www.kars4kids.org Open in urlscan Pro
3.212.242.174 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://trk.cp20.com/click/ckvr-2mqtg7-57b4qg-ikiz4eo5/pmreg33oorqwg5boljuxair2ei4tcmbqgercyisdn5xhiyldoqxewqkej5hf6s...
Effective URL:
https://www.kars4kids.org/donationupdate/authenticate.php
Submission: On February 17 via manual (February 17th 2023, 3:08:24 am UTC) from US — Scanned from CA

Summary HTTP 76 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 28 IPs in 3 countries across 26 domains to perform 76 HTTP transactions. The main IP is 3.212.242.174, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.kars4kids.org. The Cisco Umbrella rank of the primary domain is 865330.
TLS certificate: Issued by Amazon on June 22nd 2022. Valid for: a year.

This is the only time www.kars4kids.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.97.124.126 3.97.124.126	16509 (AMAZON-02) (AMAZON-02)
1 12	3.212.242.174 3.212.242.174	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
2	52.24.130.127 52.24.130.127	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:816::2008	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
4	18.238.4.100 18.238.4.100	16509 (AMAZON-02) (AMAZON-02)
2	3.133.20.67 3.133.20.67	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:25c... 2600:9000:25c8:7600:a:6e64:b280:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:48:1... 2620:1ec:48:1::41	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	3.230.17.182 3.230.17.182	14618 (AMAZON-AES) (AMAZON-AES)
2	54.85.119.1 54.85.119.1	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c08::9d	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81e::2004	15169 (GOOGLE) (GOOGLE)
2	13.224.214.56 13.224.214.56	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:25c... 2600:9000:25c8:7200:1f:d9e6:d540:93a1	16509 (AMAZON-02) (AMAZON-02)
3	20.85.30.134 20.85.30.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5 5	3.212.38.84 3.212.38.84	14618 (AMAZON-AES) (AMAZON-AES)
1 1	173.223.57.84 173.223.57.84	16625 (AKAMAI-AS) (AKAMAI-AS)
10 10	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	18.238.6.145 18.238.6.145	16509 (AMAZON-02) (AMAZON-02)
4 4	44.196.64.38 44.196.64.38	14618 (AMAZON-AES) (AMAZON-AES)
3 3	18.235.176.187 18.235.176.187	14618 (AMAZON-AES) (AMAZON-AES)
3	54.175.60.70 54.175.60.70	14618 (AMAZON-AES) (AMAZON-AES)
1	35.160.120.77 35.160.120.77	16509 (AMAZON-02) (AMAZON-02)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.82.204.234 35.82.204.234	16509 (AMAZON-02) (AMAZON-02)
1	54.71.0.111 54.71.0.111	16509 (AMAZON-02) (AMAZON-02)
76	28

1 3.97.124.126 (Montreal, Canada) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-97-124-126.ca-central-1.compute.amazonaws.com

trk.cp20.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.212.242.174 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-242-174.compute-1.amazonaws.com

www.kars4kids.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.24.130.127 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: b-app19-13.boldchat.com

cbi.boldchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:822::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.238.4.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-100.phl51.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.133.20.67 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-133-20-67.us-east-2.compute.amazonaws.com

collector-9162.us.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25c8:7600:a:6e64:b280:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.schemaapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:48:1::41 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.230.17.182 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-17-182.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.85.119.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-119-1.compute-1.amazonaws.com

data.adxcel-ec2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:823::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81e::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.214.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-56.phl50.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:25c8:7200:1f:d9e6:d540:93a1 (United States)

ASN16509 (AMAZON-02, US)

data.schemaapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

j.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.212.38.84 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-38-84.compute-1.amazonaws.com

cs.choozle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.223.57.84 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-57-84.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 15.197.193.217 (United States) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.238.6.145 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-6-145.phl51.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.196.64.38 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-64-38.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.235.176.187 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-176-187.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.175.60.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-60-70.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.160.120.77 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: b-app19-22.boldchat.com

vmss.boldchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.82.204.234 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: b-app19-19.boldchat.com

vms.boldchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.71.0.111 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-0-111.us-west-2.compute.amazonaws.com

visitor-services.boldchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	kars4kids.org 1 redirects www.kars4kids.org — Cisco Umbrella Rank: 865330	469 KB
10	adsrvr.org 10 redirects match.adsrvr.org — Cisco Umbrella Rank: 295 insight.adsrvr.org — Cisco Umbrella Rank: 568	4 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1167 j.clarity.ms — Cisco Umbrella Rank: 7713 c.clarity.ms — Cisco Umbrella Rank: 1651	21 KB
6	krxd.net 3 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1417 beacon.krxd.net — Cisco Umbrella Rank: 581	2 KB
6	google.ca www.google.ca — Cisco Umbrella Rank: 8356	947 B
6	google.com analytics.google.com — Cisco Umbrella Rank: 315 www.google.com — Cisco Umbrella Rank: 2	1 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 77	3 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	67 KB
6	boldchat.com cbi.boldchat.com — Cisco Umbrella Rank: 279697 vmss.boldchat.com — Cisco Umbrella Rank: 14229 vms.boldchat.com — Cisco Umbrella Rank: 12257 visitor-services.boldchat.com — Cisco Umbrella Rank: 12596	22 KB
5	choozle.com 5 redirects cs.choozle.com — Cisco Umbrella Rank: 7321	3 KB
4	demdex.net 4 redirects dpm.demdex.net — Cisco Umbrella Rank: 199	3 KB
4	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2923	12 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 368 c.bing.com — Cisco Umbrella Rank: 241	13 KB
3	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	2 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 340	917 B
3	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2145	2 KB
3	schemaapp.com cdn.schemaapp.com — Cisco Umbrella Rank: 10930 data.schemaapp.com — Cisco Umbrella Rank: 11816	2 KB
2	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 420	664 B
2	invocacdn.com solutions.invocacdn.com — Cisco Umbrella Rank: 7182	39 KB
2	adxcel-ec2.com data.adxcel-ec2.com — Cisco Umbrella Rank: 3848	262 B
2	tvsquared.com collector-9162.us.tvsquared.com	9 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	176 KB
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 553	528 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 768	12 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 699	33 KB
1	cp20.com 1 redirects trk.cp20.com — Cisco Umbrella Rank: 35271	223 B
76	26

	Domain	Requested by
12	www.kars4kids.org	1 redirects www.kars4kids.org code.jquery.com
6	insight.adsrvr.org	6 redirects
6	www.google.ca	www.kars4kids.org
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.kars4kids.org
5	cs.choozle.com	5 redirects
5	www.google.com	www.kars4kids.org
4	dpm.demdex.net	4 redirects
4	match.adsrvr.org	4 redirects
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	nexus.ensighten.com	www.googletagmanager.com nexus.ensighten.com
3	beacon.krxd.net	d1eoo1tco6rr5e.cloudfront.net
3	usermatch.krxd.net	3 redirects
3	d1eoo1tco6rr5e.cloudfront.net	nexus.ensighten.com
3	idsync.rlcdn.com	2 redirects www.kars4kids.org
3	j.clarity.ms	www.clarity.ms
3	trkn.us	1 redirects www.kars4kids.org
3	bat.bing.com	www.kars4kids.org bat.bing.com
2	vms.boldchat.com	vmss.boldchat.com
2	c.clarity.ms	1 redirects
2	us-u.openx.net	2 redirects
2	data.schemaapp.com	cdn.schemaapp.com
2	solutions.invocacdn.com	www.kars4kids.org solutions.invocacdn.com
2	data.adxcel-ec2.com	www.kars4kids.org
2	www.clarity.ms	www.kars4kids.org www.clarity.ms
2	collector-9162.us.tvsquared.com	www.kars4kids.org
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.googletagmanager.com	www.kars4kids.org www.googletagmanager.com
2	cbi.boldchat.com	www.kars4kids.org
1	visitor-services.boldchat.com	vmss.boldchat.com
1	c.bing.com	1 redirects
1	vmss.boldchat.com	www.kars4kids.org
1	tags.bluekai.com	1 redirects
1	analytics.google.com	www.googletagmanager.com
1	cdn.schemaapp.com	www.googletagmanager.com
1	maxcdn.bootstrapcdn.com	www.kars4kids.org
1	code.jquery.com	www.kars4kids.org
1	trk.cp20.com	1 redirects
76	37

This site contains links to these domains. Also see Links.

Domain
www.kars4kidsprograms.org
parenting.kars4kids.org
kars4kids.org
www.karsforkidsjingle.com
twitter.com
www.facebook.com
www.flickr.com
www.youtube.com
www.pinterest.com
instagram.com
www.linkedin.com
kars4kidsblog.com

Subject Issuer	Validity	Valid
kars4kids.org Amazon	`2022-06-22` - `2023-07-21`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.boldchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-11` - `2023-03-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-07` - `2023-10-14`	a year	crt.sh
*.us.tvsquared.com Amazon RSA 2048 M01	`2023-02-09` - `2023-07-27`	6 months	crt.sh
cdn.schemaapp.com Amazon	`2022-11-16` - `2023-12-14`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
adxcel-ec2.com Amazon	`2022-10-18` - `2023-11-16`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
trkn.us Go Daddy Secure Certificate Authority - G2	`2023-01-19` - `2024-02-20`	a year	crt.sh
invocacdn.com Amazon	`2022-10-24` - `2023-11-22`	a year	crt.sh
*.schemaapp.com Amazon	`2022-09-20` - `2023-10-18`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.kars4kids.org/donationupdate/authenticate.php
Frame ID: 8979EF4FD6BAFACABD8BFD08BD2D0719
Requests: 69 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/u4teo8f/2n0s21b/iframe
Frame ID: 707736682CA14706C974D1B174BC475D
Requests: 2 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/u4teo8f/wsdgs7d/iframe
Frame ID: D9383374E3331F0B41A81A00B940D1BB
Requests: 2 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/u4teo8f/wsdgs7d/iframe
Frame ID: D6C1E11B538808A3F538B92C279B6978
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kars4Kids Donor Login

Page URL History Show full URLs

https://trk.cp20.com/click/ckvr-2mqtg7-57b4qg-ikiz4eo5/pmreg33oorqwg5boljuxair2ei4tcmbqgercyisdn5... HTTP 302
https://www.kars4kids.org/donationupdate/taxid.php?record=2716608&zipcode=91001 HTTP 302
https://www.kars4kids.org/donationupdate/authenticate.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

76
Requests

92 %
HTTPS

37 %
IPv6

26
Domains

37
Subdomains

28
IPs

3
Countries

882 kB
Transfer

1645 kB
Size

45
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kars4kidsprograms.org/
Title: Our Charity

Search URL Search Domain Scan URL

URL: https://www.kars4kidsprograms.org/act-now/
Title: Volunteer

Search URL Search Domain Scan URL

URL: https://www.kars4kidsprograms.org/about-us/financials.asp
Title: financials

Search URL Search Domain Scan URL

URL: https://parenting.kars4kids.org/
Title: parenting blog

Search URL Search Domain Scan URL

URL: https://kars4kids.org/hub/
Title: kars4kids hub

Search URL Search Domain Scan URL

URL: http://www.karsforkidsjingle.com/
Title: Kars4Kids Jingle

Search URL Search Domain Scan URL

URL: https://twitter.com/kars4kids

Search URL Search Domain Scan URL

URL: https://www.facebook.com/kars4kids/

Search URL Search Domain Scan URL

URL: https://www.flickr.com/photos/kars4kids/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/877kars4kids/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/kars4kids/

Search URL Search Domain Scan URL

URL: https://instagram.com/kars4kids/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/kars4kids

Search URL Search Domain Scan URL

URL: https://kars4kidsblog.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://trk.cp20.com/click/ckvr-2mqtg7-57b4qg-ikiz4eo5/pmreg33oorqwg5boljuxair2ei4tcmbqgercyisdn5xhiyldoqxewqkej5hf6skeei5cemrxge3dmmbyej6q%3D%3D%3D%3D HTTP 302
https://www.kars4kids.org/donationupdate/taxid.php?record=2716608&zipcode=91001 HTTP 302
https://www.kars4kids.org/donationupdate/authenticate.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://trkn.us/pixel/conv/ppt=5992;g=sitewide;gid=22627?ord=608603787 HTTP 302
https://trkn.us/pixel/conv/ppt=5992;g=sitewide;gid=22627?ord=608603787;ip=149.56.153.181;cuidchk=1

Request Chain 55

https://cs.choozle.com/dp/chz/19493?d=www.kars4kids.org&cb=6192593393 HTTP 302
https://cs.choozle.com/sync HTTP 302
https://cs.choozle.com/sync?v=true&cid=8cbbe81b-2e7e-4be0-9684-637789b64375 HTTP 302
https://tags.bluekai.com/site/48443?id=8cbbe81b-2e7e-4be0-9684-637789b64375&limit=1&redir=https%3A%2F%2Fcs.choozle.com%2Fsync%3Fpid%3D%24_BK_UUID%26dpsync%3Dbk%26cid%3D8cbbe81b-2e7e-4be0-9684-637789b64375 HTTP 302
https://cs.choozle.com/sync?pid=$_BK_UUID&dpsync=bk&cid=8cbbe81b-2e7e-4be0-9684-637789b64375 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_puid=8cbbe81b-2e7e-4be0-9684-637789b64375&ttd_pid=gdmv7qs&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_puid=8cbbe81b-2e7e-4be0-9684-637789b64375&ttd_pid=gdmv7qs&ttd_tpi=1 HTTP 302
https://cs.choozle.com/sync?pid=e7c8a492-d6fb-40e4-871a-3514c327127c&dpsync=ttd&cid=8cbbe81b-2e7e-4be0-9684-637789b64375 HTTP 302
https://idsync.rlcdn.com/459489.gif?partner_uid=8cbbe81b-2e7e-4be0-9684-637789b64375 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=COGFHBIwCiwIARCp7AEaJDhjYmJlODFiLTJlN2UtNGJlMC05Njg0LTYzNzc4OWI2NDM3NRAAGg0IpN-7nwYSBQjoBxAAQgBKAA HTTP 307
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0eba62dc-ae82-444a-9626-00ca8cabf9e7

Request Chain 57

https://insight.adsrvr.org/tags/u4teo8f/2n0s21b/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/u4teo8f/2n0s21b/iframe

Request Chain 58

https://insight.adsrvr.org/tags/u4teo8f/wsdgs7d/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/u4teo8f/wsdgs7d/iframe

Request Chain 59

https://insight.adsrvr.org/tags/u4teo8f/wsdgs7d/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/u4teo8f/wsdgs7d/iframe

Request Chain 60

https://insight.adsrvr.org/track/pxl/?adv=u4teo8f&ct=0:wsdgs7d&fmt=3 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=e7c8a492-d6fb-40e4-871a-3514c327127c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=e7c8a492-d6fb-40e4-871a-3514c327127c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=e7c8a492-d6fb-40e4-871a-3514c327127c HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=e7c8a492-d6fb-40e4-871a-3514c327127c

Request Chain 61

https://insight.adsrvr.org/track/pxl/?adv=u4teo8f&ct=0:2n0s21b&fmt=3 HTTP 302
https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=e7c8a492-d6fb-40e4-871a-3514c327127c HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=e7c8a492-d6fb-40e4-871a-3514c327127c

Request Chain 62

https://insight.adsrvr.org/track/pxl/?adv=u4teo8f&ct=0:wsdgs7d&fmt=3 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=e7c8a492-d6fb-40e4-871a-3514c327127c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=e7c8a492-d6fb-40e4-871a-3514c327127c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=e7c8a492-d6fb-40e4-871a-3514c327127c HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=e7c8a492-d6fb-40e4-871a-3514c327127c

Request Chain 64

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A4027DD572F54D4C90449F3701AEE774&RedC=c.clarity.ms&MXFR=01F6DD7860796ABA14CECFC3647964CF HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A4027DD572F54D4C90449F3701AEE774&MUID=28624D8C288E6BC82E885F3729B56A8E

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request authenticate.php Show response
www.kars4kids.org/donationupdate/
Redirect Chain

https://trk.cp20.com/click/ckvr-2mqtg7-57b4qg-ikiz4eo5/pmreg33oorqwg5boljuxair2ei4tcmbqgercyisdn5xhiyldoqxewqkej5hf6skeei5cemrxge3dmmbyej6q%3D%3D%3D%3D
https://www.kars4kids.org/donationupdate/taxid.php?record=2716608&zipcode=91001
https://www.kars4kids.org/donationupdate/authenticate.php

24 KB
25 KB

26ms
26ms

Document
text/html

3.212.242.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kars4kids.org/donationupdate/authenticate.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.242.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-242-174.compute-1.amazonaws.com
Software: nginx/1.20.0 / PHP/7.3.33
Resource Hash: 38e1c91596ea415f141951c9a936c4033c1106a27e4cbc7f850c03109f720a51

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Fri, 17 Feb 2023 03:08:18 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.20.0
x-powered-by: PHP/7.3.33

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Fri, 17 Feb 2023 03:08:18 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /donationupdate/authenticate.php
pragma: no-cache
server: nginx/1.20.0
x-powered-by: PHP/7.3.33

GET
H2 200 main_with_bootstrap.min.css
www.kars4kids.org/css/ 316 KB
316 KB 26ms
25ms Stylesheet
text/css 3.212.242.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kars4kids.org/css/main_with_bootstrap.min.css
Requested by: Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.242.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-242-174.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 393d1271842c9d55cb330c499e7a4fcd3a807683b1926c0b30ab0923abae9852

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/donationupdate/authenticate.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:18 GMT
last-modified: Fri, 17 Feb 2023 01:58:22 GMT
server: nginx/1.20.0
etag: "63eedf3e-4ef4f"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 323407
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 96ms
28ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:18 GMT
content-encoding: gzip
x-sp-metadata: HS256.CLL7u58GEo8BCiQ1YWNiNjdlMi1iYWE1LTQ5NzctOTNiNi0zNGMzMWYyMGNjNGYQqKenrJKE/QIaBgii37ufBiIUMjYwNzo1MzAwOjYwOjc4Njc6Ojgo9tYCMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiRiNGVmN2RlOC1lMjBmLTQxMTUtYTY1Mi05ZDc3NDcwMTViOTkYyocCIhgIAhIUY2RzMjA3LmRjMi5od2Nkbi5uZXQ=.ywCXiDb7B4HVkDf1bPXg7WhHqbu952PGx5y91MXMYa0=
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-17b8b"
vary: Accept-Encoding
x-hw: 1676603298.dop186.dc2.t,1676603298.cds210.dc2.hn,1676603298.cds207.dc2.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33738

GET
H2 200 _nav-universal.css
www.kars4kids.org/css/ 9 KB
9 KB 51ms
50ms Stylesheet
text/css 3.212.242.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kars4kids.org/css/_nav-universal.css
Requested by: Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.242.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-242-174.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: da674f4749f572756faac101c0a74b028f4ea45518440a5007a6da7306d16758

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/donationupdate/authenticate.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:18 GMT
last-modified: Fri, 17 Feb 2023 01:58:22 GMT
server: nginx/1.20.0
etag: "63eedf3e-2482"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 9346
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo2.png
www.kars4kids.org/img/ 5 KB
5 KB 29ms
26ms Image
image/png 3.212.242.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kars4kids.org/img/logo2.png
Requested by: Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.242.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-242-174.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: cb3f55c35ed481b4cfd48f30e32403fedfaea727c945cc11381935c590f656d9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/donationupdate/authenticate.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:18 GMT
last-modified: Fri, 17 Feb 2023 01:58:22 GMT
server: nginx/1.20.0
etag: "63eedf3e-13ec"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5100
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mobile-phone3.png
www.kars4kids.org/img/ 8 KB
8 KB 30ms
27ms Image
image/png 3.212.242.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kars4kids.org/img/mobile-phone3.png
Requested by: Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.242.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-242-174.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 9094705405616a0ea7ee7567c8a562b4f179c7572c6d91ae9543a37c57686e8a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/donationupdate/authenticate.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:18 GMT
last-modified: Fri, 17 Feb 2023 01:58:22 GMT
server: nginx/1.20.0
etag: "63eedf3e-20fe"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8446
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 flag-usa.gif
www.kars4kids.org/img/ 1 KB
2 KB 32ms
29ms Image
image/gif 3.212.242.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kars4kids.org/img/flag-usa.gif
Requested by: Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.242.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-242-174.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e365925ffa59788371bc019050d38bf183a3b78adebb9597b8cd072e0ae99cf1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/donationupdate/authenticate.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:18 GMT
last-modified: Fri, 17 Feb 2023 01:58:22 GMT
server: nginx/1.20.0
etag: "63eedf3e-5bc"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1468
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 flag-canada.gif
www.kars4kids.org/img/ 2 KB
2 KB 33ms
30ms Image
image/gif 3.212.242.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kars4kids.org/img/flag-canada.gif
Requested by: Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.242.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-242-174.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 4b5b6c6a27ecf8d3a99137a4c7f66b60a3c50a6efc1b874cc54d4a9f3e3be2b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/donationupdate/authenticate.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:18 GMT
last-modified: Fri, 17 Feb 2023 01:58:22 GMT
server: nginx/1.20.0
etag: "63eedf3e-68e"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1678
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bc.cbhs Show response
cbi.boldchat.com/aid/7269614590058758866/ 115 B
411 B 283ms
82ms Script
text/javascript 52.24.130.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cbi.boldchat.com/aid/7269614590058758866/bc.cbhs

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.24.130.127 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

b-app19-13.boldchat.com

Software

BoldChat/8004 /

Resource Hash

cff5c35de5c3b53de5b24cb2aee3113239a7e1fe0bdd7ba37afa4726f9cc6938

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Feb 2023 03:08:18 GMT
X-Content-Type-Options: nosniff
Server: BoldChat/8004
Content-Type: text/javascript;charset=UTF-8
Origin-Agent-Cluster: ?0
Cache-Control: no-cache,no-store
Content-Length: 115
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/ 39 KB
12 KB 65ms
33ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 871
age: 1977479
cdn-cachedat: 03/12/2022 17:21:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"2f34b630ffe30ba2ff2b91e3f3c322a1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
access-control-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 45ff2430610245057d55d0010d79ab5b
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 79ab5159cdfe33ff-YUL
cdn-requestpullsuccess: True

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 297 KB
94 KB 105ms
53ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WV5688

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60638dc0677d82bde9ade67f1db0c3db55c7de7328b9d48877bfe8b2b6e1460a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95887
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Feb 2023 03:08:18 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 77ms
35ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 17 Feb 2023 03:08:18 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3EA5C301EC784C40848D63DA792C0E5B Ref B: YMQ01EDGE0816 Ref C: 2023-02-17T03:08:18Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H2 200 flag-usa-gray.gif
www.kars4kids.org/img/ 1 KB
1 KB 26ms
25ms Image
image/gif 3.212.242.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kars4kids.org/img/flag-usa-gray.gif
Requested by: Host: www.kars4kids.org
URL: https://www.kars4kids.org/css/main_with_bootstrap.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.242.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-242-174.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 1fba8d25ed2ad21eeda6af0a4f4087ad938764ca7ce21b947650cdad92993135

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/css/main_with_bootstrap.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:18 GMT
last-modified: Fri, 17 Feb 2023 01:58:22 GMT
server: nginx/1.20.0
etag: "63eedf3e-509"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1289
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontawesome-webfont.woff2
www.kars4kids.org/fonts/ 96 KB
96 KB 38ms
38ms Font
font/woff2 3.212.242.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kars4kids.org/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.kars4kids.org
URL: https://www.kars4kids.org/css/main_with_bootstrap.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.242.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-242-174.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://www.kars4kids.org/css/main_with_bootstrap.min.css
Origin: https://www.kars4kids.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:18 GMT
last-modified: Fri, 17 Feb 2023 01:58:22 GMT
server: nginx/1.20.0
etag: "63eedf3e-17ee8"
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 98024
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 204 4029991.js Show response
bat.bing.com/p/action/ 0
118 B 66ms
65ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4029991.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 17 Feb 2023 03:08:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 336F276DE5B84D06919A7B93CAADE318 Ref B: YMQ01EDGE0816 Ref C: 2023-02-17T03:08:18Z
x-cache: CONFIG_NOCACHE

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 119 KB
46 KB 88ms
34ms Script
application/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-N8WBF9D

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WV5688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c4d8871002dac9a5fb759f41148e90ac572f1eae2c07d49e8f3e7ca0df1f5d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46671
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Feb 2023 03:08:19 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072738849/ 2 KB
1 KB 121ms
71ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072738849/?random=1676603299047&cv=11&fst=1676603299047&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=ftUHCLSJlQMQoeTC_wM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.kars4kids.org%2Fdonationupdate%2Fauthenticate.php&tiba=Kars4Kids%20Donor%20Login&auid=1520763839.1676603299&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WV5688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

402d1df196266443a01ce34f372827e00d05cfd698d22521140c0b89cba2d30e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 03:08:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 932
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/choozle/11677/ 28 KB
9 KB 296ms
85ms Script
application/javascript 18.238.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/11677/Bootstrap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WV5688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-100.phl51.r.cloudfront.net
Software: CloudFront /
Resource Hash: ae30c673ae3f3e0a1f1fbf859641c2c0b8859332208a6f7d70426e90c108f64c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 02:59:19 GMT
x-amz-version-id: Ygdo4d6Bm9w5M_5LYRJ0UNOxscdeTPDJ
content-encoding: br
via: 1.1 33529157e9445af08b5b7d15e72166ea.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 1901341
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 12 Aug 2021 14:32:14 GMT
server: CloudFront
etag: W/"326ce42df891f39acc46408ab3df5632"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: wwi0Tkrw-p9EdEKG2K4OJmFqMhGd49_pVxlU26NPoMhjihacl8Y6fw==

GET
H/1.1 200
OK tv2track.js Show response
collector-9162.us.tvsquared.com/ 20 KB
9 KB 174ms
38ms Script
application/javascript 3.133.20.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-9162.us.tvsquared.com/tv2track.js
Requested by: Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.133.20.67 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-133-20-67.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 03:08:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2022 10:40:07 GMT
Server: nginx
ETag: "639c4b07-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Fri, 17 Feb 2023 03:18:19 GMT

GET
H2 200 schemaFunctions.min.js Show response
cdn.schemaapp.com/javascript/ 2 KB
1 KB 277ms
80ms Script
application/javascript 2600:9000:25c8:7600:a:6e64:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.schemaapp.com/javascript/schemaFunctions.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WV5688
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25c8:7600:a:6e64:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 451e4d14516e9ad50cc16993f82a6b2f665911f3b189c4b03fc9261a75a34dae

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 01:08:59 GMT
x-amz-version-id: huMlRne1MhGiqovFaqw_hwjVNww3m8Jd
content-encoding: gzip
via: 1.1 4c397e4699167dec15a1c866c7120138.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 525561
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 17 Jan 2023 19:11:21 GMT
server: AmazonS3
etag: W/"5741fc61fef7abd96093e31deb82a719"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=699840
x-amz-cf-id: GA_Pa4fWuuWLwayIuIEEmEvEEv5ukLB7LkCgHwIVKVqgXTkYZYlcJg==

GET
H2 200 5fpfdlfzmo Show response
www.clarity.ms/tag/ 868 B
1 KB 148ms
57ms Script
application/x-javascript 2620:1ec:48:1::41
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/5fpfdlfzmo
Requested by: Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48:1::41 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 40fc54c966e05da72e7438c2759ce565634dedb3e4eb0c343f988ca7b166fcbe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: application/x-javascript
date: Fri, 17 Feb 2023 03:08:18 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0o+/uYwAAAACvGe5crW7/TpoB7GYuTGk8WVRPMjIxMDkwODE3MDE5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
82 KB 45ms
44ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XLXQZC7EV3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WV5688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d78bede1da2b99a35c4b17b07892f416a049d96c5d8e7770c41d8d16a0d0a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83767
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Feb 2023 03:08:19 GMT

GET
H/1.1

200
OK

ppt=5992;g=sitewide;gid=22627
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=5992;g=sitewide;gid=22627?ord=608603787
https://trkn.us/pixel/conv/ppt=5992;g=sitewide;gid=22627?ord=608603787;ip=149.56.153.181;cuidchk=1

42 B
780 B

794ms
794ms

Image
image/gif

3.230.17.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=5992;g=sitewide;gid=22627?ord=608603787;ip=149.56.153.181;cuidchk=1

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

HTTP/1.1

Server

3.230.17.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-230-17-182.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Feb 2023 03:08:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Fri, 17 Feb 2023 03:08:19 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=UTF-8
Location: /pixel/conv/ppt=5992;g=sitewide;gid=22627?ord=608603787;ip=149.56.153.181;cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK /
data.adxcel-ec2.com/pixel/ 43 B
131 B 107ms
24ms Image
image/gif 54.85.119.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=lead&pixid=0da00409-3167-476c-a0d9-71a77d8cc7ae&gtmcb=102825713
Requested by: Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.119.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-119-1.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
data.adxcel-ec2.com/pixel/ 43 B
131 B 107ms
25ms Image
image/gif 54.85.119.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=misc&pixid=941b065a-cf09-4633-963a-fa8bad623a50
Requested by: Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.119.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-119-1.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK bc.cbhs Show response
cbi.boldchat.com/aid/7269614590058758866/ 115 B
411 B 81ms
81ms Script
text/javascript 52.24.130.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cbi.boldchat.com/aid/7269614590058758866/bc.cbhs

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.24.130.127 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

b-app19-13.boldchat.com

Software

BoldChat/8004 /

Resource Hash

cff5c35de5c3b53de5b24cb2aee3113239a7e1fe0bdd7ba37afa4726f9cc6938

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Feb 2023 03:08:19 GMT
X-Content-Type-Options: nosniff
Server: BoldChat/8004
Content-Type: text/javascript;charset=UTF-8
Origin-Agent-Cluster: ?0
Cache-Control: no-cache,no-store
Content-Length: 115
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
256 B 113ms
32ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-XLXQZC7EV3&gtm=45je32f0&_p=1586672106&_gaz=1&cid=1179236914.1676603299&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676603299&sct=1&seg=0&dl=https%3A%2F%2Fwww.kars4kids.org%2Fdonationupdate%2Fauthenticate.php&dt=Kars4Kids%20Donor%20Login&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XLXQZC7EV3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 03:08:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kars4kids.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 111ms
31ms Ping
text/plain 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XLXQZC7EV3&cid=1179236914.1676603299&gtm=45je32f0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XLXQZC7EV3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 03:08:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kars4kids.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 114ms
37ms Image
image/gif 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XLXQZC7EV3&cid=1179236914.1676603299&gtm=45je32f0&aip=1&z=909043549

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 03:08:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1072738849/ 42 B
455 B 94ms
37ms Image
image/gif 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1072738849/?random=1676603299047&cv=11&fst=1676602800000&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=ftUHCLSJlQMQoeTC_wM&frm=0&url=https%3A%2F%2Fwww.kars4kids.org%2Fdonationupdate%2Fauthenticate.php&tiba=Kars4Kids%20Donor%20Login&fmt=3&is_vtc=1&random=384935810&rmt_tld=0&ipr=y

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 03:08:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/1072738849/ 42 B
154 B 80ms
39ms Image
image/gif 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1072738849/?random=1676603299047&cv=11&fst=1676602800000&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=ftUHCLSJlQMQoeTC_wM&frm=0&url=https%3A%2F%2Fwww.kars4kids.org%2Fdonationupdate%2Fauthenticate.php&tiba=Kars4Kids%20Donor%20Login&fmt=3&is_vtc=1&random=384935810&rmt_tld=1&ipr=y

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 03:08:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WV5688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Feb 2023 02:41:43 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1596
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 17 Feb 2023 04:41:43 GMT

GET
H2 200 get-location-api.php Show response
www.kars4kids.org/scripts/ 0
418 B 66ms
65ms XHR
text/html 3.212.242.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kars4kids.org/scripts/get-location-api.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.242.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-242-174.compute-1.amazonaws.com
Software: nginx/1.20.0 / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.kars4kids.org/donationupdate/authenticate.php
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:19 GMT
server: nginx/1.20.0
x-powered-by: PHP/7.3.33
content-type: text/html; charset=UTF-8

GET
H2 204 0
bat.bing.com/action/ 0
362 B 47ms
37ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4029991&Ver=2&mid=b0564fad-a60f-4a51-97de-447adbe1ad92&sid=544cef30ae7011ed8e078d35cafbac08&vid=544eb630ae7011edb76b89246de309c7&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Kars4Kids%20Donor%20Login&p=https%3A%2F%2Fwww.kars4kids.org%2Fdonationupdate%2Fauthenticate.php&r=&lt=929&evt=pageLoad&sv=1&rn=208130

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Feb 2023 03:08:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3ACD73DFA9034AA2B7B97DBE66EAE900 Ref B: YMQ01EDGE0816 Ref C: 2023-02-17T03:08:19Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072738849/ 2 KB
1 KB 98ms
93ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072738849/?random=1676603299245&cv=11&fst=1676603299245&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=d8gVCIzqvwEQoeTC_wM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.kars4kids.org%2Fdonationupdate%2Fauthenticate.php&tiba=Kars4Kids%20Donor%20Login&auid=1520763839.1676603299&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WV5688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e3c35347b4cd551072a655e32faccfcb68393c965a670dc02412f02b7f78ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 03:08:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 931
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ppt=10371;g=homepage;gid=31668;ord=456985267
trkn.us/pixel/conv/ 42 B
780 B 85ms
31ms Image
image/gif 3.230.17.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=10371;g=homepage;gid=31668;ord=456985267?gtmcb=1386669734

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.230.17.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-230-17-182.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Feb 2023 03:08:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

GET
H2 200 invoca-latest.min.js Show response
solutions.invocacdn.com/js/ 124 KB
37 KB 312ms
93ms Script
text/javascript 13.224.214.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-56.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec4c752c663ce0b765e9de7eca36dc91955d8f7236beae21abb24331d8578ab8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 8feec6AgTQA6Ci4mL.zhR78M727WJIyB
content-encoding: br
via: 1.1 613a9db04d23967014b7c42269dc1c12.cloudfront.net (CloudFront)
date: Fri, 17 Feb 2023 02:14:03 GMT
last-modified: Wed, 15 Feb 2023 22:13:52 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3257
etag: W/"7902c97cbe9e99927a9193b2a847ef04"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
x-amz-replication-status: COMPLETED
x-amz-cf-id: w1heDtXhaMDkd9q2t_eY1eaRCb-YvZkcbqUhhKS5DOA9G4cLg8nojg==

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-d/s/0.7.2/ 56 KB
19 KB 25ms
24ms Script
application/javascript 2620:1ec:48:1::41
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-d/s/0.7.2/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/5fpfdlfzmo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48:1::41 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 99b523edd72385876c466fc061393829b08dec3aa544963373b22a08fb97784f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:18 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0TAHuYwAAAAB+dPOZvyuUQrrot5ZMI/mdTU5aMjIxMDYwNjEyMDUxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "1d93c95f148481c"
x-azure-ref: 0o+/uYwAAAABxm5/3fgjiSoSTDnWP6+moWVRPMjIxMDkwODE3MDE5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H/1.1 200
OK tv2track.php
collector-9162.us.tvsquared.com/ 42 B
276 B 37ms
36ms Image
image/gif 3.133.20.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-9162.us.tvsquared.com/tv2track.php?action_name=Kars4Kids%20Donor%20Login&idsite=TV-09813672-1&rec=1&r=406868&h=3&m=8&s=19&url=https%3A%2F%2Fwww.kars4kids.org%2Fdonationupdate%2Fauthenticate.php&_id=f4c8a9656d53f41e&_idts=1676603299&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=27
Requested by: Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.133.20.67 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-133-20-67.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Date: Fri, 17 Feb 2023 03:08:19 GMT
Server: nginx
Connection: keep-alive
Request-Id: f6b9125f-ab6a-4de8-8798-1fb221240ba5
Content-Length: 42
Content-Type: image/gif

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 21ms
21ms Script
text/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 17 Feb 2023 04:04:19 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 34ms
33ms XHR
text/plain 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-189491-1&cid=1179236914.1676603299&jid=1640780920&gjid=2021852934&_gid=1178745116.1676603299&_u=aCDAgEAjQAAAAEAAI~&z=1814085610

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kars4kids.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 17 Feb 2023 03:08:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kars4kids.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 33ms
32ms XHR
text/plain 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-189491-17&cid=1179236914.1676603299&jid=341871148&gjid=559301809&_gid=1178745116.1676603299&_u=aCDAgEAjQAAAAEAAI~&z=1918876046

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kars4kids.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 17 Feb 2023 03:08:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kars4kids.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
19ms Image
image/gif 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1586672106&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kars4kids.org%2Fdonationupdate%2Fauthenticate.php&ul=en-us&de=UTF-8&dt=Kars4Kids%20Donor%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEAjQAAAAAAAI~&jid=1640780920&gjid=2021852934&cid=1179236914.1676603299&tid=UA-189491-1&_gid=1178745116.1676603299&gtm=45He32f0n71WV5688&cd2=3&cd4=false&z=1919198115

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 14:19:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46100
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1586672106&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kars4kids.org%2Fdonationupdate%2Fauthenticate.php&ul=en-us&de=UTF-8&dt=Kars4Kids%20Donor%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEAjQAAAAEAAI~&jid=341871148&gjid=559301809&cid=1179236914.1676603299&tid=UA-189491-17&_gid=1178745116.1676603299&gtm=45He32f0n71WV5688&z=852997792

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 14:19:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46100
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1072738849/ 42 B
108 B 40ms
38ms Image
image/gif 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1072738849/?random=1676603299245&cv=11&fst=1676602800000&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=d8gVCIzqvwEQoeTC_wM&frm=0&url=https%3A%2F%2Fwww.kars4kids.org%2Fdonationupdate%2Fauthenticate.php&tiba=Kars4Kids%20Donor%20Login&fmt=3&is_vtc=1&random=2947581567&rmt_tld=0&ipr=y

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 03:08:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/1072738849/ 42 B
108 B 41ms
40ms Image
image/gif 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1072738849/?random=1676603299245&cv=11&fst=1676602800000&bg=ffffff&guid=ON&async=1&gtm=45He32f0&u_w=1600&u_h=1200&label=d8gVCIzqvwEQoeTC_wM&frm=0&url=https%3A%2F%2Fwww.kars4kids.org%2Fdonationupdate%2Fauthenticate.php&tiba=Kars4Kids%20Donor%20Login&fmt=3&is_vtc=1&random=2947581567&rmt_tld=1&ipr=y

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 03:08:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aHR0cHM6Ly93d3cua2FyczRraWRzLm9yZy9kb25hdGlvbnVwZGF0ZS9hdXRoZW50aWNhdGUucGhw Show response
data.schemaapp.com/Kars4Kids/ 0
460 B 84ms
84ms XHR
application/json 2600:9000:25c8:7200:1f:d9e6:d540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://data.schemaapp.com/Kars4Kids/aHR0cHM6Ly93d3cua2FyczRraWRzLm9yZy9kb25hdGlvbnVwZGF0ZS9hdXRoZW50aWNhdGUucGhw

Requested by

Host: cdn.schemaapp.com
URL: https://cdn.schemaapp.com/javascript/schemaFunctions.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:7200:1f:d9e6:d540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.kars4kids.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
x-api-key: J0WQE-2L54L-O3DQ0-DFWVD

Response headers

date: Fri, 17 Feb 2023 01:08:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
via: 1.1 2a78cba32e1e70413cb851835f0eb89c.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 7179
x-cache: Hit from cloudfront
content-length: 0
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-source
cache-control: max-age=14400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: C9-ucoZprIlbk62fYxD-TbMUGG79OU697j3OCvn2q3zTf19QNVLlxw==

OPTIONS
H2 200 aHR0cHM6Ly93d3cua2FyczRraWRzLm9yZy9kb25hdGlvbnVwZGF0ZS9hdXRoZW50aWNhdGUucGhw
data.schemaapp.com/Kars4Kids/ Frame 0
0 320ms
85ms Preflight 2600:9000:25c8:7200:1f:d9e6:d540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://data.schemaapp.com/Kars4Kids/aHR0cHM6Ly93d3cua2FyczRraWRzLm9yZy9kb25hdGlvbnVwZGF0ZS9hdXRoZW50aWNhdGUucGhw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25c8:7200:1f:d9e6:d540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://www.kars4kids.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: x-api-key
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-source
access-control-max-age: 3000
age: 2521
content-length: 0
date: Fri, 17 Feb 2023 02:26:19 GMT
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains;
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
via: 1.1 2a78cba32e1e70413cb851835f0eb89c.cloudfront.net (CloudFront)
x-amz-cf-id: w4lfPypCS3kIgurpJ_BXZ66BJgInuz7nD9lPLsFN1EZEmsSjHHwigw==
x-amz-cf-pop: PHL51-P1
x-cache: Hit from cloudfront

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/choozle/11677/ 429 B
736 B 102ms
101ms Script
text/javascript 18.238.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/11677/serverComponent.php?r=0.803662736129167&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/11677/code/&publishedOn=Thu%20Aug%2027%2017:55:48%20GMT%202020&ClientID=923&PageID=https%3A%2F%2Fwww.kars4kids.org%2Fdonationupdate%2Fauthenticate.php
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/11677/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-100.phl51.r.cloudfront.net
Software: CloudFront /
Resource Hash: b988a7a885326d1d5428f2c47d28d06e5d18170b2edc322220684de541e6a50f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:19 GMT
via: 1.1 33529157e9445af08b5b7d15e72166ea.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
content-length: 429
x-amz-cf-id: I6FHg36jsy19Xev7j1YRix8jN0pY69o7uDMQC8sRa1Rj2fyk97AoWw==
expires: Fri, 17 Feb 2023 03:08:18 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 41ms
40ms Image
image/gif 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-189491-1&cid=1179236914.1676603299&jid=1640780920&_u=aCDAgEAjQAAAAEAAI~&z=1840425457

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 03:08:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 38ms
37ms Image
image/gif 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-189491-1&cid=1179236914.1676603299&jid=1640780920&_u=aCDAgEAjQAAAAEAAI~&z=1840425457

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 03:08:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 40ms
38ms Image
image/gif 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-189491-17&cid=1179236914.1676603299&jid=341871148&_u=aCDAgEAjQAAAAEAAI~&z=1830902907

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 03:08:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 39ms
37ms Image
image/gif 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-189491-17&cid=1179236914.1676603299&jid=341871148&_u=aCDAgEAjQAAAAEAAI~&z=1830902907

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 03:08:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
j.clarity.ms/ 0
167 B 129ms
37ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-d/s/0.7.2/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.kars4kids.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: https://www.kars4kids.org
date: Fri, 17 Feb 2023 03:08:19 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 1d05ad657839afea01b0672ad2548d04.js Show response
nexus.ensighten.com/choozle/11677/code/ 3 KB
1 KB 79ms
78ms Script
application/javascript 18.238.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/11677/code/1d05ad657839afea01b0672ad2548d04.js?conditionId0=4885788&conditionId1=4888444&conditionId2=4885797
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/11677/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-100.phl51.r.cloudfront.net
Software: CloudFront /
Resource Hash: eae71d535ec126c1d2dda869e864260bcc8cbe7e3809293fbadae02f9254fd47

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 01:54:06 GMT
x-amz-version-id: 5wo8WljzA2S5_CU8xxd.UeRTqlAcjaiF
content-encoding: br
via: 1.1 33529157e9445af08b5b7d15e72166ea.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 1905254
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 12 Aug 2021 14:32:15 GMT
server: CloudFront
etag: W/"9671696d72e07cf5941be6c0a3820701"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: V_4A-bFwbRJlx6PnjALN6GQcxQFcLUfl0zfeDiRf5UznU8jLalq_bQ==

GET
H2 200 77819ac0b9d2bc1d24f7cfdd783cc0d1.js Show response
nexus.ensighten.com/choozle/11677/code/ 1 KB
725 B 80ms
79ms Script
application/javascript 18.238.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/11677/code/77819ac0b9d2bc1d24f7cfdd783cc0d1.js?conditionId0=421905
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/11677/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-100.phl51.r.cloudfront.net
Software: CloudFront /
Resource Hash: cfe6b3f2587a9ea5f31db67a0a0fb19a8279d43e35a04332678b7749eb041ad0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 01:54:06 GMT
x-amz-version-id: uOP_pmrl.lg1XTyIo2Sn3uirZ9zqsxK0
content-encoding: br
via: 1.1 33529157e9445af08b5b7d15e72166ea.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 1905254
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 12 Aug 2021 14:32:17 GMT
server: CloudFront
etag: W/"0949f3a716d0a13aa5549a4c9f56c7c0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: 68WMmsntR6UvGVMaYz16Xe8T7OV-3BwFcq7B6L4SY-EHCnzo_cnDuA==

GET
H3

200

396846.gif
idsync.rlcdn.com/
Redirect Chain

https://cs.choozle.com/dp/chz/19493?d=www.kars4kids.org&cb=6192593393
https://cs.choozle.com/sync
https://cs.choozle.com/sync?v=true&cid=8cbbe81b-2e7e-4be0-9684-637789b64375
https://tags.bluekai.com/site/48443?id=8cbbe81b-2e7e-4be0-9684-637789b64375&limit=1&redir=https%3A%2F%2Fcs.choozle.com%2Fsync%3Fpid%3D%24_BK_UUID%26dpsync%3Dbk%26cid%3D8cbbe81b-2e7e-4be0-9684-63778...
https://cs.choozle.com/sync?pid=$_BK_UUID&dpsync=bk&cid=8cbbe81b-2e7e-4be0-9684-637789b64375
https://match.adsrvr.org/track/cmf/generic?ttd_puid=8cbbe81b-2e7e-4be0-9684-637789b64375&ttd_pid=gdmv7qs&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_puid=8cbbe81b-2e7e-4be0-9684-637789b64375&ttd_pid=gdmv7qs&ttd_tpi=1
https://cs.choozle.com/sync?pid=e7c8a492-d6fb-40e4-871a-3514c327127c&dpsync=ttd&cid=8cbbe81b-2e7e-4be0-9684-637789b64375
https://idsync.rlcdn.com/459489.gif?partner_uid=8cbbe81b-2e7e-4be0-9684-637789b64375
https://idsync.rlcdn.com/1000.gif?memo=COGFHBIwCiwIARCp7AEaJDhjYmJlODFiLTJlN2UtNGJlMC05Njg0LTYzNzc4OWI2NDM3NRAAGg0IpN-7nwYSBQjoBxAAQgBKAA
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0eba62dc-ae82-444a-9626-00ca8cabf9e7

42 B
60 B

44ms
43ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0eba62dc-ae82-444a-9626-00ca8cabf9e7
Requested by: Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:20 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Fri, 17 Feb 2023 03:08:20 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0eba62dc-ae82-444a-9626-00ca8cabf9e7
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/1188/1322774132/ 5 KB
2 KB 135ms
134ms Script
text/javascript 13.224.214.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/1188/1322774132/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-56.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca2d01f15b518a030e6affb1368114dcae8ac1bf6bfe15009b3c70640ab5820a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: _mE7Tjop9vqG4bQU8ztQjo7hTcmZBsRg
content-encoding: br
via: 1.1 613a9db04d23967014b7c42269dc1c12.cloudfront.net (CloudFront)
date: Fri, 17 Feb 2023 03:08:20 GMT
last-modified: Fri, 28 Jan 2022 16:47:36 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: W/"b860738a93d6d887f150455185b5fc9c"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: max-age=300
x-amz-replication-status: COMPLETED
x-amz-cf-id: t_TPx-mdPF9jxCUc9gLt08BSY2Df8f4lTNloZbnO6nS5-pA0FP3Qww==

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/u4teo8f/2n0s21b/ Frame 7077
Redirect Chain

https://insight.adsrvr.org/tags/u4teo8f/2n0s21b/iframe
https://d1eoo1tco6rr5e.cloudfront.net/u4teo8f/2n0s21b/iframe

138 B
668 B

263ms
81ms

Document
text/html

18.238.6.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/u4teo8f/2n0s21b/iframe
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/11677/code/1d05ad657839afea01b0672ad2548d04.js?conditionId0=4885788&conditionId1=4888444&conditionId2=4885797
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.6.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-6-145.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0dd0d330386d8f99f3a4d1eec8d4cc30c3e8ad81e0025b9c768d1ab63fe9443f

Request headers

Referer: https://www.kars4kids.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Age: 28924
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Thu, 16 Feb 2023 19:06:17 GMT
ETag: "dbf365a92d3524bcbd37d83871442111"
Last-Modified: Fri, 01 Oct 2021 23:59:00 GMT
Server: AmazonS3
Via: 1.1 a914ae2afc6a4cecb4160376b03ff6a2.cloudfront.net (CloudFront)
X-Amz-Cf-Id: rQmgGK84RSbA3Gk6itQFHNuRy0Ht8yDltjRFCjoeUmx75ANfO64syg==
X-Amz-Cf-Pop: PHL51-P1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 183
content-type: text/html; charset=UTF-8
date: Fri, 17 Feb 2023 03:08:19 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/u4teo8f/2n0s21b/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/u4teo8f/wsdgs7d/ Frame D938
Redirect Chain

https://insight.adsrvr.org/tags/u4teo8f/wsdgs7d/iframe
https://d1eoo1tco6rr5e.cloudfront.net/u4teo8f/wsdgs7d/iframe

138 B
668 B

269ms
88ms

Document
text/html

18.238.6.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/u4teo8f/wsdgs7d/iframe
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/11677/code/1d05ad657839afea01b0672ad2548d04.js?conditionId0=4885788&conditionId1=4888444&conditionId2=4885797
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.6.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-6-145.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eee8a426db1395088674d225d0b8c3ac84fd485a503be879f609540c001f61d6

Request headers

Referer: https://www.kars4kids.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Age: 22418
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Thu, 16 Feb 2023 20:54:43 GMT
ETag: "e35863860cafca4280ded237cbf7f74d"
Last-Modified: Fri, 01 Oct 2021 23:59:00 GMT
Server: AmazonS3
Via: 1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront)
X-Amz-Cf-Id: kJZd3ons5R9rFO89kQ1F-EG7TMf8zy9lhHCNR1MpbKpkW7AQ5LBtEA==
X-Amz-Cf-Pop: PHL51-P1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 183
content-type: text/html; charset=UTF-8
date: Fri, 17 Feb 2023 03:08:19 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/u4teo8f/wsdgs7d/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/u4teo8f/wsdgs7d/ Frame D6C1
Redirect Chain

https://insight.adsrvr.org/tags/u4teo8f/wsdgs7d/iframe
https://d1eoo1tco6rr5e.cloudfront.net/u4teo8f/wsdgs7d/iframe

138 B
668 B

260ms
79ms

Document
text/html

18.238.6.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/u4teo8f/wsdgs7d/iframe
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/11677/code/1d05ad657839afea01b0672ad2548d04.js?conditionId0=4885788&conditionId1=4888444&conditionId2=4885797
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.6.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-6-145.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eee8a426db1395088674d225d0b8c3ac84fd485a503be879f609540c001f61d6

Request headers

Referer: https://www.kars4kids.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Age: 22418
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Thu, 16 Feb 2023 20:54:43 GMT
ETag: "e35863860cafca4280ded237cbf7f74d"
Last-Modified: Fri, 01 Oct 2021 23:59:00 GMT
Server: AmazonS3
Via: 1.1 a147f9c60c162e36df3586fdd9c01478.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Mn7Z0zJnnRsvzpm8sQ_MBvnmegseX_r_4d7_6B1FJbj2cavvPtgk1A==
X-Amz-Cf-Pop: PHL51-P1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 183
content-type: text/html; charset=UTF-8
date: Fri, 17 Feb 2023 03:08:19 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/u4teo8f/wsdgs7d/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame D6C1
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=u4teo8f&ct=0:wsdgs7d&fmt=3
https://dpm.demdex.net/ibs:dpid=903&dpuuid=e7c8a492-d6fb-40e4-871a-3514c327127c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=e7c8a492-d6fb-40e4-871a-3514c327127c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=e7c8a492-d6fb-40e4-871a-3514c327127c
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=e7c8a492-d6fb-40e4-871a-3514c327127c

0
337 B

24ms
24ms

Image
text/plain

54.175.60.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=e7c8a492-d6fb-40e4-871a-3514c327127c
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/u4teo8f/wsdgs7d/iframe
Protocol: H2
Server: 54.175.60.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-60-70.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-served-by: beacon-n007-ash-prod.krxd.net
date: Fri, 17 Feb 2023 03:08:20 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1676603300
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=e7c8a492-d6fb-40e4-871a-3514c327127c
date: Fri, 17 Feb 2023 03:08:20 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a003-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 7077
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=u4teo8f&ct=0:2n0s21b&fmt=3
https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=e7c8a492-d6fb-40e4-871a-3514c327127c
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=e7c8a492-d6fb-40e4-871a-3514c327127c

0
338 B

92ms
24ms

Image
text/plain

54.175.60.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=e7c8a492-d6fb-40e4-871a-3514c327127c
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/u4teo8f/2n0s21b/iframe
Protocol: H2
Server: 54.175.60.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-60-70.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-served-by: beacon-n035-ash-prod.krxd.net
date: Fri, 17 Feb 2023 03:08:20 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1676603300
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=e7c8a492-d6fb-40e4-871a-3514c327127c
date: Fri, 17 Feb 2023 03:08:20 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a010-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame D938
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=u4teo8f&ct=0:wsdgs7d&fmt=3
https://dpm.demdex.net/ibs:dpid=903&dpuuid=e7c8a492-d6fb-40e4-871a-3514c327127c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=e7c8a492-d6fb-40e4-871a-3514c327127c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=e7c8a492-d6fb-40e4-871a-3514c327127c
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=e7c8a492-d6fb-40e4-871a-3514c327127c

0
337 B

25ms
25ms

Image
text/plain

54.175.60.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=e7c8a492-d6fb-40e4-871a-3514c327127c
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/u4teo8f/wsdgs7d/iframe
Protocol: H2
Server: 54.175.60.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-60-70.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-served-by: beacon-n022-ash-prod.krxd.net
date: Fri, 17 Feb 2023 03:08:20 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1676603300
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=e7c8a492-d6fb-40e4-871a-3514c327127c
date: Fri, 17 Feb 2023 03:08:20 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a009-ash-prod.krxd.net

GET
H/1.1 200
OK vms.js Show response
vmss.boldchat.com/aid/7269614590058758866/bc.vms4/ 53 KB
18 KB 237ms
78ms Script
text/javascript 35.160.120.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vmss.boldchat.com/aid/7269614590058758866/bc.vms4/vms.js

Requested by

Host: www.kars4kids.org
URL: https://www.kars4kids.org/donationupdate/authenticate.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.160.120.77 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

b-app19-22.boldchat.com

Software

BoldChat/8004 /

Resource Hash

135fcc5bcf0b6968cf65f32cf73618eedee0af71b5ba8fe2c9fcdf8ea02d2c7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 03:08:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: BoldChat/8004
ETag: "4113927A177D567C16AD555F70DA7004"
Content-Type: text/javascript;charset=UTF-8
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM", policyref="http://my.boldchat.com/w3c/p3p.xml"
Origin-Agent-Cluster: ?0
Cache-Control: max-age=7200, public
Content-Length: 18147

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A4027DD572F54D4C90449F3701AEE774&RedC=c.clarity.ms&MXFR=01F6DD7860796ABA14CECFC3647964CF
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A4027DD572F54D4C90449F3701AEE774&MUID=28624D8C288E6BC82E885F3729B56A8E

42 B
466 B

32ms
31ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A4027DD572F54D4C90449F3701AEE774&MUID=28624D8C288E6BC82E885F3729B56A8E
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 03:08:20 GMT
last-modified: Thu, 16 Feb 2023 21:34:25 GMT
server: Microsoft-IIS/10.0
etag: "fd3efe704e42d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 17 Feb 2023 03:08:19 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 83A314192B2442659B5DC9E8AE052803 Ref B: YMQ01EDGE0816 Ref C: 2023-02-17T03:08:20Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A4027DD572F54D4C90449F3701AEE774&MUID=28624D8C288E6BC82E885F3729B56A8E
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 33ms
32ms XHR
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1586672106&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.kars4kids.org%2Fdonationupdate%2Fauthenticate.php&ul=en-us&de=UTF-8&dt=Kars4Kids%20Donor%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Site%20Speed&ea=https%3A%2F%2Fwww.kars4kids.org%2Fdonationupdate%2Fauthenticate.php&el=2.2&ev=2&_u=aCDAAEAjQAAAAGAAI~&jid=2077722069&gjid=934914202&cid=1179236914.1676603299&tid=UA-189491-1&_gid=1178745116.1676603299&_r=1&_slc=1&gtm=45He32f0n71WV5688&z=88861999

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kars4kids.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 03:08:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kars4kids.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 33ms
32ms XHR
text/plain 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-189491-1&cid=1179236914.1676603299&jid=2077722069&gjid=934914202&_gid=1178745116.1676603299&_u=aCDAAEAjQAAAAGAAI~&z=416972201

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kars4kids.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 17 Feb 2023 03:08:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kars4kids.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 38ms
37ms Image
image/gif 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-189491-1&cid=1179236914.1676603299&jid=2077722069&_u=aCDAAEAjQAAAAGAAI~&z=1216003534

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 03:08:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 39ms
37ms Image
image/gif 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-189491-1&cid=1179236914.1676603299&jid=2077722069&_u=aCDAAEAjQAAAAGAAI~&z=1216003534

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Feb 2023 03:08:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 36ms
35ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-d/s/0.7.2/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.kars4kids.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: https://www.kars4kids.org
date: Fri, 17 Feb 2023 03:08:20 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H/1.1 200
OK setup Show response
vms.boldchat.com/aid/7269614590058758866/api/v1/extendedvisitorinfo/ 24 B
260 B 278ms
90ms XHR
application/json 35.82.204.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vms.boldchat.com/aid/7269614590058758866/api/v1/extendedvisitorinfo/setup

Requested by

Host: vmss.boldchat.com
URL: https://vmss.boldchat.com/aid/7269614590058758866/bc.vms4/vms.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.82.204.234 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

b-app19-19.boldchat.com

Software

BoldChat/8004 /

Resource Hash

ab23e5ef2389cf1539e1ad4dc3ff1cbd09a452482157ee899fd27f83239d9360

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Origin-Agent-Cluster: ?0
Date: Fri, 17 Feb 2023 03:08:20 GMT
X-Content-Type-Options: nosniff
Server: BoldChat/8004
Content-Length: 24
Content-Type: application/json;charset=UTF-8

GET
H2 200 visitor-token Show response
visitor-services.boldchat.com/visitor-token-service/ 38 B
374 B 287ms
82ms XHR
application/json 54.71.0.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-services.boldchat.com/visitor-token-service/visitor-token
Requested by: Host: vmss.boldchat.com
URL: https://vmss.boldchat.com/aid/7269614590058758866/bc.vms4/vms.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.71.0.111 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-0-111.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 04b6417f4804b54922638e0ed4939618aafe9f7eb9927edac0fdb432fcb3d0e1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time: 0.126899ms
date: Fri, 17 Feb 2023 03:08:21 GMT
x-correlation-id: 9c084e51-d63d-4bd8-b164-d0dcd4974a18
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kars4kids.org
access-control-allow-credentials: true
content-length: 38

GET
H/1.1 200
OK bc.pv Show response
vms.boldchat.com/aid/7269614590058758866/ 2 KB
3 KB 262ms
88ms Script
text/javascript 35.82.204.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vms.boldchat.com/aid/7269614590058758866/bc.pv?script=true&securevm=true&&blur=false&vm=true&poll=65000&swidth=1600&sheight=1200&sdpi=96&url=https%3A%2F%2Fwww.kars4kids.org%2Fdonationupdate%2Fauthenticate.php&wdid=3820364417509662955&1676603301066&tabIdentifier=8338976862576929794&clientScheme=https&visitorTrackingAllowed=true&visitorToken=7032183931890995201&_bcvm_vrid_=true&_bcvm_vid_combined=1676603301069Sundefined&_bcvm_vrid_combined=1676603301069Sundefined&&hasbutton=false&fcbdid=7199863719364272966&tcwdid=0.9712551644635103,1907772376219941660,2266347201870468025,

Requested by

Host: vmss.boldchat.com
URL: https://vmss.boldchat.com/aid/7269614590058758866/bc.vms4/vms.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.82.204.234 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

b-app19-19.boldchat.com

Software

BoldChat/8004 /

Resource Hash

d3f4ce5f8df38c97458228f4ceff738eb2c507a85e3a612fdd6e5c7b5a8611e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 03:08:20 GMT
X-Content-Type-Options: nosniff
Server: BoldChat/8004
Transfer-Encoding: chunked
X-Boldcenter-PageViewID: 7200356519119364731
Content-Type: text/javascript;charset=UTF-8
P3P: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM", policyref="http://my.boldchat.com/w3c/p3p.xml"
Origin-Agent-Cluster: ?0
X-Boldcenter-VisitID: 7200356519417178188

GET
H2 200 chat-pink.png
www.kars4kids.org/img/ 2 KB
2 KB 26ms
25ms Image
image/png 3.212.242.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kars4kids.org/img/chat-pink.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.242.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-242-174.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: b48d204a02a02d8f104a7bca9abed1bf977e505d2b28dc0e2ebaae96d4277fce

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.kars4kids.org/donationupdate/authenticate.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 03:08:21 GMT
last-modified: Fri, 17 Feb 2023 01:58:22 GMT
server: nginx/1.20.0
etag: "63eedf3e-7fe"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2046
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 36ms
35ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-d/s/0.7.2/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.kars4kids.org/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: https://www.kars4kids.org
date: Fri, 17 Feb 2023 03:08:22 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.kars4kids.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2ilk3i4vfj6j5rbqu53c78fibe
www.kars4kids.org/	1970-01-20 18:28:59	Name: curUrl Value: www.kars4kids.org%2Fdonationupdate%2Ftaxid.php%3Frecord%3D2716608%26zipcode%3D91001
www.kars4kids.org/	1970-01-20 11:52:59	Name: source1 Value: 02170308181505
.kars4kids.org/	1970-01-20 11:52:59	Name: _gcl_au Value: 1.1.1520763839.1676603299
.trkn.us/	1970-01-20 18:28:59	Name: barometric[cuid] Value: cuid_a523216b-ff8b-4e3f-9015-ee2e3b3bee23
.kars4kids.org/	1970-01-20 19:19:23	Name: _ga_XLXQZC7EV3 Value: GS1.1.1676603299.1.0.1676603299.60.0.0
www.clarity.ms/	1970-01-20 18:28:59	Name: CLID Value: 4acc84353a934931a3d079c5367847a6.20230217.20240217
.kars4kids.org/	1970-01-20 09:44:49	Name: _uetsid Value: 544cef30ae7011ed8e078d35cafbac08
.kars4kids.org/	1970-01-20 19:04:59	Name: _uetvid Value: 544eb630ae7011edb76b89246de309c7
www.kars4kids.org/	1970-01-20 19:19:23	Name: _tq_id.TV-09813672-1.3265 Value: f4c8a9656d53f41e.1676603299.0.1676603299..
www.kars4kids.org/	1970-01-20 18:28:59	Name: timezone Value: 0
www.kars4kids.org/	1970-01-20 18:28:59	Name: timeZoneSet Value: EST
.kars4kids.org/	1970-01-20 19:19:23	Name: _ga Value: GA1.2.1179236914.1676603299
.kars4kids.org/	1970-01-20 09:44:49	Name: _gid Value: GA1.2.1178745116.1676603299
.bing.com/	1970-01-20 19:04:59	Name: MUID Value: 28624D8C288E6BC82E885F3729B56A8E
.bat.bing.com/	1970-01-20 09:53:28	Name: MR Value: 0
.kars4kids.org/	1970-01-20 18:28:59	Name: _clck Value: 1hhgzp9\|1\|f97\|0
.doubleclick.net/	1970-01-20 19:19:23	Name: IDE Value: AHWqTUk0UWpYLz_qR5y1oeWqHWXPx8LmEciNe7QtluYOzs3qyni4Bl7j1WsSmcwP
.kars4kids.org/	1970-01-20 09:43:23	Name: _dc_gtm_UA-189491-1 Value: 1
.kars4kids.org/	1970-01-20 09:43:23	Name: _dc_gtm_UA-189491-17 Value: 1
.kars4kids.org/	1970-01-20 09:44:49	Name: _clsk Value: 1wb9gin\|1676603299544\|1\|1\|j.clarity.ms/collect
.kars4kids.org/	1970-01-20 19:19:23	Name: invoca_session Value: %7B%22ttl%22%3A%222023-02-18T03%3A08%3A19.787Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%7D%7D
.bluekai.com/	1970-01-20 14:04:01	Name: bku Value: mf699vwFfZBWcYLT
.bluekai.com/	1970-01-20 14:04:01	Name: bkpa Value: KJ01pLtvQp9x9mY7sVdHBEmqh/1LV0HxKFRLjeJQ3cIRUmpEadGWFUIcgXZouWmmYw2ufOtc/vTBuGLPHDaIPszzvRwVriTRxF+qnVkBoVIgDt/bIfZD/ywIQdSQwKKS8lNdnPnpFGntI5GR6OXo9QbQSqG2o7sXebOBwwvN1K9x739B4XxlQ4z9+fR6ay==
.adsrvr.org/	1970-01-20 18:28:59	Name: TDID Value: e7c8a492-d6fb-40e4-871a-3514c327127c
.choozle.com/	1970-01-20 10:26:35	Name: chzdpsync Value: eyJjaG9vemxlQ29va2llSWQiOiI4Y2JiZTgxYi0yZTdlLTRiZTAtOTY4NC02Mzc3ODliNjQzNzUiLCJwcm92aWRlckNvb2tpZU1ldGEiOnsiT1JBQ0xFIjp7InByb3ZpZGVyIjoiT1JBQ0xFIiwicHJvdmlkZXJDb29raWVJZCI6IiRfQktfVVVJRCIsInByb3ZpZGVyUmVkaXJlY3RSZXF1ZXN0ZWQiOmZhbHNlLCJwcm92aWRlclJlZGlyZWN0U2VudCI6ZmFsc2V9LCJUVEQiOnsicHJvdmlkZXIiOiJUVEQiLCJwcm92aWRlckNvb2tpZUlkIjoiZTdjOGE0OTItZDZmYi00MGU0LTg3MWEtMzUxNGMzMjcxMjdjIiwicHJvdmlkZXJSZWRpcmVjdFJlcXVlc3RlZCI6ZmFsc2UsInByb3ZpZGVyUmVkaXJlY3RTZW50IjpmYWxzZX19LCJ2ZXJpZmllZCI6dHJ1ZSwic3BlY2lmaWNQcm92aWRlcnMiOltdfQ==
.rlcdn.com/	1970-01-20 18:28:59	Name: rlas3 Value: VZdacPg8NvtfwZWs1UcOYc4v78ZjNvAon7POFw0WKxw=
.rlcdn.com/	1970-01-20 11:09:47	Name: pxrc Value: CKTfu58GEgUI6AcQABIGCLjrARAA
.dpm.demdex.net/	1970-01-20 14:02:35	Name: dpm Value: 29644188698243410271427278445757667448
.demdex.net/	1970-01-20 14:02:35	Name: demdex Value: 29644188698243410271427278445757667448
.openx.net/	1970-01-20 18:28:59	Name: i Value: 88d022e3-ca42-4ddd-9389-48d1d117abc2\|1676603300
.adsrvr.org/	1970-01-20 18:28:59	Name: TDCPM Value: CAESEgoDYWFtEgsIjNrKto71vDsQBRITCgRrcnV4EgsI3rb9t471vDsQBRgFIAEoATILCIzSo8Pep8g7EAU4AUIEIgIIAVoHdTR0ZW84ZmABcgRrcnV4
.krxd.net/	1970-01-20 14:02:35	Name: _kuid_ Value: PYll7_oT
.kars4kids.org/	1970-01-20 09:43:23	Name: _gat_UA-189491-1 Value: 1
.c.bing.com/	1970-01-20 09:53:28	Name: MR Value: 0
.c.bing.com/	1970-01-20 19:04:59	Name: SRM_B Value: 28624D8C288E6BC82E885F3729B56A8E
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 19:04:59	Name: MUID Value: 28624D8C288E6BC82E885F3729B56A8E
.c.clarity.ms/	1970-01-20 09:53:28	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 09:43:23	Name: ANONCHK Value: 0
.boldchat.com/	1970-01-20 19:19:23	Name: bc.visitor_token Value: 7032183931890995201
.boldchat.com/	1970-01-20 18:28:59	Name: bc-visitor-id Value: 3820364417509662955=7200356518970826695T424AB9FC5E7D27B7C0F5C9F38C8C740E4F3E7383AF0290A04A1A2199203560BF190AACB5488A7CE67D880FC987D9199140EA96967971CEA641C2B075667BCCD0
.boldchat.com/	1969-12-31 23:59:59	Name: bc-visit-id Value: 3820364417509662955=7200356519417178188T9E37AE5B9E8A385423403ED6DA1D64E71E92A6507E70CDDCF114B7F9F2B3BCD4AEC17490A155DB50E2AA0E2038A9EFA0A2264CC8EABCEB7112F5D4CB3819425F
.kars4kids.org/	1969-12-31 23:59:59	Name: _bcvm_vid_3820364417509662955 Value: 7200356519417178188T9E37AE5B9E8A385423403ED6DA1D64E71E92A6507E70CDDCF114B7F9F2B3BCD4AEC17490A155DB50E2AA0E2038A9EFA0A2264CC8EABCEB7112F5D4CB3819425F
.kars4kids.org/	1970-01-20 18:28:59	Name: _bcvm_vrid_3820364417509662955 Value: 7200356518970826695T424AB9FC5E7D27B7C0F5C9F38C8C740E4F3E7383AF0290A04A1A2199203560BF190AACB5488A7CE67D880FC987D9199140EA96967971CEA641C2B075667BCCD0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.kars4kids.org/donationupdate/authenticate.php(Line 449) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cbi.boldchat.com/aid/7269614590058758866/bc.cbhs, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.kars4kids.org/donationupdate/authenticate.php(Line 449) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cbi.boldchat.com/aid/7269614590058758866/bc.cbhs, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bat.bing.com
beacon.krxd.net
c.bing.com
c.clarity.ms
cbi.boldchat.com
cdn.schemaapp.com
code.jquery.com
collector-9162.us.tvsquared.com
cs.choozle.com
d1eoo1tco6rr5e.cloudfront.net
data.adxcel-ec2.com
data.schemaapp.com
dpm.demdex.net
googleads.g.doubleclick.net
idsync.rlcdn.com
insight.adsrvr.org
j.clarity.ms
match.adsrvr.org
maxcdn.bootstrapcdn.com
nexus.ensighten.com
solutions.invocacdn.com
stats.g.doubleclick.net
tags.bluekai.com
trk.cp20.com
trkn.us
us-u.openx.net
usermatch.krxd.net
visitor-services.boldchat.com
vms.boldchat.com
vmss.boldchat.com
www.clarity.ms
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.kars4kids.org
13.224.214.56
15.197.193.217
173.223.57.84
18.235.176.187
18.238.4.100
18.238.6.145
20.110.205.119
20.85.30.134
2001:4860:4802:36::181
2001:4de0:ac18::1:a:1a
2600:9000:25c8:7200:1f:d9e6:d540:93a1
2600:9000:25c8:7600:a:6e64:b280:93a1
2606:4700::6812:acf
2607:f8b0:4004:c08::9d
2607:f8b0:4006:80b::2002
2607:f8b0:4006:816::2008
2607:f8b0:4006:81e::2004
2607:f8b0:4006:822::200e
2607:f8b0:4006:823::2003
2620:1ec:48:1::41
2620:1ec:c11::200
3.133.20.67
3.212.242.174
3.212.38.84
3.230.17.182
3.97.124.126
35.160.120.77
35.190.60.146
35.244.159.8
35.82.204.234
44.196.64.38
52.24.130.127
54.175.60.70
54.71.0.111
54.85.119.1
04b6417f4804b54922638e0ed4939618aafe9f7eb9927edac0fdb432fcb3d0e1
0dd0d330386d8f99f3a4d1eec8d4cc30c3e8ad81e0025b9c768d1ab63fe9443f
135fcc5bcf0b6968cf65f32cf73618eedee0af71b5ba8fe2c9fcdf8ea02d2c7c
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
1fba8d25ed2ad21eeda6af0a4f4087ad938764ca7ce21b947650cdad92993135
2e3c35347b4cd551072a655e32faccfcb68393c965a670dc02412f02b7f78ada
38e1c91596ea415f141951c9a936c4033c1106a27e4cbc7f850c03109f720a51
393d1271842c9d55cb330c499e7a4fcd3a807683b1926c0b30ab0923abae9852
402d1df196266443a01ce34f372827e00d05cfd698d22521140c0b89cba2d30e
40fc54c966e05da72e7438c2759ce565634dedb3e4eb0c343f988ca7b166fcbe
451e4d14516e9ad50cc16993f82a6b2f665911f3b189c4b03fc9261a75a34dae
4b5b6c6a27ecf8d3a99137a4c7f66b60a3c50a6efc1b874cc54d4a9f3e3be2b1
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d78bede1da2b99a35c4b17b07892f416a049d96c5d8e7770c41d8d16a0d0a37
60638dc0677d82bde9ade67f1db0c3db55c7de7328b9d48877bfe8b2b6e1460a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
7c4d8871002dac9a5fb759f41148e90ac572f1eae2c07d49e8f3e7ca0df1f5d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
9094705405616a0ea7ee7567c8a562b4f179c7572c6d91ae9543a37c57686e8a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
99b523edd72385876c466fc061393829b08dec3aa544963373b22a08fb97784f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
ab23e5ef2389cf1539e1ad4dc3ff1cbd09a452482157ee899fd27f83239d9360
ae30c673ae3f3e0a1f1fbf859641c2c0b8859332208a6f7d70426e90c108f64c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b48d204a02a02d8f104a7bca9abed1bf977e505d2b28dc0e2ebaae96d4277fce
b988a7a885326d1d5428f2c47d28d06e5d18170b2edc322220684de541e6a50f
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
ca2d01f15b518a030e6affb1368114dcae8ac1bf6bfe15009b3c70640ab5820a
cb3f55c35ed481b4cfd48f30e32403fedfaea727c945cc11381935c590f656d9
cfe6b3f2587a9ea5f31db67a0a0fb19a8279d43e35a04332678b7749eb041ad0
cff5c35de5c3b53de5b24cb2aee3113239a7e1fe0bdd7ba37afa4726f9cc6938
d3f4ce5f8df38c97458228f4ceff738eb2c507a85e3a612fdd6e5c7b5a8611e6
da674f4749f572756faac101c0a74b028f4ea45518440a5007a6da7306d16758
e365925ffa59788371bc019050d38bf183a3b78adebb9597b8cd072e0ae99cf1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eae71d535ec126c1d2dda869e864260bcc8cbe7e3809293fbadae02f9254fd47
ec4c752c663ce0b765e9de7eca36dc91955d8f7236beae21abb24331d8578ab8
eee8a426db1395088674d225d0b8c3ac84fd485a503be879f609540c001f61d6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

www.kars4kids.org Open in urlscan Pro 3.212.242.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

92 %HTTPS

37 %IPv6

26 Domains

37 Subdomains

28 IPs

3 Countries

882 kBTransfer

1645 kBSize

45 Cookies

14 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.kars4kids.org Open in urlscan Pro
3.212.242.174 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

92 %
HTTPS

37 %
IPv6

26
Domains

37
Subdomains

28
IPs

3
Countries

882 kB
Transfer

1645 kB
Size

45
Cookies

76 HTTP transactions
0 data transactions