:23Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.31094306258710c05685.js Show response
script.hotjar.com/ 425 KB
89 KB 18ms
18ms Script
application/javascript 147.75.83.82
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.31094306258710c05685.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-302599.js?sv=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.83.82 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-29

Software

Resource Hash

02db9bd610431880577c759cb9cca168c71f01f33595c0826233846d1ed973d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 17 Jun 2019 13:59:38 GMT
access-control-allow-origin: *
etag: W/"0b894af1299c24f3e38ad09e2e175aea"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.045
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: 9fa462fa5c46ff2c9fd60bf380ca4c0a
content-length: 90732

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vfll-F3yY/ 21 KB
8 KB 57ms
8ms Script
text/javascript 2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vfll-F3yY/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

918d6f7f35596b6c29b497fe89c4db297a0a23e05025f14c78eac356ce927766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 12:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37363
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 8048
x-xss-protection: 0
last-modified: Fri, 14 Jun 2019 11:44:28 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 25 Jun 2019 12:40:40 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
896 B 9ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.51

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: yZ2szjYtvRw1l8M44dz7o7SIR1VELuX/syBAn6/azrv4z78u5R0/q5GYsuFWxGBzvc97LHm/Y2hud69ushN38g==
x-fb-trip-id: 1475214379
date: Mon, 17 Jun 2019 23:03:23 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1036497480/ 2 KB
1 KB 77ms
21ms Script
text/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036497480/?random=1560812603790&cv=9&fst=1560812603790&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg651&sendb=1&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

770142cbc36ac61d1bc627bf3b8b90a9f21ba3643c9e0bfe592371e54db0db2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jun 2019 23:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 951
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
487 B 399ms
122ms Image
image/gif 104.244.42.69
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxw6l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 112
pragma: no-cache
last-modified: Mon, 17 Jun 2019 23:03:24 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 9083d2b79fc9e4bb86b7d56aebdf6719
x-transaction: 000a42f5000c362d
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame A052 0
0 25ms
23ms Document
text/html 147.75.83.19
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-302599.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.83.19 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-24
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-90f3a29ef7448451db5af955688970d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.sickkidsfoundation.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.sickkidsfoundation.com/

Response headers

status: 200
date: Mon, 17 Jun 2019 23:03:23 GMT
content-type: text/html
content-length: 967
cache-control: max-age=31536000
last-modified: Tue, 30 Apr 2019 14:57:42 GMT
section-io-origin-status: 200
section-io-origin-time-seconds: 0.024
etag: W/"90f3a29ef7448451db5af955688970d7"
content-encoding: gzip
vary: Accept-Encoding
accept-ranges: bytes
section-io-id: e3b77fbc1be98ad9466e6bd9fa193d5c

GET
H2 200 1728472720702530 Show response
connect.facebook.net/signals/config/ 229 KB
60 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1728472720702530?v=2.8.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

c87f98341f05aeed93726e420d4bb189a9e39fbed4b3ccf20d33e32078fea425

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 61435
x-xss-protection: 0
pragma: public
x-fb-debug: B4zjnDU/3W/UjBvJM7/dSRkWC5Z7TAsmlbne4k2iGLNRVwcyMjYSELAApPm4DrAWcNtGgBIaty5c+nYEl9iY6A==
x-fb-trip-id: 1475214379
date: Mon, 17 Jun 2019 23:03:23 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
246 B 8ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=250085185187976&ev=PageView&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&rl=&if=false&ts=1560812603836&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=30&fbp=fb.1.1560812603835.346884152&it=1560812603555&coo=false&rqm=GET

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 17 Jun 2019 23:03:23 GMT

GET
H2 200 2221960961415648 Show response
connect.facebook.net/signals/config/ 228 KB
61 KB 99ms
98ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2221960961415648?v=2.8.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

56b6a74122cfb0f974a633ca015cdce119625e0836d48fa161aa99fc34d23ca6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: GoN8xQiywIPJ+dVp0+nFfKYCrLk2vlMpdRt8I40Ntoxb1rkNANdt9W2kT7jY4ygEbUxn+t+ibXWTYT+qAHQo8A==
x-fb-trip-id: 1475214379
date: Mon, 17 Jun 2019 23:03:23 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
99 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1728472720702530&ev=PageView&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&rl=&if=false&ts=1560812603898&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=30&fbp=fb.1.1560812603835.346884152&it=1560812603555&coo=false&rqm=GET

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 17 Jun 2019 23:03:23 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1036497480/ 42 B
120 B 22ms
22ms Image
image/gif 2a00:1450:4001:816::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1036497480/?random=1560812603790&cv=9&fst=1560812400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg651&sendb=1&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&async=1&fmt=3&cdct=2&is_vtc=1&random=3335880455&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jun 2019 23:03:23 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1036497480/ 42 B
109 B 24ms
24ms Image
image/gif 2a00:1450:4001:81a::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1036497480/?random=1560812603790&cv=9&fst=1560812400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg651&sendb=1&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&tiba=SickKids%20Foundation%20%7C%20Donate&async=1&fmt=3&cdct=2&is_vtc=1&random=3335880455&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jun 2019 23:03:23 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
145 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2221960961415648&ev=PageView&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&rl=&if=false&ts=1560812604024&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=30&fbp=fb.1.1560812603835.346884152&it=1560812603555&coo=false&rqm=GET

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 17 Jun 2019 23:03:24 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
99 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=250085185187976&ev=Microdata&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&rl=&if=false&ts=1560812604339&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SickKids%20Foundation%20%7C%20Donate%22%2C%22meta%3Adescription%22%3A%22Your%20donations%20directly%20support%20SickKids%20Foundation.%20%20Funds%20are%20distributed%20in%20the%20areas%20of%20most%20need%20including%20research%2C%20clinical%20advances%20and%20compassionate%20care%20at%20The%20Hospital%20for%20Sick%20Children.%22%2C%22meta%3Akeywords%22%3A%22SickKids%20Foundation%2C%20hospital%20foundation%2C%20children%27s%20hospital%20foundation%2C%20donate%2C%20donate%20online%2C%20children%27s%20charity%2C%20fund%20the%20fight%2C%20fundthefight.ca%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Double%20your%20impact!%22%2C%22og%3Adescription%22%3A%22Become%20a%20new%20monthly%20donor%20and%20get%20your%20donation%20matched%20for%20a%20year!*%20Join%20me.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.sickkidsfoundation.com%3A443%2F-%2Fmedia%2Fimages%2Fskf%2Fhomepage%2Fsocialsharephoto.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.51&r=stable&ec=1&o=30&fbp=fb.1.1560812603835.346884152&it=1560812603555&coo=false&es=automatic&rqm=GET

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 17 Jun 2019 23:03:24 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
99 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1728472720702530&ev=Microdata&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&rl=&if=false&ts=1560812604401&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SickKids%20Foundation%20%7C%20Donate%22%2C%22meta%3Adescription%22%3A%22Your%20donations%20directly%20support%20SickKids%20Foundation.%20%20Funds%20are%20distributed%20in%20the%20areas%20of%20most%20need%20including%20research%2C%20clinical%20advances%20and%20compassionate%20care%20at%20The%20Hospital%20for%20Sick%20Children.%22%2C%22meta%3Akeywords%22%3A%22SickKids%20Foundation%2C%20hospital%20foundation%2C%20children%27s%20hospital%20foundation%2C%20donate%2C%20donate%20online%2C%20children%27s%20charity%2C%20fund%20the%20fight%2C%20fundthefight.ca%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Double%20your%20impact!%22%2C%22og%3Adescription%22%3A%22Become%20a%20new%20monthly%20donor%20and%20get%20your%20donation%20matched%20for%20a%20year!*%20Join%20me.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.sickkidsfoundation.com%3A443%2F-%2Fmedia%2Fimages%2Fskf%2Fhomepage%2Fsocialsharephoto.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.51&r=stable&ec=1&o=30&fbp=fb.1.1560812603835.346884152&it=1560812603555&coo=false&es=automatic&rqm=GET

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 17 Jun 2019 23:03:24 GMT

GET
H/1.1

200
OK

callback=ci_events.pool_callback Show response
ad.crwdcntrl.net/5/c=12995/pe=y/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=12995?https://ad.crwdcntrl.net/5/c=12995/pe=y/callback=ci_events.pool_callback
https://bcp.crwdcntrl.net/5/ct=y/c=12995?https://ad.crwdcntrl.net/5/c=12995/pe=y/callback=ci_events.pool_callback
https://ad.crwdcntrl.net/5/c=12995/pe=y/callback=ci_events.pool_callback

0
0

133ms
33ms

Script
application/json

34.249.111.226
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=12995/pe=y/callback=ci_events.pool_callback
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.111.226 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-249-111-226.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

Redirect headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 23:03:24 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://ad.crwdcntrl.net/5/c=12995/pe=y/callback=ci_events.pool_callback
Cache-Control: no-cache
X-Server: 10.45.11.10
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
99 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2221960961415648&ev=Microdata&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2F&rl=&if=false&ts=1560812604525&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SickKids%20Foundation%20%7C%20Donate%22%2C%22meta%3Adescription%22%3A%22Your%20donations%20directly%20support%20SickKids%20Foundation.%20%20Funds%20are%20distributed%20in%20the%20areas%20of%20most%20need%20including%20research%2C%20clinical%20advances%20and%20compassionate%20care%20at%20The%20Hospital%20for%20Sick%20Children.%22%2C%22meta%3Akeywords%22%3A%22SickKids%20Foundation%2C%20hospital%20foundation%2C%20children%27s%20hospital%20foundation%2C%20donate%2C%20donate%20online%2C%20children%27s%20charity%2C%20fund%20the%20fight%2C%20fundthefight.ca%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Double%20your%20impact!%22%2C%22og%3Adescription%22%3A%22Become%20a%20new%20monthly%20donor%20and%20get%20your%20donation%20matched%20for%20a%20year!*%20Join%20me.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.sickkidsfoundation.com%3A443%2F-%2Fmedia%2Fimages%2Fskf%2Fhomepage%2Fsocialsharephoto.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.51&r=stable&ec=1&o=30&fbp=fb.1.1560812603835.346884152&it=1560812603555&coo=false&es=automatic&rqm=GET

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 17 Jun 2019 23:03:24 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
672 B 152ms
122ms Script
application/javascript 104.244.42.67
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxw6l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.sickkidsfoundation.com%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 23:03:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 115
pragma: no-cache
last-modified: Mon, 17 Jun 2019 23:03:29 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 4ab2bf362f2a9642c9b1f2291e13f16d
x-transaction: 002db36a00122dfb
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK app_open Show response
ads.connectedinteractive.com/api/web/100/8092782a3475b91c78e512ffafa20c56/ 136 B
724 B 756ms
252ms XHR
text/html 50.23.67.73
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.connectedinteractive.com/api/web/100/8092782a3475b91c78e512ffafa20c56/app_open?pool_uuid=-1&pool_region=-1&ci_js_uuid=beb2e210-1329-4ade-8e5b-0ded5648aa6b&cb=1560812609469
Requested by: Host: d3htn85c6cao65.cloudfront.net
URL: https://d3htn85c6cao65.cloudfront.net/libraries/ci_events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.23.67.73 San Jose, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 49.43.1732.ip4.static.sl-reverse.com
Software: nginx/1.8.1 / PHP/5.6.40
Resource Hash: 52527fad6787aa1c021c5c1937c37407f3df159904bc8703ebbd6478ae11ff43

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.sickkidsfoundation.com/
Origin: https://www.sickkidsfoundation.com

Response headers

Date: Mon, 17 Jun 2019 23:02:45 GMT
PMM-Response: 0
Server: nginx/1.8.1
Access-Control-Allow-Origin: https://www.sickkidsfoundation.com
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=utf-8
CI-User-New: true
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

GET
H/1.1 200
OK 10784Monthly-LP-Retargeting Show response
ads.connectedinteractive.com/api/web/100/8092782a3475b91c78e512ffafa20c56/ 299 B
888 B 731ms
228ms XHR
text/html 50.23.67.73
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.connectedinteractive.com/api/web/100/8092782a3475b91c78e512ffafa20c56/10784Monthly-LP-Retargeting?pool_uuid=-1&pool_region=-1&ci_js_uuid=beb2e210-1329-4ade-8e5b-0ded5648aa6b&cb=1560812609469
Requested by: Host: d3htn85c6cao65.cloudfront.net
URL: https://d3htn85c6cao65.cloudfront.net/libraries/ci_events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.23.67.73 San Jose, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 49.43.1732.ip4.static.sl-reverse.com
Software: nginx/1.8.1 / PHP/5.6.40
Resource Hash: c15b8a1478b9adf740c9de824ae2481e22862820f1ee97f74958b5fe03e0eef4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.sickkidsfoundation.com/
Origin: https://www.sickkidsfoundation.com

Response headers

Date: Mon, 17 Jun 2019 23:02:45 GMT
PMM-Response: 0
Server: nginx/1.8.1
Access-Control-Allow-Origin: https://www.sickkidsfoundation.com
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=utf-8
CI-User-New: true
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

GET
H/1.1 200
OK 10783--LP-Retargeting Show response
ads.connectedinteractive.com/api/web/100/c4a103bd3358fe0206b987b42fac6906/ 149 B
737 B 755ms
252ms XHR
text/html 50.23.67.73
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.connectedinteractive.com/api/web/100/c4a103bd3358fe0206b987b42fac6906/10783--LP-Retargeting?pool_uuid=-1&pool_region=-1&ci_js_uuid=beb2e210-1329-4ade-8e5b-0ded5648aa6b&cb=1560812609469
Requested by: Host: d3htn85c6cao65.cloudfront.net
URL: https://d3htn85c6cao65.cloudfront.net/libraries/ci_events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.23.67.73 San Jose, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 49.43.1732.ip4.static.sl-reverse.com
Software: nginx/1.8.1 / PHP/5.6.40
Resource Hash: 605a927f5de55a8b242cb852f265db408ebe8b394742c26da43b4a16826094b6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.sickkidsfoundation.com/
Origin: https://www.sickkidsfoundation.com

Response headers

Date: Mon, 17 Jun 2019 23:02:45 GMT
PMM-Response: 0
Server: nginx/1.8.1
Access-Control-Allow-Origin: https://www.sickkidsfoundation.com
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/html; charset=utf-8
CI-User-New: true
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

src=8353444;dc_pre=CIK3yInQ8eICFRqhewodMuYC7A;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8353444;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=8353444;dc_pre=CIK3yInQ8eICFRqhewodMuYC7A;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://adservice.google.com/ddm/fls/z/src=8353444;dc_pre=CIK3yInQ8eICFRqhewodMuYC7A;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

42 B
109 B

18ms
17ms

Image
image/gif

2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8353444;dc_pre=CIK3yInQ8eICFRqhewodMuYC7A;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jun 2019 23:03:30 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Jun 2019 23:03:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://adservice.google.com/ddm/fls/z/src=8353444;dc_pre=CIK3yInQ8eICFRqhewodMuYC7A;type=invmedia;cat=pmmblpuf;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

seg=appgeo%20:%20country%20:%20germany%20:%20region%20:%20%20:%20city%20:%20
bcp.crwdcntrl.net/5/ct=y/c=12996/rand=1560812610/seg=application%20:%20appid%20184%20:%20cusevt_id%20168/
Redirect Chain

https://ads.connectedinteractive.com/external/dmp/custom_event/0/8092782a3475b91c78e512ffafa20c56/10784Monthly-LP-Retargeting?&cb=1560812609469
https://bcp.crwdcntrl.net/5/c=12996/rand=1560812610/seg=application%20:%20appid%20184%20:%20cusevt_id%20168/seg=appgeo%20:%20country%20:%20germany%20:%20region%20:%20%20:%20city%20:%20
https://bcp.crwdcntrl.net/5/ct=y/c=12996/rand=1560812610/seg=application%20:%20appid%20184%20:%20cusevt_id%20168/seg=appgeo%20:%20country%20:%20germany%20:%20region%20:%20%20:%20city%20:%20

49 B
956 B

68ms
37ms

Image
image/gif

52.18.108.235
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=12996/rand=1560812610/seg=application%20:%20appid%20184%20:%20cusevt_id%20168/seg=appgeo%20:%20country%20:%20germany%20:%20region%20:%20%20:%20city%20:%20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.108.235 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-108-235.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 23:03:30 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: 10.45.24.244
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 23:03:30 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://bcp.crwdcntrl.net/5/ct=y/c=12996/rand=1560812610/seg=application%20:%20appid%20184%20:%20cusevt_id%20168/seg=appgeo%20:%20country%20:%20germany%20:%20region%20:%20%20:%20city%20:%20
Cache-Control: no-cache
X-Server: 10.45.26.248
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1 200
OK 10783--LP-Retargeting
ads.connectedinteractive.com/external/dmp/custom_event/0/c4a103bd3358fe0206b987b42fac6906/ 42 B
312 B 170ms
169ms Image
image/gif 50.23.67.73
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.connectedinteractive.com/external/dmp/custom_event/0/c4a103bd3358fe0206b987b42fac6906/10783--LP-Retargeting?&cb=1560812609469
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.23.67.73 San Jose, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 49.43.1732.ip4.static.sl-reverse.com
Software: nginx/1.8.1 / PHP/5.6.40
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 23:02:45 GMT
PMM-Response: CENF-Ext-c4a103bd3358fe0206b987b42fac6906:10783--LP-Retargeting
Server: nginx/1.8.1
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1

200
OK

https://ads.connectedinteractive.com/external/dmp/custom_event/0/8092782a3475b91c78e512ffafa20c56/app_open?&cb=1560812609469
https://bcp.crwdcntrl.net/5/c=12996/rand=1560812610/seg=application%20:%20appid%20184%20:%20cusevt_id%2013/seg=appgeo%20:%20country%20:%20germany%20:%20region%20:%20%20:%20city%20:%20
https://bcp.crwdcntrl.net/5/ct=y/c=12996/rand=1560812610/seg=application%20:%20appid%20184%20:%20cusevt_id%2013/seg=appgeo%20:%20country%20:%20germany%20:%20region%20:%20%20:%20city%20:%20

49 B
956 B

52ms
35ms

Image
image/gif

52.18.108.235
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=12996/rand=1560812610/seg=application%20:%20appid%20184%20:%20cusevt_id%2013/seg=appgeo%20:%20country%20:%20germany%20:%20region%20:%20%20:%20city%20:%20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.108.235 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-108-235.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 23:03:30 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: 10.45.21.101
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 17 Jun 2019 23:03:30 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://bcp.crwdcntrl.net/5/ct=y/c=12996/rand=1560812610/seg=application%20:%20appid%20184%20:%20cusevt_id%2013/seg=appgeo%20:%20country%20:%20germany%20:%20region%20:%20%20:%20city%20:%20
Cache-Control: no-cache
X-Server: 10.45.13.10
Connection: keep-alive
Content-Length: 0
Expires: 0

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 10:55:08	Name: IDE Value: AHWqTUnBJQKTEmp3Upp6TFG2HG8JhhRKh7bu-f8Oxqr3-IQMfp6pF-QL8EN-gMy9

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://d3htn85c6cao65.cloudfront.net/libraries/ci_events.js(Line 135) Message: CII_Lib (): Processing queue
console-api	log	URL: https://d3htn85c6cao65.cloudfront.net/libraries/ci_events.js(Line 135) Message: CII_Lib (): Processing pool queue

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5627812.fls.doubleclick.net
ad.crwdcntrl.net
ad.doubleclick.net
ad.yieldmanager.com
ads.connectedinteractive.com
ads.yahoo.com
adservice.google.com
aep.mxptint.net
analytics.twitter.com
bat.bing.com
bcp.crwdcntrl.net
cm.g.doubleclick.net
connect.facebook.net
d3htn85c6cao65.cloudfront.net
dpm.demdex.net
email.e2rm.com
googleads.g.doubleclick.net
insight.adsrvr.org
mpp.mxptint.net
s.ytimg.com
script.hotjar.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.sickkidsfoundation.com
www.youtube.com
yhp.mxptint.net
104.244.42.67
104.244.42.69
107.154.141.76
143.204.208.43
147.75.205.49
147.75.83.19
147.75.83.82
151.101.36.157
167.89.118.52
172.217.18.102
172.217.22.6
204.2.255.237
216.58.208.34
216.58.210.2
2620:1ec:c11::200
2a00:1288:110:833::4000
2a00:1450:4001:806::200e
2a00:1450:4001:809::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:816::2004
2a00:1450:4001:81a::2003
2a00:1450:4001:81f::2002
2a00:1450:4001:821::2002
2a00:1450:4001:824::200e
2a00:1450:400c:c00::9d
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.249.111.226
38.67.14.225
38.68.201.139
50.23.67.73
52.18.108.235
52.214.222.48
52.51.120.75
02db9bd610431880577c759cb9cca168c71f01f33595c0826233846d1ed973d4
06ee1945f49d2b63fb4bd1e21c880cfd59480b896aa570edf42d46a78706947c
0ce500b30c2ad8c54aa8f557f3b312e1451a685af1050d9c25ece1c561a8acb5
0d2a53d52dbdddd75ea52cb98b388faf9bc646174f4e3c618b3fb0ab027c89f7
0dbe4e359691cb6e52645dd62f303ca38a794fc0007ce21216c970618bf34c3f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
134d9689dd766fbea01b7b16563704e655883a93b76f55a6acf999f67510f8b5
14e0e9e6ada3040dacca5c75fa38a833a2c07e07313f4c597da40c0a9d563d90
1598d5561779547d3fb26f8c6d016653de34203d8ac2b711cc64cb22356db68a
1ac1851e1d7f0afdbf8037a3cc9df67b12b7a67771545718f551b922ff73b6c4
2b3b50553dd965f22d904694e23b549aa28ff7f5c8eeaa99fc4ebdc328dad71b
2eba6ab2d39bca6a4510b75728da4304248c481d2c2ed20fbc281509d8b7832e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
343fafd4eecdaa61e4e2df66640fba9583346b7257ebeb8af8797ad9eb87b333
3aa31b0d81e57dcb5014144d2cceed6912ddf6db1a959ae379f170895519bc78
44cec66e8f45f1c1573be7ee656b280f475f07b608982b8e68c742363d202ee1
51f7f156fa7d1ca539d8c26cc8f8e4dfc5c8ebe6d75c1ec906a3bac51e202120
52527fad6787aa1c021c5c1937c37407f3df159904bc8703ebbd6478ae11ff43
56b6a74122cfb0f974a633ca015cdce119625e0836d48fa161aa99fc34d23ca6
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
605a927f5de55a8b242cb852f265db408ebe8b394742c26da43b4a16826094b6
61ed697adcb10f1530bf63fd24d054c4b349911eb7e32d73300ebec8b792af65
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
694bc35fc07d7091b82ee02e6b7cbcacc69edb23c9dfd515a18647d684456c51
6980b21c71241d5f501f4f3f9e4b73313e37b34b2fb29e12250d5be4a47bb677
73867787bab9950a399984f532775d1cd09c05f9f0e350b5d1a7e6462a4c7b2b
764321796f5e9fa203bf462c491502a824f60e5e1a5f81be8f00cad70528207b
770142cbc36ac61d1bc627bf3b8b90a9f21ba3643c9e0bfe592371e54db0db2c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8435aa6b4c48c34a0c144ef1ff3a9ff10559ecc2b4331c8de0673923032266f3
8b273fe0ae11dfeb96f7a56f1b5ecd2d76500147927ad557356faa5227d17032
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f2fa112ef5176cde349013f13b790b90146e86b11553c1b5dba56f9afc65438
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
905de7fd4899868cd6349387996673bd1cdfe3768d409f844bd8b0796b0f35ec
918d6f7f35596b6c29b497fe89c4db297a0a23e05025f14c78eac356ce927766
92d37ecd96baf17cac29d16b9f2ff45ef00d4179e5d1f7ab786a4005d3b8e2ff
9611157a5a58bb3e7b32b98a53aaa7f8ef7043e1748a638923f567cb01cfcb3d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a9bae822288365e478a012a878f420a8d882140366921b778ee6f04883aaa96b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b6cb09e57c1ed08553566bda474cf9681c03fc4ba091731c81c78a6a4226740b
c15b8a1478b9adf740c9de824ae2481e22862820f1ee97f74958b5fe03e0eef4
c77eba3dc0d4400f9d3dbf94bcb93ac2d941c14037e61636fca8606a2c097776
c87f98341f05aeed93726e420d4bb189a9e39fbed4b3ccf20d33e32078fea425
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
d6af43677b5ee5433fab178cd71cfe6e141078fb257c7a73bc320ec9766f3e02
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f
f70d6b776764d40f70d36c0d47cbf3cf94d8cfa967b5249d986c0dc5e6f8ab89
f943dca12ff7d767856f81039f27225d628f4c428f05e9adcbf4711f2b36b9cf
f9bcfce2bd48579a31b2bef8a17adb4d8859664d2acded5c869df93e689df5bb

www.sickkidsfoundation.com Open in urlscan Pro 107.154.141.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

100 %HTTPS

38 %IPv6

25 Domains

35 Subdomains

27 IPs

6 Countries

3847 kBTransfer

5450 kBSize

1 Cookies

11 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sickkidsfoundation.com Open in urlscan Pro
107.154.141.76 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

100 %
HTTPS

38 %
IPv6

25
Domains

35
Subdomains

27
IPs

6
Countries

3847 kB
Transfer

5450 kB
Size

1
Cookies

68 HTTP transactions
1 data transactions