www.givetochildrens.org Open in urlscan Pro
205.139.102.27 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.givetochildrens.org/
Submission: On October 17 via api (October 17th 2022, 7:10:11 pm UTC) from US — Scanned from DE

Summary HTTP 130 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 26 domains to perform 130 HTTP transactions. The main IP is 205.139.102.27, located in United States and belongs to BLACKBAUD-ASN, US. The main domain is www.givetochildrens.org.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on July 8th 2022. Valid for: a year.

This is the only time www.givetochildrens.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	205.139.102.27 205.139.102.27	15148 (BLACKBAUD...) (BLACKBAUD-ASN)
4	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 1	205.139.108.232 205.139.108.232	15148 (BLACKBAUD...) (BLACKBAUD-ASN)
4	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	54.236.134.1 54.236.134.1	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
3 6	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	44.241.10.203 44.241.10.203	16509 (AMAZON-02) (AMAZON-02)
1	178.79.242.181 178.79.242.181	22822 (LLNW) (LLNW)
1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:c800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2600:9000:225... 2600:9000:2251:ec00:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	151.101.14.109 151.101.14.109	54113 (FASTLY) (FASTLY)
2	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.196.212.55 18.196.212.55	16509 (AMAZON-02) (AMAZON-02)
2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
2	54.244.159.189 54.244.159.189	16509 (AMAZON-02) (AMAZON-02)
1	44.238.130.186 44.238.130.186	16509 (AMAZON-02) (AMAZON-02)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
130	36

40 205.139.102.27 (United States)

ASN15148 (BLACKBAUD-ASN, US)

www.givetochildrens.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.139.108.232 (United States) 1 redirects

ASN15148 (BLACKBAUD-ASN, US)

698.thankyou4caring.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.159.128.61 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.236.134.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-134-1.compute-1.amazonaws.com

a.adtpix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.198 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

8065742.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4500927.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4498545.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.241.10.203 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-10-203.us-west-2.compute.amazonaws.com

dx.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.181 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:c800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.249 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2251:ec00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.212.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-212-55.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.244.159.189 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-159-189.us-west-2.compute.amazonaws.com

px.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.130.186 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-130-186.us-west-2.compute.amazonaws.com

ww.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	givetochildrens.org www.givetochildrens.org	2 MB
13	google.com 1 redirects cse.google.com — Cisco Umbrella Rank: 2749 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 421 adservice.google.com — Cisco Umbrella Rank: 78	169 KB
11	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 8065742.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84 4500927.fls.doubleclick.net 4498545.fls.doubleclick.net — Cisco Umbrella Rank: 667935	6 KB
8	vimeocdn.com i.vimeocdn.com — Cisco Umbrella Rank: 2906 f.vimeocdn.com — Cisco Umbrella Rank: 3079 fresnel.vimeocdn.com — Cisco Umbrella Rank: 2916	252 KB
7	sharethis.com ws.sharethis.com — Cisco Umbrella Rank: 8587 l.sharethis.com — Cisco Umbrella Rank: 4781	90 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	282 B
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	367 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6045	740 B
4	steelhousemedia.com dx.steelhousemedia.com — Cisco Umbrella Rank: 9569 px.steelhousemedia.com — Cisco Umbrella Rank: 7049 ww.steelhousemedia.com — Cisco Umbrella Rank: 19090	8 KB
4	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 278 region1.google-analytics.com — Cisco Umbrella Rank: 2668	18 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	245 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131	50 KB
4	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1781 vimeo.com — Cisco Umbrella Rank: 1671	25 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 ajax.googleapis.com — Cisco Umbrella Rank: 306	282 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 720 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2328	108 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356 insight.adsrvr.org — Cisco Umbrella Rank: 632	526 B
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3534	267 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	2 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 948 pixel.quantserve.com — Cisco Umbrella Rank: 516	10 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 876	663 B
1	gstatic.com fonts.gstatic.com	31 KB
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 9732	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	10 KB
1	adtpix.com a.adtpix.com — Cisco Umbrella Rank: 132743	846 B
1	thankyou4caring.org 1 redirects 698.thankyou4caring.org	467 B
0	Failed function sub() { [native code] }. Failed
130	26

	Domain	Requested by
40	www.givetochildrens.org	www.givetochildrens.org
7	www.google.com	1 redirects cse.google.com www.givetochildrens.org
6	www.facebook.com	www.givetochildrens.org
6	connect.facebook.net	www.givetochildrens.org connect.facebook.net
5	ws.sharethis.com	www.givetochildrens.org ws.sharethis.com
4	www.google.de	www.givetochildrens.org 8065742.fls.doubleclick.net
4	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com www.googleadservices.com
4	www.googletagmanager.com	www.givetochildrens.org www.googletagmanager.com
4	www.googleadservices.com	www.givetochildrens.org www.googletagmanager.com 8065742.fls.doubleclick.net www.googleadservices.com
3	f.vimeocdn.com	player.vimeo.com
3	i.vimeocdn.com	player.vimeo.com
3	adservice.google.com	8065742.fls.doubleclick.net 4500927.fls.doubleclick.net 4498545.fls.doubleclick.net
3	player.vimeo.com	www.givetochildrens.org
3	maxcdn.bootstrapcdn.com	www.givetochildrens.org maxcdn.bootstrapcdn.com
2	px.steelhousemedia.com	dx.steelhousemedia.com www.givetochildrens.org
2	pixel.sitescout.com	www.givetochildrens.org
2	l.sharethis.com	ws.sharethis.com www.givetochildrens.org
2	fresnel.vimeocdn.com	f.vimeocdn.com
2	4498545.fls.doubleclick.net	1 redirects a.adtpix.com
2	ib.adnxs.com	1 redirects www.givetochildrens.org
2	4500927.fls.doubleclick.net	1 redirects www.givetochildrens.org
2	region1.google-analytics.com	www.googletagmanager.com
2	8065742.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	ssl.google-analytics.com	1 redirects www.givetochildrens.org
2	cse.google.com	www.givetochildrens.org www.google.com
2	ajax.googleapis.com	www.givetochildrens.org
2	fonts.googleapis.com	www.givetochildrens.org
1	insight.adsrvr.org	www.givetochildrens.org
1	match.adsrvr.org	www.givetochildrens.org
1	ww.steelhousemedia.com	www.givetochildrens.org
1	vimeo.com	f.vimeocdn.com
1	pixel.quantserve.com	www.givetochildrens.org
1	clients1.google.com	www.givetochildrens.org
1	rules.quantcount.com	secure.quantserve.com
1	fonts.gstatic.com	fonts.googleapis.com
1	stats.g.doubleclick.net	www.givetochildrens.org
1	up.pixel.ad	www.googletagmanager.com
1	dx.steelhousemedia.com	www.givetochildrens.org
1	secure.quantserve.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	www.givetochildrens.org
1	a.adtpix.com	www.givetochildrens.org
1	698.thankyou4caring.org	1 redirects
1	stackpath.bootstrapcdn.com	www.givetochildrens.org
0	35.160.46.251 Failed	dx.steelhousemedia.com
130	44

This site contains links to these domains. Also see Links.

Domain
chpflegacy.org
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
instagram.com
www.chp.edu
health.usnews.com
cfcgiving.opm.gov

Subject Issuer	Validity	Valid
www.givetochildrens.org GeoTrust TLS RSA CA G1	`2022-07-08` - `2023-08-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
a.adtpix.com Amazon	`2022-02-27` - `2023-03-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-27` - `2022-10-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.steelhousemedia.com Go Daddy Secure Certificate Authority - G2	`2022-05-17` - `2023-06-18`	a year	crt.sh
*.pixel.ad GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-26` - `2023-02-02`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sharethis.com Amazon	`2022-06-19` - `2023-07-18`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-17` - `2023-06-18`	a year	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2022-09-21` - `2023-09-20`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2022-09-30` - `2022-12-29`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.givetochildrens.org/
Frame ID: 58E4ADB5B7E0FD9C0144539F1114A790
Requests: 108 HTTP requests in this frame

Frame: https://8065742.fls.doubleclick.net/activityi;dc_pre=CJ2q7cj75_oCFY6CUAYdXJQKvA;src=8065742;type=chpfo000;cat=engag00;ord=5676908304436;gtm=2wgaa0;auiddc=1063394424.1666033804;~oref=https%3A%2F%2Fwww.givetochildrens.org%2F
Frame ID: DC806E8DEEA69F208047CA9321AC04EE
Requests: 5 HTTP requests in this frame

Frame: https://player.vimeo.com/video/759126794?h=aa6c2f6043&badge=0&autopause=0&player_id=0&app_id=58479
Frame ID: BBE3969EB351825CF966B99502C835F0
Requests: 10 HTTP requests in this frame

Frame: https://4500927.fls.doubleclick.net/activityi;dc_pre=CIKP9Mj75_oCFc6r7QodSDoK1g;src=4500927;type=invmedia;cat=sugikrjg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5457848273399.068
Frame ID: 1FE376533B10057A7A8D0521E956CAAE
Requests: 2 HTTP requests in this frame

Frame: https://4498545.fls.doubleclick.net/activityi;dc_pre=CJSJ-8j75_oCFeq_7Qod2vYKlw;src=4498545;type=invmedia;cat=foa82qc1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5929684720120.685
Frame ID: 4F5D5F163A1AB2DAF05A2372D85AA93D
Requests: 2 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: A37F6ADA0936F58369555A6C739B2C61
Requests: 1 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure/index.html
Frame ID: 9B4F9939BD7DB9B245309EF3E63DBB2E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - UPMC Children's Hospital Foundation searchsearch

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

130
Requests

96 %
HTTPS

56 %
IPv6

26
Domains

44
Subdomains

36
IPs

5
Countries

4136 kB
Transfer

7857 kB
Size

23
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://chpflegacy.org/
Title: Planned Giving

Search URL Search Domain Scan URL

URL: http://www.facebook.com/ChildrensPgh

Search URL Search Domain Scan URL

URL: http://twitter.com/ChildrensPgh

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/givetochildrens/

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/childrenshospgh

Search URL Search Domain Scan URL

URL: http://instagram.com/childrenspgh

Search URL Search Domain Scan URL

URL: https://www.chp.edu/
Title: UPMC Children's Hospital of Pittsburgh

Search URL Search Domain Scan URL

URL: https://www.chp.edu/about/awards-and-recognition/us-news

Search URL Search Domain Scan URL

URL: https://health.usnews.com/best-hospitals/area/pa/childrens-hospital-of-pittsburgh-of-upmc-6232430#rankings%20

Search URL Search Domain Scan URL

URL: http://cfcgiving.opm.gov/welcome
Title: Combined Federal Campaign

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://698.thankyou4caring.org/view.image?Id=6899 HTTP 301
https://www.givetochildrens.org/view.image?id=6899

Request Chain 55

https://8065742.fls.doubleclick.net/activityi;src=8065742;type=chpfo000;cat=engag00;ord=5676908304436;gtm=2wgaa0;auiddc=1063394424.1666033804;~oref=https%3A%2F%2Fwww.givetochildrens.org%2F HTTP 302
https://8065742.fls.doubleclick.net/activityi;dc_pre=CJ2q7cj75_oCFY6CUAYdXJQKvA;src=8065742;type=chpfo000;cat=engag00;ord=5676908304436;gtm=2wgaa0;auiddc=1063394424.1666033804;~oref=https%3A%2F%2Fwww.givetochildrens.org%2F

Request Chain 61

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=741906358&utmhn=www.givetochildrens.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Home%20-%20UPMC%20Children%27s%20Hospital%20Foundation&utmhid=873221114&utmr=-&utmp=%2F&utmht=1666033804487&utmac=UA-32995178-1&utmcc=__utma%3D267122200.2036448878.1666033804.1666033804.1666033804.1%3B%2B__utmz%3D267122200.1666033804.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1120729882&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32995178-1&cid=2036448878.1666033804&jid=1120729882&_v=5.7.2&z=741906358

Request Chain 75

https://4500927.fls.doubleclick.net/activityi;src=4500927;type=invmedia;cat=sugikrjg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5457848273399.068 HTTP 302
https://4500927.fls.doubleclick.net/activityi;dc_pre=CIKP9Mj75_oCFc6r7QodSDoK1g;src=4500927;type=invmedia;cat=sugikrjg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5457848273399.068

Request Chain 79

https://ib.adnxs.com/seg?add=4551033&t=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D4551033%26t%3D1

Request Chain 80

https://4498545.fls.doubleclick.net/activityi;src=4498545;type=invmedia;cat=foa82qc1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5929684720120.685 HTTP 302
https://4498545.fls.doubleclick.net/activityi;dc_pre=CJSJ-8j75_oCFeq_7Qod2vYKlw;src=4498545;type=invmedia;cat=foa82qc1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5929684720120.685

Request Chain 101

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/846256904/?random=1230256065&cv=9&fst=1666033804933&num=1&npa=1&label=-GViCJ_9xOUDEIi2w5MD&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8065742.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJ2q7cj75_oCFY6CUAYdXJQKvA%3Bsrc%3D8065742%3Btype%3Dchpfo000%3Bcat%3Dengag00%3Bord%3D5676908304436%3Bgtm%3D2wgaa0%3Bauiddc%3D1063394424.1666033804%3B~oref%3Dhttps%253A%252F%252Fwww.givetochildrens.org%252F%3F&ref=https%3A%2F%2Fwww.givetochildrens.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=jKhNY-aVOrGG9fgPrPqq0AU&sscte=1&crd=CJqqsQI HTTP 302
https://www.google.com/pagead/1p-conversion/846256904/?random=1230256065&cv=9&fst=1666033804933&num=1&npa=1&label=-GViCJ_9xOUDEIi2w5MD&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8065742.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJ2q7cj75_oCFY6CUAYdXJQKvA%3Bsrc%3D8065742%3Btype%3Dchpfo000%3Bcat%3Dengag00%3Bord%3D5676908304436%3Bgtm%3D2wgaa0%3Bauiddc%3D1063394424.1666033804%3B~oref%3Dhttps%253A%252F%252Fwww.givetochildrens.org%252F%3F&ref=https%3A%2F%2Fwww.givetochildrens.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=jKhNY-aVOrGG9fgPrPqq0AU&cid=CAQSKQDq26N9l_bQOSDVwDeKX7HD59TkwyWRBdrrWJJvXKst7EvV3yrg_9QkIBM&random=2068867799&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/846256904/?random=1230256065&cv=9&fst=1666033804933&num=1&npa=1&label=-GViCJ_9xOUDEIi2w5MD&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8065742.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJ2q7cj75_oCFY6CUAYdXJQKvA%3Bsrc%3D8065742%3Btype%3Dchpfo000%3Bcat%3Dengag00%3Bord%3D5676908304436%3Bgtm%3D2wgaa0%3Bauiddc%3D1063394424.1666033804%3B~oref%3Dhttps%253A%252F%252Fwww.givetochildrens.org%252F%3F&ref=https%3A%2F%2Fwww.givetochildrens.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=jKhNY-aVOrGG9fgPrPqq0AU&cid=CAQSKQDq26N9l_bQOSDVwDeKX7HD59TkwyWRBdrrWJJvXKst7EvV3yrg_9QkIBM&random=2068867799&resp=GooglemKTybQhCsO&ipr=y&prhg=0

130 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.givetochildrens.org/ 83 KB
27 KB 467ms
212ms Document
text/html 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

b3b3c504b58e74e14cc0760c3e46e09f2c27ece770cac389d87759113791f9bf

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Length: 26282
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Type: text/html; charset=utf-8
Date: Mon, 17 Oct 2022 19:10:03 GMT
Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=31536000;
Vary: Accept-Encoding
X-UA-Compatible: IE=edge
X-XSS-Protection: 1; mode=block
x-frame-options: SAMEORIGIN

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 187ms
90ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 723
age: 23259476
cdn-cachedat: 11/15/2021 21:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 8b677d48aa464c28c0815c97adbbe174
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75bb55089a439b40-FRA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK skyless.css
www.givetochildrens.org/client/styles/sky/ 5 KB
2 KB 241ms
126ms Stylesheet
text/css 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.givetochildrens.org/client/styles/sky/skyless.css

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

cc8cb7044ee6124b69c62abe30940e8495f274144c18bf3caf0b52d6ff187560

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 15 Aug 2022 19:49:59 GMT
Date: Mon, 17 Oct 2022 19:10:03 GMT
Vary: Accept-Encoding
x-frame-options: SAMEORIGIN
Content-Type: text/css
Cache-Control: private
Content-Length: 1413
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK stylesheet0.636261109695300000.css
www.givetochildrens.org/ 71 KB
18 KB 371ms
127ms Stylesheet
text/css 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.givetochildrens.org/stylesheet0.636261109695300000.css?id=0&iuqt=1

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

b59fb33e2b672e232c6a16ad8e236d3c61c0e6be5df668aacb08bb5139ab36ee

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
Last-Modified: Sun, 26 Mar 2017 07:42:49 GMT
Date: Mon, 17 Oct 2022 19:10:03 GMT
Vary: Accept-Encoding
x-frame-options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Cache-Control: private
Content-Length: 17844
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK stylesheet24.637896032062370000.css
www.givetochildrens.org/ 188 KB
51 KB 388ms
145ms Stylesheet
text/css 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.givetochildrens.org/stylesheet24.637896032062370000.css?id=24&nodefaults=1&iuqt=1

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

d7a3615c151001af8db9002b3ac6f6acb279763c1313dbba4555fe7416e61b44

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 31 May 2022 14:13:26 GMT
Date: Mon, 17 Oct 2022 19:10:03 GMT
Vary: Accept-Encoding
x-frame-options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Cache-Control: private
Content-Length: 52198
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK IE8Menu.css
www.givetochildrens.org/Client/Styles/ 199 B
686 B 375ms
132ms Stylesheet
text/css 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.givetochildrens.org/Client/Styles/IE8Menu.css?&iuqt=1

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

bf696d28fbcc4dbbf3e0cefce9f13124e04e8c4ad180dacd9dca21d15e9bc512

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 15 Aug 2022 19:49:57 GMT
Date: Mon, 17 Oct 2022 19:10:03 GMT
Vary: Accept-Encoding
x-frame-options: SAMEORIGIN
Content-Type: text/css
Cache-Control: private
Content-Length: 279
X-XSS-Protection: 1; mode=block

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/ 28 KB
7 KB 199ms
104ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a87d4a4d40583c35087e6af0246f7e54156def5837f14ef2551d89fb9c1330fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 755
age: 22936488
cdn-cachedat: 11/06/2021 15:50:09
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0efbdf4c2e52f6c1342d5b3eaff192f9
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75bb55089a4a9b40-FRA
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 144ms
48ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,400,600,700,300|Open+Sans+Condensed:700

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f8d9180f9800e115adc535130d1593849ebb4ca5173a7d62d202d1df8055d52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Oct 2022 19:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 19:10:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Oct 2022 19:10:03 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/ 157 KB
25 KB 161ms
65ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.givetochildrens.org/
Origin: https://www.givetochildrens.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 874
cdn-cachedat: 10/04/2022 16:29:47
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"816af0eddd3b4822c2756227c7e7b7ee"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e70506c361de2071cbb725318df2042c
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75bb550898ce9b86-FRA
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
665 B 145ms
50ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;700&display=swap

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca4562cee5bd64b4f6d54c824c3a7e3b8ca7dfd655a1fe0b49c9e9afd8619206

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Oct 2022 19:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 18:59:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Oct 2022 19:10:03 GMT

GET
H/1.1 200
OK WebResource.axd Show response
www.givetochildrens.org/ 23 KB
6 KB 497ms
251ms Script
application/x-javascript 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.givetochildrens.org/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZCg8QqK8McZfqhApg_H2-Vguqgi4dgromUD22RodRGv3vfxucQ2&t=637814473746327080

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
Last-Modified: Sat, 26 Feb 2022 09:42:54 GMT
Date: Mon, 17 Oct 2022 19:10:03 GMT
Vary: Accept-Encoding
x-frame-options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 6007
X-XSS-Protection: 1; mode=block
Expires: Tue, 17 Oct 2023 08:01:09 GMT

GET
H/1.1 200
OK BBAPI-min.js Show response
www.givetochildrens.org/Client/Scripts/API/ 1 KB
1 KB 375ms
130ms Script
application/x-javascript 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.givetochildrens.org/Client/Scripts/API/BBAPI-min.js?bbjsversion=7.2.1.807

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

fe01c1e1e2420e9dd4817895db5e171e7a4aaa30c1b31e65491323a7d4655eb7

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 15 Aug 2022 19:49:45 GMT
Date: Mon, 17 Oct 2022 19:10:03 GMT
ETag: "0fd892be0b0d81:0"
Vary: Accept-Encoding
x-frame-options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1038
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Bbnccore-min.js Show response
www.givetochildrens.org/Client/Scripts/ 41 KB
16 KB 520ms
248ms Script
application/x-javascript 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.givetochildrens.org/Client/Scripts/Bbnccore-min.js?bbjsversion=7.2.1.807

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

241408519de2e0cf4cd0b926f6832c1fe886202a77981fd197aab8a34c134901

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 15 Aug 2022 19:49:44 GMT
Date: Mon, 17 Oct 2022 19:10:03 GMT
ETag: "e2a5e62ae0b0d81:0"
Vary: Accept-Encoding
x-frame-options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 15740
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 139ms
45ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 08:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Oct 2023 08:11:47 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.13.0/ 249 KB
249 KB 175ms
80ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.13.0/jquery-ui.min.js

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86528b9b3691944f120890b52b0f33a146d4f01c40fbc911de0b1eb8a7cc8f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:09:46 GMT
x-content-type-options: nosniff
age: 320417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254921
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 02:09:46 GMT

GET
H/1.1 200
OK jquery.validate.js Show response
www.givetochildrens.org/Client/Scripts/jquery/ 50 KB
18 KB 622ms
247ms Script
application/x-javascript 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.givetochildrens.org/Client/Scripts/jquery/jquery.validate.js

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

a546cce815cd3fc8aaffb1fed884476e7aa21cccdd65985be9504ba518b154ba

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 15 Aug 2022 19:49:46 GMT
Date: Mon, 17 Oct 2022 19:10:03 GMT
ETag: "6edcf02be0b0d81:0"
Vary: Accept-Encoding
x-frame-options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 17984
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK additional-methods.js Show response
www.givetochildrens.org/Client/Scripts/jquery/ 11 KB
4 KB 500ms
124ms Script
application/x-javascript 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.givetochildrens.org/Client/Scripts/jquery/additional-methods.js

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

dcc9717a11738ee4f001b38c666c55a481d6262986703a6a142943dbd9e0dbe4

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 15 Aug 2022 19:49:46 GMT
Date: Mon, 17 Oct 2022 19:10:03 GMT
ETag: "364ad92be0b0d81:0"
Vary: Accept-Encoding
x-frame-options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 3814
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK messages_de.js Show response
www.givetochildrens.org/Client/Scripts/jquery/validateI18N/ 1 KB
1013 B 610ms
124ms Script
application/x-javascript 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.givetochildrens.org/Client/Scripts/jquery/validateI18N/messages_de.js

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

e1674888878ee36b096b21dd6fd6eb0aa304cc5a9c2fc6e2afb15ed1f1b83637

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 15 Aug 2022 19:49:47 GMT
Date: Mon, 17 Oct 2022 19:10:03 GMT
ETag: "ace5d2ce0b0d81:0"
Vary: Accept-Encoding
x-frame-options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 566
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.maskedinput-1.1.4.js Show response
www.givetochildrens.org/Client/Scripts/jquery/ 10 KB
4 KB 622ms
126ms Script
application/x-javascript 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.givetochildrens.org/Client/Scripts/jquery/jquery.maskedinput-1.1.4.js

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

10788c863e0a88fc9da96acd843f06680adb587143e815816c2c64449d9acdd9

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 15 Aug 2022 19:49:46 GMT
Date: Mon, 17 Oct 2022 19:10:03 GMT
ETag: "3edcee2be0b0d81:0"
Vary: Accept-Encoding
x-frame-options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 3544
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ScriptResource.axd Show response
www.givetochildrens.org/ 26 KB
6 KB 621ms
121ms Script
application/x-javascript 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.givetochildrens.org/ScriptResource.axd?d=nv7asgRUU0tRmHNR2D6t1PGIwY0n-Y2iI6gYOYIsb66uioX151-ZBU5EUaeUwxxaYLpBrDfMtLJBuKHnnGsu4JpygxODZqp8em182kcSMnDaSG8a0svXkUhITqKU7R6ARxKweQ2&t=14d69f50

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 17 Oct 2022 08:01:09 GMT
Date: Mon, 17 Oct 2022 19:10:03 GMT
x-frame-options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 5479
X-XSS-Protection: 1; mode=block
Expires: Tue, 17 Oct 2023 08:01:09 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.givetochildrens.org/ 86 KB
27 KB 643ms
124ms Script
application/x-javascript 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.givetochildrens.org/ScriptResource.axd?d=x6wALODbMJK5e0eRC_p1LfS_5IQ-bwIdgjLIO7uBvg-ewpCVkDBNs60WFH2R97GDPcpWxKUQakP6LqmiAKLZSxe0QTtVc1atm8opx8A3wMH7LhEl0&t=ffffffffec54f2d7

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

69fb335442dd71f1443309528749e73e1537f84c85af5d497373cee8b4bc49c9

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 17 Oct 2022 08:01:09 GMT
Date: Mon, 17 Oct 2022 19:10:03 GMT
x-frame-options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 27410
X-XSS-Protection: 1; mode=block
Expires: Tue, 17 Oct 2023 08:01:09 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.givetochildrens.org/ 36 KB
10 KB 731ms
120ms Script
application/x-javascript 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.givetochildrens.org/ScriptResource.axd?d=P5lTttoqSeZXoYRLQMIScH9CG3sgMgaC50t77DuxCpbeW927jEIim7t7dVSHtrWDkT5Or0xZgM7sEzlHk_gPysYraNy9IPyh-p1cCTe6ljZAcmtM0&t=ffffffffec54f2d7

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

d4d402dd35744b88f8e22d801d4c2025dfbee6f1efbf78e169b5d1990f3668b7

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 17 Oct 2022 08:01:10 GMT
Date: Mon, 17 Oct 2022 19:10:04 GMT
x-frame-options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 9853
X-XSS-Protection: 1; mode=block
Expires: Tue, 17 Oct 2023 08:01:10 GMT

GET
H/1.1 200
OK webkit.js Show response
www.givetochildrens.org/Client/Scripts/ 429 B
869 B 745ms
123ms Script
application/x-javascript 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.givetochildrens.org/Client/Scripts/webkit.js

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

c2eabc8c6508b48c2458b89fecde542432ed6584585b8178713f6d34d41f8491

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
Last-Modified: Mon, 15 Aug 2022 19:49:45 GMT
Date: Mon, 17 Oct 2022 19:10:04 GMT
ETag: "5c53872be0b0d81:0"
Vary: Accept-Encoding
x-frame-options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 421
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK CH_Foundation_Logo_White_160pxWnew.png
www.givetochildrens.org/image/logos/ 6 KB
6 KB 489ms
482ms Image
image/png 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/logos/CH_Foundation_Logo_White_160pxWnew.png

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

9223c6db3ed8c8477a616f6c9b238ac18a3a28b0f0f95e6d808dac124c83c5d6

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:04 GMT
Last-Modified: Thu, 23 Dec 2021 23:04:23 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
content-disposition: filename="CH_Foundation_Logo_White_160pxWnew.png"
Content-Length: 5896
X-XSS-Protection: 1; mode=block

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 172ms
75ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=706830e10f659fb8c

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

0c6e64b38a4f3e370dbd6a64f331494fa59d7e2b7598326b8abccce85bc934a5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Mon, 17 Oct 2022 19:10:04 GMT
content-encoding: br
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server: gws
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3540
x-xss-protection: 0
expires: Mon, 17 Oct 2022 19:10:04 GMT

GET
H/1.1

200
OK

view.image
www.givetochildrens.org/
Redirect Chain

https://698.thankyou4caring.org/view.image?Id=6899
https://www.givetochildrens.org/view.image?id=6899

716 B
1 KB

233ms
123ms

Image
image/png

205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/view.image?id=6899

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

866e70b761ef74f4e3cef52ad3893eb95e4c3eeedc11f96095ba33a912214089

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:04 GMT
Last-Modified: Tue, 03 Nov 2020 03:30:28 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
content-disposition: filename="search-icon-light.png"
Content-Length: 716
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://www.givetochildrens.org/view.image?id=6899
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:04 GMT
Content-Length: 167
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK Facebook.png
www.givetochildrens.org/image/icons/ 2 KB
2 KB 139ms
138ms Image
image/png 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/icons/Facebook.png

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

e1fcd6ad676d51a59c4ff6dc848930da2a109b72dfbede5ae09171964758cbe4

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:04 GMT
Last-Modified: Tue, 03 Nov 2020 02:43:40 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
content-disposition: filename="Facebook.png"
Content-Length: 1773
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Twitter.png
www.givetochildrens.org/image/icons/ 2 KB
3 KB 121ms
121ms Image
image/png 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/icons/Twitter.png

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

a07bb813bd6c47fbea12050fcca0c6521dfcb77446131faf7b19fa8625b8b428

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:04 GMT
Last-Modified: Tue, 03 Nov 2020 02:43:41 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
content-disposition: filename="Twitter.png"
Content-Length: 2192
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK linkedin.png
www.givetochildrens.org/image/icons/ 2 KB
2 KB 122ms
121ms Image
image/png 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/icons/linkedin.png

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

96960e47dfe9bbf5715d761b83c0d7aec2cd9eb7b07fae3e379a1992b78147f0

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:04 GMT
Last-Modified: Tue, 03 Nov 2020 02:43:41 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
content-disposition: filename="linkedin.png"
Content-Length: 1852
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK youtube.png
www.givetochildrens.org/image/icons/ 2 KB
2 KB 144ms
126ms Image
image/png 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/icons/youtube.png

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

d9e464ebed42cb05c4598950d9a8cfe67e414a886b3ccac76ef32aaa1f9035b3

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:04 GMT
Last-Modified: Tue, 03 Nov 2020 02:43:41 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
content-disposition: filename="youtube.png"
Content-Length: 2061
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Instagram.png
www.givetochildrens.org/image/icons/ 3 KB
3 KB 124ms
122ms Image
image/png 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/icons/Instagram.png

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

0e5e2feb79c90531d69cc90d57c9b1ecb76a3eb316191cb4482cffb876f92dc9

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:04 GMT
Last-Modified: Tue, 03 Nov 2020 02:43:40 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
content-disposition: filename="Instagram.png"
Content-Length: 2657
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 4367_chpf_brand_lp_banner_colin_1920x627.jpg
www.givetochildrens.org/image/banners/heroes/ 416 KB
416 KB 133ms
132ms Image
image/jpeg 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/banners/heroes/4367_chpf_brand_lp_banner_colin_1920x627.jpg

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

d4f86f3c0793dbe4627c21f5bf3e742648436ce21caf3e08e1fd7a09e477527b

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:04 GMT
Last-Modified: Fri, 07 Oct 2022 21:17:46 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private
content-disposition: filename="4367_chpf_brand_lp_banner_colin_1920x627.jpg"
Content-Length: 425609
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 4367_chpf_brand_lp_banner_colin_516x350.jpg
www.givetochildrens.org/image/banners/heroes/ 98 KB
98 KB 220ms
220ms Image
image/jpeg 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/banners/heroes/4367_chpf_brand_lp_banner_colin_516x350.jpg

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

534915a2f4df5c6dc94fee557d60dccf3176b9b17fa28279822def1c4e4f38d9

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:04 GMT
Last-Modified: Fri, 07 Oct 2022 20:30:21 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private
content-disposition: filename="4367_chpf_brand_lp_banner_colin_516x350.jpg"
Content-Length: 100091
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 21 KB
7 KB 186ms
72ms Script
application/javascript 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7919e42c1593715dd408c9f1e4b5c51b5b80ead7dc71b94535180b452724519f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-varnish-cache: 0
Date: Mon, 17 Oct 2022 19:10:04 GMT
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
CF-Cache-Status: DYNAMIC
via: 1.1 varnish, 1.1 varnish
Age: 868
X-Cache: HIT
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Mon, 17 Oct 2022 19:25:36 GMT
x-host: player-5667844d6d-7h5qh
Connection: keep-alive
x-vserver: playproxy-rollout-prod-varnish-0
Content-Length: 6272
x-xss-protection: 1; mode=block
X-Served-By: cache-fra19145-FRA
X-Player-Backend: p
Server: cloudflare
X-Timer: S1666033804.305888,VS0,VE0
x-backend-proxy: playproxy1
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: player-5667844d6d-7h5qh
Accept-Ranges: bytes
CF-RAY: 75bb550cb845bbb5-FRA
X-Cache-Hits: 1495

GET
H/1.1 200
OK Colin-233x-300.png
www.givetochildrens.org/image/home-page/ 116 KB
117 KB 126ms
126ms Image
image/png 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/home-page/Colin-233x-300.png

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

e62c08aa4a08e613b08703c96531fad4b028bc07f0aa0dac1186a3deb6c8d097

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:04 GMT
Last-Modified: Mon, 10 Oct 2022 14:17:54 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
content-disposition: filename="Colin-233x-300.png"
Content-Length: 119022
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK photo5730.png
www.givetochildrens.org/image/cta/ 130 KB
130 KB 155ms
155ms Image
image/png 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/cta/photo5730.png

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

749d297c0c4c89e0eedfcfe8f41683e00501bfd96f04ea8b15dc62aad6634fbc

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:04 GMT
Last-Modified: Fri, 06 Nov 2020 06:14:03 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
content-disposition: filename="photo5730.png"
Content-Length: 132615
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK photo5730mobile.png
www.givetochildrens.org/image/home-page/ 160 KB
160 KB 191ms
191ms Image
image/png 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/home-page/photo5730mobile.png

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

c5ecbbd6678b8b4c03c399d2c63fecae57cfde1ae9b1940e60e9a192ea246078

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:04 GMT
Last-Modified: Thu, 17 Feb 2022 23:10:37 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
content-disposition: filename="photo5730mobile.png"
Content-Length: 163670
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK photo5726.png
www.givetochildrens.org/image/cta/ 146 KB
146 KB 130ms
125ms Image
image/png 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/cta/photo5726.png

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

e6e677bab0666791f24cfc5587ccd1e81e4ab12b6235208f4809c8f9f3661bcd

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:04 GMT
Last-Modified: Fri, 06 Nov 2020 06:14:01 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
content-disposition: filename="photo5726.png"
Content-Length: 149231
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK photo5726mobile.png
www.givetochildrens.org/image/home-page/ 157 KB
157 KB 258ms
169ms Image
image/png 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/home-page/photo5726mobile.png

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

e0071ddecafca87fbcf3b88fa66fcc1a94ce82f18a2750c8e58cae836655ffed

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:05 GMT
Last-Modified: Thu, 17 Feb 2022 23:10:32 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
content-disposition: filename="photo5726mobile.png"
Content-Length: 160691
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 4664_chp_usnews_2022_foundation_banner_1062x360.jpg
www.givetochildrens.org/image/home-page/news-highlight/ 164 KB
164 KB 156ms
125ms Image
image/jpeg 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/home-page/news-highlight/4664_chp_usnews_2022_foundation_banner_1062x360.jpg

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

2b90b265dc29a950566b2c5e1bdf835d5432334d73bb99452fdd5e31892e1d9e

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:05 GMT
Last-Modified: Wed, 15 Jun 2022 20:42:23 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private
content-disposition: filename="4664_chp_usnews_2022_foundation_banner_1062x360.jpg"
Content-Length: 167836
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Maelynn-Homepage-2.png
www.givetochildrens.org/image/home-page/news-highlight/ 160 KB
160 KB 205ms
204ms Image
image/png 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/home-page/news-highlight/Maelynn-Homepage-2.png

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

5729bfa9203bf12fe81b3ff4e4b3b2b2c06b87e3b073c9e51e09fe717a29a6ce

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:05 GMT
Last-Modified: Thu, 13 Oct 2022 18:27:04 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
content-disposition: filename="Maelynn-Homepage-2.png"
Content-Length: 163703
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Rosie-Homepage.png
www.givetochildrens.org/image/home-page/news-highlight/ 170 KB
171 KB 129ms
129ms Image
image/png 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/home-page/news-highlight/Rosie-Homepage.png

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

6496a18e58cd9d0c386ebb223349d9be264f77c9560b2591fdfc05bd07aa9ffc

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:05 GMT
Last-Modified: Thu, 13 Oct 2022 18:31:06 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
content-disposition: filename="Rosie-Homepage.png"
Content-Length: 174371
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 2022_Radiothon_Email_Header_d2.gif
www.givetochildrens.org/image/email-images/events/radiothon/ 343 KB
343 KB 124ms
124ms Image
image/gif 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/email-images/events/radiothon/2022_Radiothon_Email_Header_d2.gif

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

52682784994bbe695fe57b41681d1d67ec80010a0257a4a8ff9359ba9ffb1b22

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:05 GMT
Last-Modified: Wed, 24 Aug 2022 16:10:30 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: private
content-disposition: filename="2022_Radiothon_Email_Header_d2.gif"
Content-Length: 351161
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Grantmakers_Homepage.png
www.givetochildrens.org/image/home-page/news-highlight/ 137 KB
138 KB 214ms
214ms Image
image/png 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/home-page/news-highlight/Grantmakers_Homepage.png

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

2ca00b7447a1bd1919a69c29567509300074f3eadb5b031b57aca69e99c8c38e

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:05 GMT
Last-Modified: Tue, 02 Aug 2022 17:39:07 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
content-disposition: filename="Grantmakers_Homepage.png"
Content-Length: 140468
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK CHP526284_Foundation-Badge.png
www.givetochildrens.org/image/logos/ 9 KB
10 KB 131ms
130ms Image
image/png 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/logos/CHP526284_Foundation-Badge.png

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

b560432a34c71c86e2134a9275c1620a6729c851c28515b862b945d15ef57d17

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:05 GMT
Last-Modified: Wed, 15 Jun 2022 20:40:40 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
content-disposition: filename="CHP526284_Foundation-Badge.png"
Content-Length: 9478
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK magnetbadge.png
www.givetochildrens.org/image/logos/ 6 KB
7 KB 128ms
128ms Image
image/png 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/logos/magnetbadge.png

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

30d8f035b9696343170ce98a0c1008c7213118b7f892af7ca7806239c6fc49bc

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:05 GMT
Last-Modified: Tue, 03 Nov 2020 02:44:19 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
content-disposition: filename="magnetbadge.png"
Content-Length: 6647
X-XSS-Protection: 1; mode=block

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 151ms
52ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16840
x-xss-protection: 0
server: cafe
etag: 11313833467736987248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 19:10:04 GMT

GET
H/1.1 200
OK / Show response
a.adtpix.com/px/ 579 B
846 B 582ms
145ms Script
text/javascript 54.236.134.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://a.adtpix.com/px/?id=107175

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.236.134.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-134-1.compute-1.amazonaws.com

Software

Apache/2.2.34 (Amazon) / Phusion Passenger 4.0.50

Resource Hash

782e3cdfa5e81963b818e6b5f1909d9059a4802b46d3515ed27eb957429aab04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 19:10:04 GMT
X-Content-Type-Options: nosniff
Server: Apache/2.2.34 (Amazon)
X-Powered-By: Phusion Passenger 4.0.50
Content-Type: text/javascript;charset=utf-8
Status: 200 OK
Connection: keep-alive
Content-Length: 579

GET
H/1.1 200
OK jquery.flipster-infinite.min.js Show response
www.givetochildrens.org/file/webdev/ 26 KB
26 KB 665ms
659ms Script
application/javascript 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.givetochildrens.org/file/webdev/jquery.flipster-infinite.min.js

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

f6314173f5a4103c62aba3b730bf679616be1047261b3d9d72caae4ac3c1b938

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:04 GMT
Last-Modified: Thu, 05 Nov 2020 19:50:19 GMT
x-frame-options: SAMEORIGIN
Content-Type: application/javascript
title: jquery.flipster-infinite.min
Cache-Control: private
content-disposition: filename="jquery.flipster-infinite.min.js"
Content-Length: 26196
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.flipster.css
www.givetochildrens.org/file/webdev/ 11 KB
3 KB 136ms
129ms Stylesheet
text/css 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.givetochildrens.org/file/webdev/jquery.flipster.css

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

3ec1a77778661f0a96b2f189363f129232dbd06fc85894e01be134cbe6be0e9d

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
Last-Modified: Thu, 05 Nov 2020 19:50:42 GMT
Date: Mon, 17 Oct 2022 19:10:04 GMT
Vary: Accept-Encoding
x-frame-options: SAMEORIGIN
Content-Type: text/css
title: jquery.flipster
Cache-Control: private
content-disposition: filename="jquery.flipster.css"
Content-Length: 2339
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery.flexslider.js Show response
cdnjs.cloudflare.com/ajax/libs/flexslider/2.6.3/ 54 KB
10 KB 135ms
50ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flexslider/2.6.3/jquery.flexslider.js

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb70827d2642f5d077cdec125b934d00204a3a1e835acac5d90ba25b7ebea08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 20316337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9956
last-modified: Mon, 04 May 2020 16:10:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5e-d6ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vDptofgU4Y%2B%2BrodyxxJaUZ4APpHGv87kDuIBHchRLlCrsbuv6osfTNhh051cireTmksC7JxshWfOjoYtkkWtlk%2Bt%2BuyE%2Fa29ALs5%2BDGlNqLP%2BoPV0IqnMXCWKI4YETkHRvZ6kKsHuLg7VoqfHnjV1eE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75bb550c8e359b25-FRA
expires: Sat, 07 Oct 2023 19:10:04 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 237 KB
84 KB 143ms
58ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P8BDVK

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f3368c92a2ec4328bc4c04349bfde9f3facb46ae06ac0ff940aea79d17c561d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85143
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 Oct 2022 19:10:04 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 144ms
37ms Script
text/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Oct 2022 18:50:52 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1152
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 17 Oct 2022 20:50:52 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 134ms
37ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 17 Oct 2022 19:10:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 27029
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ZXtUETCJtkYU9uTfCDsYDv9CAikCq+SE2fOFOaLpg57q1oeOY95b8TLLAlrou50679gPGxR7ApYyjVefqtImtg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/828024281/ 2 KB
2 KB 135ms
52ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/828024281/?random=1666033804389&cv=11&fst=1666033804389&bg=ffffff&guid=ON&async=1&gtm=2wgaa0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.givetochildrens.org%2F&tiba=Home%20-%20UPMC%20Children%27s%20Hospital%20Foundation&auid=1063394424.1666033804&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8BDVK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d3f015fbb4ed4acc18b5db11bcbb023a662e33faf0e23e3e2182ac031bee258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 966
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 146ms
43ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8BDVK
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:04 GMT
content-encoding: gzip
etag: "cbFpuah7ilcpMTJLYeCgng=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 24 Oct 2022 19:10:04 GMT

GET
H3

200

activityi;dc_pre=CJ2q7cj75_oCFY6CUAYdXJQKvA;src=8065742;type=chpfo000;cat=engag00;ord=5676908304436;gtm=2wgaa0;auiddc=1063394424.1666033804;~oref=https%3A%2F%2Fwww.givetochildrens.org%2F Show response
8065742.fls.doubleclick.net/ Frame DC80
Redirect Chain

https://8065742.fls.doubleclick.net/activityi;src=8065742;type=chpfo000;cat=engag00;ord=5676908304436;gtm=2wgaa0;auiddc=1063394424.1666033804;~oref=https%3A%2F%2Fwww.givetochildrens.org%2F?
https://8065742.fls.doubleclick.net/activityi;dc_pre=CJ2q7cj75_oCFY6CUAYdXJQKvA;src=8065742;type=chpfo000;cat=engag00;ord=5676908304436;gtm=2wgaa0;auiddc=1063394424.1666033804;~oref=https%3A%2F%2Fw...

1 KB
675 B

200ms
117ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8065742.fls.doubleclick.net/activityi;dc_pre=CJ2q7cj75_oCFY6CUAYdXJQKvA;src=8065742;type=chpfo000;cat=engag00;ord=5676908304436;gtm=2wgaa0;auiddc=1063394424.1666033804;~oref=https%3A%2F%2Fwww.givetochildrens.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8BDVK

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

fa7fb0557c1cf1badffcbd0a8623ef8c6cafded338576ff142dad73ef1539c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.givetochildrens.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 650
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:10:04 GMT
expires: Mon, 17 Oct 2022 19:10:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:10:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8065742.fls.doubleclick.net/activityi;dc_pre=CJ2q7cj75_oCFY6CUAYdXJQKvA;src=8065742;type=chpfo000;cat=engag00;ord=5676908304436;gtm=2wgaa0;auiddc=1063394424.1666033804;~oref=https%3A%2F%2Fwww.givetochildrens.org%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 spx Show response
dx.steelhousemedia.com/ 15 KB
4 KB 833ms
208ms Script
application/javascript 44.241.10.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.steelhousemedia.com/spx?dxver=4.0.0&shaid=30978&tdr=&plh=https%3A%2F%2Fwww.givetochildrens.org%2F&cb=90587763044325460term=value
Requested by: Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.241.10.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-10-203.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 006a785a7f4b20e70c74d3bf15154a759c222985fd5625842b819f42cc1873aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: application/javascript;charset=utf-8
date: Mon, 17 Oct 2022 19:10:05 GMT
content-encoding: gzip
connection: close
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 143ms
38ms Script
application/javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8BDVK
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:04 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 393056
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: b09eefd5a93e5ea28f9275ed97ec172b

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
74 KB 82ms
75ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NSS67ZPN3S&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8BDVK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a626951000446c277058795cb3ee0adf9f14e66d1252d24d04bea3f744a53f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75540
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 Oct 2022 19:10:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 60ms
53ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8065742&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8BDVK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc78bb25898bf3a4f4b3e5631f5cf74304c6cbad066c4a246f49468b6a543a1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42485
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Oct 2022 19:10:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
46 KB 63ms
56ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-823926318&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8BDVK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2af7862497328e9317b2e368f09dd5a0870c694a87a3e01dc27a8f7bf79a5e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46752
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Oct 2022 19:10:04 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=741906358&utmhn=www.givetochildrens.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32995178-1&cid=2036448878.1666033804&jid=1120729882&_v=5.7.2&z=741906358

35 B
430 B

144ms
47ms

Image
image/gif

2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32995178-1&cid=2036448878.1666033804&jid=1120729882&_v=5.7.2&z=741906358

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 17 Oct 2022 19:10:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:04 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32995178-1&cid=2036448878.1666033804&jid=1120729882&_v=5.7.2&z=741906358
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 370
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 941129392584610 Show response
connect.facebook.net/signals/config/ 294 KB
85 KB 158ms
158ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/941129392584610?v=2.9.85&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d63b2372ab322eb8771c03334057480f67cc4a578241182943ea6ae653fc5bc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 17 Oct 2022 19:10:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: bIjAApqolhVund8UKGtPUl1bPCNaRilPSIE6a2glG4bGCHzMP1OpfYIN3fMXiwKi8/E4pYgGbu5BGwuE3UB+xw==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 131ms
53ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-823926318&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 19:10:04 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 123ms
39ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.givetochildrens.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:41:22 GMT
x-content-type-options: nosniff
age: 322122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 01:41:22 GMT

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/f275a300093f201a/ 302 KB
101 KB 132ms
45ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f275a300093f201a/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=706830e10f659fb8c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec1555fc2430d7bf9eaccf108a229ebddd5522f8cdce5663ece904ec011da578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 18:49:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103180
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 15 Oct 2023 18:49:00 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/f275a300093f201a/ 41 KB
9 KB 126ms
39ms Stylesheet
text/css 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f275a300093f201a/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=706830e10f659fb8c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 18:49:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 15 Oct 2023 18:49:00 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 125ms
39ms Stylesheet
text/css 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=706830e10f659fb8c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 17 Oct 2022 19:59:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
353 B 132ms
44ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NSS67ZPN3S&gtm=2oeaa0&_p=873221114&cid=923862557.1666033805&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666033804&sct=1&seg=0&dl=https%3A%2F%2Fwww.givetochildrens.org%2F&dt=Home%20-%20UPMC%20Children%27s%20Hospital%20Foundation&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NSS67ZPN3S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.givetochildrens.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/828024281/ 42 B
340 B 141ms
132ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/828024281/?random=1666033804389&cv=11&fst=1666033200000&bg=ffffff&guid=ON&async=1&gtm=2wgaa0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.givetochildrens.org%2F&tiba=Home%20-%20UPMC%20Children%27s%20Hospital%20Foundation&fmt=3&is_vtc=1&random=3143114900&rmt_tld=0&ipr=y

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/828024281/ 42 B
548 B 144ms
53ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/828024281/?random=1666033804389&cv=11&fst=1666033200000&bg=ffffff&guid=ON&async=1&gtm=2wgaa0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.givetochildrens.org%2F&tiba=Home%20-%20UPMC%20Children%27s%20Hospital%20Foundation&fmt=3&is_vtc=1&random=3143114900&rmt_tld=1&ipr=y

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 759126794 Show response
player.vimeo.com/video/ Frame BBE3 18 KB
9 KB 239ms
177ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/759126794?h=aa6c2f6043&badge=0&autopause=0&player_id=0&app_id=58479

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb155da2dec3f197f2c3b235130c176d769bd3543bc53423c214537df48cd64f

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app/ https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.givetochildrens.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 75bb550f1e81bbb5-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 17 Oct 2022 19:10:04 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache: MISS
X-Cache-Hits: 0
X-Player-Backend: p
X-Served-By: cache-fra19183-FRA
X-Timer: S1666033805.676128,VS0,VE117
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
expires: Mon, 17 Oct 2022 19:14:52 GMT
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
x-backend-proxy: playproxy6
x-bapp-server: player-5667844d6d-drx84
x-content-type-options: nosniff
x-host: player-5667844d6d-drx84
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-5
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 21 KB
7 KB 62ms
62ms Script
application/javascript 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7919e42c1593715dd408c9f1e4b5c51b5b80ead7dc71b94535180b452724519f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-varnish-cache: 0
Date: Mon, 17 Oct 2022 19:10:04 GMT
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
CF-Cache-Status: DYNAMIC
via: 1.1 varnish, 1.1 varnish
Age: 868
X-Cache: HIT
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Mon, 17 Oct 2022 19:25:36 GMT
x-host: player-5667844d6d-7h5qh
Connection: keep-alive
x-vserver: playproxy-rollout-prod-varnish-0
Content-Length: 6272
x-xss-protection: 1; mode=block
X-Served-By: cache-fra19145-FRA
X-Player-Backend: p
Server: cloudflare
X-Timer: S1666033805.613949,VS0,VE0
x-backend-proxy: playproxy1
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: player-5667844d6d-7h5qh
Accept-Ranges: bytes
CF-RAY: 75bb550ebd87bbb5-FRA
X-Cache-Hits: 1498

GET
H2 200 rules-p-L6jeM_q4uj8-p.js Show response
rules.quantcount.com/ 209 B
663 B 261ms
44ms Script
application/javascript 2600:9000:223c:c800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-L6jeM_q4uj8-p.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf0dc636372374677e07f86ea0aef737f56481d7461214c3c5d0d0792c50c496

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:14:29 GMT
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 3337
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 209
last-modified: Thu, 06 Jun 2019 19:52:23 GMT
server: AmazonS3
etag: "2e7d4f7aef4f57825c7dbbf1633fc88e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: A-iRshA8Nl84w57rU00WzaAOPVqC5psRqLQ9IaKmrNUba_VhinI72g==

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/956247256/ 2 KB
1 KB 166ms
88ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956247256/?random=1666033804651&cv=9&fst=1666033804651&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.givetochildrens.org%2F&tiba=Home%20-%20UPMC%20Children%27s%20Hospital%20Foundation&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3858ac7edab887356da569286b39ba52130b3beba2e85d73869369fb264f9094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1024
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CIKP9Mj75_oCFc6r7QodSDoK1g;src=4500927;type=invmedia;cat=sugikrjg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5457848273399.068 Show response
4500927.fls.doubleclick.net/ Frame 1FE3
Redirect Chain

https://4500927.fls.doubleclick.net/activityi;src=4500927;type=invmedia;cat=sugikrjg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5457848273399.068?
https://4500927.fls.doubleclick.net/activityi;dc_pre=CIKP9Mj75_oCFc6r7QodSDoK1g;src=4500927;type=invmedia;cat=sugikrjg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5457848273399.068?

391 B
348 B

90ms
89ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4500927.fls.doubleclick.net/activityi;dc_pre=CIKP9Mj75_oCFc6r7QodSDoK1g;src=4500927;type=invmedia;cat=sugikrjg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5457848273399.068?

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

b074b170a561b2d842082ba23986edf9f88b7791fb235adec63c6e049560699c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.givetochildrens.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 323
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:10:04 GMT
expires: Mon, 17 Oct 2022 19:10:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:10:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://4500927.fls.doubleclick.net/activityi;dc_pre=CIKP9Mj75_oCFc6r7QodSDoK1g;src=4500927;type=invmedia;cat=sugikrjg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5457848273399.068?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK overlay-right-triangle.png
www.givetochildrens.org/image/home-page/ 291 B
712 B 629ms
628ms Image
image/png 205.139.102.27
BLACKBAUD-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.givetochildrens.org/image/home-page/overlay-right-triangle.png

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/stylesheet24.637896032062370000.css?id=24&nodefaults=1&iuqt=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.139.102.27 , United States, ASN15148 (BLACKBAUD-ASN, US),

Reverse DNS

Software

Resource Hash

64e49918a2aa76d09ae5b22426bb1fba15919b575cf40acccffdc54a095bf3bf

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/stylesheet24.637896032062370000.css?id=24&nodefaults=1&iuqt=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security: max-age=31536000;
Date: Mon, 17 Oct 2022 19:10:05 GMT
Last-Modified: Fri, 06 Nov 2020 06:40:16 GMT
x-frame-options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private
content-disposition: filename="overlay-right-triangle.png"
Content-Length: 291
X-XSS-Protection: 1; mode=block

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.0/fonts/ 69 KB
70 KB 133ms
77ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/fonts/fontawesome-webfont.woff2?v=4.6.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1732796c9dfafddff16db9660e67a879d723f376b0160cccad730c6c414eed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css
Origin: https://www.givetochildrens.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722
cdn-cachedat: 07/19/2022 19:06:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70700
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "7b4635e4bc709f12d7ac73f4d8c5261e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 627d20bc73c8d1dd3086f7b30751fd96
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75bb550f8fea9162-FRA
cdn-requestpullsuccess: True

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/823926318/ 2 KB
1 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/823926318/?random=1666033804747&cv=9&fst=1666033804747&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.givetochildrens.org%2F&tiba=Home%20-%20UPMC%20Children%27s%20Hospital%20Foundation&auid=1063394424.1666033804&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4882e18e079c579d649be5190a3eda034d2f194dee0ce276b722f0ac32be0608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1057
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/seg?add=4551033&t=1
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D4551033%26t%3D1

0
1015 B

40ms
39ms

Script
application/javascript

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D4551033%26t%3D1

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:10:04 GMT
AN-X-Request-Uuid: e4774afe-b6e5-498e-8598-38487d56ce0d
Server: nginx/1.21.3
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 19:10:04 GMT
AN-X-Request-Uuid: 32ff3f8b-fc54-420d-b962-1fbe7d924ac8
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D4551033%26t%3D1
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

activityi;dc_pre=CJSJ-8j75_oCFeq_7Qod2vYKlw;src=4498545;type=invmedia;cat=foa82qc1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5929684720120.685 Show response
4498545.fls.doubleclick.net/ Frame 4F5D
Redirect Chain

https://4498545.fls.doubleclick.net/activityi;src=4498545;type=invmedia;cat=foa82qc1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5929684720120.685?
https://4498545.fls.doubleclick.net/activityi;dc_pre=CJSJ-8j75_oCFeq_7Qod2vYKlw;src=4498545;type=invmedia;cat=foa82qc1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5929684720120.685?

391 B
346 B

70ms
70ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4498545.fls.doubleclick.net/activityi;dc_pre=CJSJ-8j75_oCFeq_7Qod2vYKlw;src=4498545;type=invmedia;cat=foa82qc1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5929684720120.685?

Requested by

Host: a.adtpix.com
URL: https://a.adtpix.com/px/?id=107175

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

7f4ed6f08c00340fc4139f8ba5d8582f8e53b3a2e47af7bc207e2b70c8d5deca

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.givetochildrens.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 323
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:10:04 GMT
expires: Mon, 17 Oct 2022 19:10:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Oct 2022 19:10:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://4498545.fls.doubleclick.net/activityi;dc_pre=CJSJ-8j75_oCFeq_7Qod2vYKlw;src=4498545;type=invmedia;cat=foa82qc1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5929684720120.685?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1048960231916284 Show response
connect.facebook.net/signals/config/ 294 KB
84 KB 158ms
158ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1048960231916284?v=2.9.85&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6c6ddff3842ea6ffd6075adfa7238ac13f8eb37bd8a5a4882cfac7fd77343b94

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 17 Oct 2022 19:10:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: NjFpOvAe4ZbpVxjL11wOL5vl2sN21GrWCMC+67wKUV00u+EGuEzPCVkbfab/k8yFP1LexyGGW3TkiI0sVauYOQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 128ms
38ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=941129392584610&ev=PageView&dl=https%3A%2F%2Fwww.givetochildrens.org%2F&rl=&if=false&ts=1666033804762&sw=1600&sh=1200&v=2.9.85&r=stable&ec=0&o=30&fbp=fb.1.1666033804761.114776895&it=1666033804498&coo=false&rqm=GET

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Oct 2022 19:10:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/823926318/ 42 B
64 B 137ms
54ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/823926318/?random=1666033804747&cv=9&fst=1666033200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.givetochildrens.org%2F&tiba=Home%20-%20UPMC%20Children%27s%20Hospital%20Foundation&async=1&fmt=3&is_vtc=1&random=4235666743&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/823926318/ 42 B
64 B 137ms
56ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/823926318/?random=1666033804747&cv=9&fst=1666033200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.givetochildrens.org%2F&tiba=Home%20-%20UPMC%20Children%27s%20Hospital%20Foundation&async=1&fmt=3&is_vtc=1&random=4235666743&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 38ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4e8b1b379497fe55d2a10be0760d96a99caef527b5e6a9fd0d0ebde8f330bd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Oct 2022 19:10:04 GMT
content-md5: ancC10JGViWXJGWNxVyMYA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: nQUAH2x2q7enX7uIe5B+y9igUH6gtZ09ohjds4F66XKYiH/AoR5cGj4CSnmKUWj+dz8dSoKbQMqIdYxPa1oXlQ==
x-fb-content-md5: 1355e235abc2659058c0fe068e75efb7
cross-origin-opener-policy: same-origin-allow-popups
etag: "51c48272f8941e95764bf675c770eb08"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Mon, 17 Oct 2022 19:12:24 GMT

GET
H2 200 buttons.js Show response
ws.sharethis.com/button/ 102 KB
26 KB 279ms
46ms Script
application/javascript 2600:9000:2251:ec00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/buttons.js

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:ec00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

748718063bc84d056b5d0cf947b83aa71d7dbef7358d6ec62eab82c2f3881a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 01:49:23 GMT
content-encoding: gzip
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 148842
x-cache: Hit from cloudfront
content-length: 26307
server: nginx/1.20.1
etag: W/"62bdf23a-19615"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=259200
x-robots-tag: noindex, nofollow
x-amz-cf-id: 3pll9rULOcc96YFcNqNbrXzsnr87rChUNMJZsxM3X9ULNbFDekRFjg==
expires: Wed, 19 Oct 2022 01:49:23 GMT

GET
H3 200 async-ads.js Show response
cse.google.com/adsense/search/ 142 KB
52 KB 129ms
52ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/f275a300093f201a/cse_element__en.js?usqp=CAI%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87ee755e23558f6022250c2c06749b2bbf2c930f875364048fef3ff0ea83941b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "4144345882900828110"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Mon, 17 Oct 2022 19:10:04 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
210 B 263ms
37ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame DC80 45 KB
16 KB 67ms
66ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 8065742.fls.doubleclick.net
URL: https://8065742.fls.doubleclick.net/activityi;dc_pre=CJ2q7cj75_oCFY6CUAYdXJQKvA;src=8065742;type=chpfo000;cat=engag00;ord=5676908304436;gtm=2wgaa0;auiddc=1063394424.1666033804;~oref=https%3A%2F%2Fwww.givetochildrens.org%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8065742.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16840
x-xss-protection: 0
server: cafe
etag: 11313833467736987248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 Oct 2022 19:10:04 GMT

GET
H2 200 dc_pre=CJ2q7cj75_oCFY6CUAYdXJQKvA;src=8065742;type=chpfo000;cat=engag00;ord=5676908304436;gtm=2wgaa0;auiddc=*;~oref=https%3A%2F%2Fwww.givetochildrens.org%2F
adservice.google.com/ddm/fls/z/ Frame DC80 42 B
494 B 159ms
75ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ2q7cj75_oCFY6CUAYdXJQKvA;src=8065742;type=chpfo000;cat=engag00;ord=5676908304436;gtm=2wgaa0;auiddc=*;~oref=https%3A%2F%2Fwww.givetochildrens.org%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8065742.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CIKP9Mj75_oCFc6r7QodSDoK1g;src=4500927;type=invmedia;cat=sugikrjg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5457848273399.068
adservice.google.com/ddm/fls/z/ Frame 1FE3 42 B
107 B 156ms
80ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIKP9Mj75_oCFc6r7QodSDoK1g;src=4500927;type=invmedia;cat=sugikrjg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5457848273399.068

Requested by

Host: 4500927.fls.doubleclick.net
URL: https://4500927.fls.doubleclick.net/activityi;dc_pre=CIKP9Mj75_oCFc6r7QodSDoK1g;src=4500927;type=invmedia;cat=sugikrjg;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5457848273399.068?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4500927.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1526476931-08582fd1ad9d3dc6638465bb07e8b715e27aecf5ca02a08184511a252e5829c8-d.jpg
i.vimeocdn.com/video/ Frame BBE3 1 KB
2 KB 239ms
158ms Image
image/jpeg 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1526476931-08582fd1ad9d3dc6638465bb07e8b715e27aecf5ca02a08184511a252e5829c8-d.jpg?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/759126794?h=aa6c2f6043&badge=0&autopause=0&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5f3cc300663af91dd35b4ab993cc1291a655b47ca1a1042af3047e9971ea3e1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:05 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 339676
x-viewmaster-lossless-format: lossy
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 1345
viewmaster-server: viewmaster-us-central1-wp09
x-served-by: cache-dfw-kdfw8210076-DFW, cache-fra19164-FRA
x-timer: S1666033805.966851,VS0,VE120
etag: a7650d67c970de123ee70742bb53e8e0
access-control-max-age: 86400
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 37, 0

GET
H2 200 player.de-DE.js Show response
f.vimeocdn.com/p/4.11.6/js/ Frame BBE3 889 KB
209 KB 119ms
37ms Script
application/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.11.6/js/player.de-DE.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/759126794?h=aa6c2f6043&badge=0&autopause=0&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: eb9f99b2c3c812a1930734d95c0cd011ef5e9a2808853dc6a0b7e894f0ff73af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200038-IAD, cache-fra19160-FRA
date: Mon, 17 Oct 2022 19:10:04 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 11518
x-timer: S1666033805.967740,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 213760
x-cache-hits: 2, 3031

GET
H2 200 player.css
f.vimeocdn.com/p/4.11.6/css/ Frame BBE3 205 KB
20 KB 118ms
37ms Stylesheet
text/css 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.11.6/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/759126794?h=aa6c2f6043&badge=0&autopause=0&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2ea61b2105754776effa3847b2e37f8f085fa820b0d7d040a103aa141adc8db5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200179-IAD, cache-fra19160-FRA
date: Mon, 17 Oct 2022 19:10:04 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 11520
x-timer: S1666033805.967722,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 20385
x-cache-hits: 25, 9147

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame BBE3 2 KB
1 KB 131ms
50ms Script
application/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/759126794?h=aa6c2f6043&badge=0&autopause=0&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200120-IAD, cache-fra19160-FRA
date: Mon, 17 Oct 2022 19:10:04 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2425966
x-timer: S1666033805.967828,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 997
x-cache-hits: 1, 443167

GET
H3 200 /
www.google.com/pagead/1p-user-list/956247256/ 42 B
64 B 68ms
50ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/956247256/?random=1666033804651&cv=9&fst=1666033200000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.givetochildrens.org%2F&tiba=Home%20-%20UPMC%20Children%27s%20Hospital%20Foundation&fmt=3&is_vtc=1&random=2566391669&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/956247256/ 42 B
64 B 73ms
57ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/956247256/?random=1666033804651&cv=9&fst=1666033200000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.givetochildrens.org%2F&tiba=Home%20-%20UPMC%20Children%27s%20Hospital%20Foundation&fmt=3&is_vtc=1&random=2566391669&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:04 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 300 KB
85 KB 80ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e4b3f336c4acf697a77d0f5847af5942

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c46e79592c25d4f18e574cab3c33bc3a05851fd503b216501a0c6d474133e5e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.givetochildrens.org/
Origin: https://www.givetochildrens.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Oct 2022 19:10:04 GMT
content-md5: GDh+J3fFPX2YrXjWQwwOgw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86954
x-fb-rlafr: 0
x-fb-debug: m8XNcDjO0z2uDXiO4dNvqKZAGK/7Dv8TmkFysqOy/oe3EsVJUO7Wgkyyt9WUePL2kCJY9KsE36aX4zgFqodcVA==
x-fb-content-md5: be073a66ef7444f6226db608cea54989
cross-origin-opener-policy: same-origin-allow-popups
etag: "1fcd754a0f6f0b1537bc33b1bfcf98ac"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 17 Oct 2023 16:45:55 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/846256904/ Frame DC80 2 KB
1 KB 56ms
56ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/846256904/?random=1666033804933&cv=9&fst=1666033804933&num=1&npa=1&label=-GViCJ_9xOUDEIi2w5MD&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8065742.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJ2q7cj75_oCFY6CUAYdXJQKvA%3Bsrc%3D8065742%3Btype%3Dchpfo000%3Bcat%3Dengag00%3Bord%3D5676908304436%3Bgtm%3D2wgaa0%3Bauiddc%3D1063394424.1666033804%3B~oref%3Dhttps%253A%252F%252Fwww.givetochildrens.org%252F%3F&ref=https%3A%2F%2Fwww.givetochildrens.org%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

904d00360ebfc3288be59d9d3d4112f5ea3e6794b35041af1b225fa6511c8a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8065742.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1254
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJSJ-8j75_oCFeq_7Qod2vYKlw;src=4498545;type=invmedia;cat=foa82qc1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5929684720120.685
adservice.google.com/ddm/fls/z/ Frame 4F5D 42 B
107 B 77ms
75ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJSJ-8j75_oCFeq_7Qod2vYKlw;src=4498545;type=invmedia;cat=foa82qc1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5929684720120.685

Requested by

Host: 4498545.fls.doubleclick.net
URL: https://4498545.fls.doubleclick.net/activityi;dc_pre=CJSJ-8j75_oCFeq_7Qod2vYKlw;src=4498545;type=invmedia;cat=foa82qc1;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5929684720120.685?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4498545.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/846256904/ Frame DC80
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/846256904/?random=1230256065&cv=9&fst=1666033804933&num=1&npa=1&label=-GViCJ_9xOUDEIi2w5MD&guid=ON&resp=GooglemKTybQhCsO&eid=3756032...
https://www.google.com/pagead/1p-conversion/846256904/?random=1230256065&cv=9&fst=1666033804933&num=1&npa=1&label=-GViCJ_9xOUDEIi2w5MD&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&...
https://www.google.de/pagead/1p-conversion/846256904/?random=1230256065&cv=9&fst=1666033804933&num=1&npa=1&label=-GViCJ_9xOUDEIi2w5MD&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u...

42 B
64 B

64ms
63ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/846256904/?random=1230256065&cv=9&fst=1666033804933&num=1&npa=1&label=-GViCJ_9xOUDEIi2w5MD&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8065742.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJ2q7cj75_oCFY6CUAYdXJQKvA%3Bsrc%3D8065742%3Btype%3Dchpfo000%3Bcat%3Dengag00%3Bord%3D5676908304436%3Bgtm%3D2wgaa0%3Bauiddc%3D1063394424.1666033804%3B~oref%3Dhttps%253A%252F%252Fwww.givetochildrens.org%252F%3F&ref=https%3A%2F%2Fwww.givetochildrens.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=jKhNY-aVOrGG9fgPrPqq0AU&cid=CAQSKQDq26N9l_bQOSDVwDeKX7HD59TkwyWRBdrrWJJvXKst7EvV3yrg_9QkIBM&random=2068867799&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8065742.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/846256904/?random=1230256065&cv=9&fst=1666033804933&num=1&npa=1&label=-GViCJ_9xOUDEIi2w5MD&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8065742.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJ2q7cj75_oCFY6CUAYdXJQKvA%3Bsrc%3D8065742%3Btype%3Dchpfo000%3Bcat%3Dengag00%3Bord%3D5676908304436%3Bgtm%3D2wgaa0%3Bauiddc%3D1063394424.1666033804%3B~oref%3Dhttps%253A%252F%252Fwww.givetochildrens.org%252F%3F&ref=https%3A%2F%2Fwww.givetochildrens.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=jKhNY-aVOrGG9fgPrPqq0AU&cid=CAQSKQDq26N9l_bQOSDVwDeKX7HD59TkwyWRBdrrWJJvXKst7EvV3yrg_9QkIBM&random=2068867799&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=223506617;source=gtm;event=refresh;labels=_fp.event.Default;rf=0;a=p-L6jeM_q4uj8-p;url=https%3A%2F%2Fwww.givetochildrens.org%2F;uht=2;fpan=1;fpa=P0-504346910-1666033805034;pbc=;ns=0;ce=1;qj...
pixel.quantserve.com/ 35 B
372 B 61ms
44ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=223506617;source=gtm;event=refresh;labels=_fp.event.Default;rf=0;a=p-L6jeM_q4uj8-p;url=https%3A%2F%2Fwww.givetochildrens.org%2F;uht=2;fpan=1;fpa=P0-504346910-1666033805034;pbc=;ns=0;ce=1;qjs=1;qv=7a1cba14-20221011131736;cm=;gdpr=0;ref=;d=givetochildrens.org;dst=0;et=1666033805033;tzo=0;ogl=;ses=225089a3-6cd2-4bfb-804e-6f956d994f61

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:05 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame BBE3 0
896 B 706ms
554ms Ping
text/plain 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=aa117192c8790d3671253161f387d483206765f91666033804

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Mon, 17 Oct 2022 07:10:05 GMT
Date: Mon, 17 Oct 2022 19:10:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kcgs7200054-IAD, cache-fra19160-FRA
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1666033806.582187,VS0,VE123
x-backend-proxy: webproxy14
x-frame-options: sameorigin
Vary: User-Agent
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-79cb7bb98f-bsrzx
Accept-Ranges: bytes
CF-RAY: 75bb55145b529a2a-FRA
X-Cache-Hits: 0, 0

GET
H3 200 146316136182858 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 159ms
159ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/146316136182858?v=2.9.85&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7cfad173dea2a301245f696f78f9f6832599ce8e3b28aa543da1147b94a89d9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 17 Oct 2022 19:10:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: rtTMc3nLkbFi0ymGafPhKL3vqt8sH4VmIWMnvSE5+UmUupUZ3K1rk+SD3wZN6YUlZ//akEKZPqBOAsAN8Nuz8A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 78ms
37ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1048960231916284&ev=PageView&dl=https%3A%2F%2Fwww.givetochildrens.org%2F&rl=&if=false&ts=1666033805068&sw=1600&sh=1200&v=2.9.85&r=stable&ec=0&o=30&fbp=fb.1.1666033804761.114776895&it=1666033804498&coo=false&rqm=GET

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Oct 2022 19:10:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 721807
i.vimeocdn.com/player/ Frame BBE3 5 KB
5 KB 60ms
59ms Image
image/avif 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/player/721807?mw=100&mh=100
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/759126794?h=aa6c2f6043&badge=0&autopause=0&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8483f8aff591a64a3fc5fd8f6ce387eea3739053beba8c5f71c21fac13c1870e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:05 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 328893
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 4724
viewmaster-server: viewmaster-us-central1-v1wk
x-served-by: cache-dfw-kdfw8210128-DFW, cache-fra19164-FRA
x-timer: S1666033805.151972,VS0,VE17
etag: 457fbab31926189d817a310dab623411
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 17, 1

POST
H2 200 player-test-impression
fresnel.vimeocdn.com/add/ Frame BBE3 0
40 B 356ms
140ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.11.6/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Mon, 17 Oct 2022 19:10:05 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 1526476931-08582fd1ad9d3dc6638465bb07e8b715e27aecf5ca02a08184511a252e5829c8-d
i.vimeocdn.com/video/ Frame BBE3 15 KB
15 KB 40ms
39ms Image
image/avif 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1526476931-08582fd1ad9d3dc6638465bb07e8b715e27aecf5ca02a08184511a252e5829c8-d?mw=1000&mh=563
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/759126794?h=aa6c2f6043&badge=0&autopause=0&player_id=0&app_id=58479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1e5505e4f31c0da8435537cded1d98cf5050d680f3aafaa32f6d35ee44e22bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:05 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 328892
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 15145
viewmaster-server: viewmaster-us-east1-fzkr
x-served-by: cache-dfw-kdfw8210100-DFW, cache-fra19164-FRA
x-timer: S1666033805.184290,VS0,VE2
etag: 928270a2566c9ff4842d240fbbeaaa09
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 13, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame BBE3 0
142 B 346ms
139ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=aa117192c8790d3671253161f387d483206765f91666033804
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.11.6/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Mon, 17 Oct 2022 19:10:05 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 44ms
43ms Script
application/javascript 2600:9000:2251:ec00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/async-buttons.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:ec00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 23:15:49 GMT
content-encoding: gzip
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 158056
x-cache: Hit from cloudfront
content-length: 18813
server: nginx/1.20.1
etag: W/"62bdf287-16245"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=259200
x-robots-tag: noindex, nofollow
x-amz-cf-id: 34_R9ZMgqetqp2GQVuQzogl_Pxh5pnts-pbbtPTgoxRhAVZ6npJH_Q==
expires: Tue, 18 Oct 2022 23:15:49 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
410 B 238ms
40ms XHR
text/plain 18.196.212.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1666033805213.56872&hostname=www.givetochildrens.org&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fwww.givetochildrens.org%2F&title=Home%20-%20UPMC%20Children%27s%20Hospital%20Foundation&sop=false

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.212.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-212-55.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 19:10:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://www.givetochildrens.org
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 44ms
44ms Stylesheet
text/css 2600:9000:2251:ec00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/css/buttons-secure.css

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:ec00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 23:15:50 GMT
content-encoding: gzip
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 30 Jun 2022 18:59:19 GMT
server: nginx/1.20.1
x-amz-cf-pop: FRA60-P3
age: 71655
etag: W/"62bdf287-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: ypSiB3UBmrUNiEbiX11OKHdLgRyP0mnBF2Rip7X8Cb7yZIX5foChFw==

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame A37F 0
0 87ms
46ms Document
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://www.givetochildrens.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Mon, 17 Oct 2022 19:10:05 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

GET
H2 200 861fedf877e3e70a
pixel.sitescout.com/up/ 43 B
267 B 539ms
430ms Image
image/gif 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/861fedf877e3e70a?cntr_url=https%3A%2F%2Fwww.givetochildrens.org%2F
Requested by: Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:05 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 37ms
37ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=146316136182858&ev=PageView&dl=https%3A%2F%2Fwww.givetochildrens.org%2F&rl=&if=false&ts=1666033805309&sw=1600&sh=1200&v=2.9.85&r=stable&ec=0&o=30&fbp=fb.1.1666033804761.114776895&it=1666033804498&coo=false&rqm=GET

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Oct 2022 19:10:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET is
35.160.46.251/ 0
0

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
380 B 40ms
39ms Image
text/plain 18.196.212.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.212.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-212-55.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 19:10:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK st Show response
px.steelhousemedia.com/ 2 KB
1 KB 829ms
207ms Script
application/javascript 54.244.159.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.steelhousemedia.com/st?ga_tracking_id=UA-32995178-1&ga_client_id=2036448878.1666033804&shpt=Home%20-%20UPMC%20Children%27s%20Hospital%20Foundation&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-32995178-1%22%2C%22ga_client_id%22%3A%222036448878.1666033804%22%2C%22shpt%22%3A%22Home%20-%20UPMC%20Children%27s%20Hospital%20Foundation%22%2C%22dcm_cid%22%3A%221666033804.1%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getTrackingIdByGA%22%3A%22FAILED%22%2C%22getTrackingIdByOther1%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1666033804.1&dxver=4.0.0&shaid=30978&plh=https%3A%2F%2Fwww.givetochildrens.org%2F&cb=90587763044325460term%3Dvalue
Requested by: Host: dx.steelhousemedia.com
URL: https://dx.steelhousemedia.com/spx?dxver=4.0.0&shaid=30978&tdr=&plh=https%3A%2F%2Fwww.givetochildrens.org%2F&cb=90587763044325460term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.244.159.189 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-244-159-189.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 7771495dc0b66786fc48bd009e2d6630e6341e7e37266bb81937dffd4a06a629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 17 Oct 2022 19:10:06 GMT
content-encoding: gzip
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
connection: close
content-type: application/javascript;charset=utf-8

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 38ms
38ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=941129392584610&ev=Microdata&dl=https%3A%2F%2Fwww.givetochildrens.org%2F&rl=&if=false&ts=1666033806284&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtHome%20-%20UPMC%20Children%27s%20Hospital%20Foundation%5Cn%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.85&r=stable&ec=1&o=30&fbp=fb.1.1666033804761.114776895&it=1666033804498&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Oct 2022 19:10:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 38ms
38ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1048960231916284&ev=Microdata&dl=https%3A%2F%2Fwww.givetochildrens.org%2F&rl=&if=false&ts=1666033806570&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtHome%20-%20UPMC%20Children%27s%20Hospital%20Foundation%5Cn%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.85&r=stable&ec=1&o=30&fbp=fb.1.1666033804761.114776895&it=1666033804498&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Oct 2022 19:10:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK gs Show response
ww.steelhousemedia.com/ 144 B
733 B 825ms
214ms Script
application/javascript 44.238.130.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ww.steelhousemedia.com/gs
Requested by: Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.238.130.186 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-130-186.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: c49eaaea723ea46604b50aa49a950e58d97e887ff4594a7c1b4b036f4c5b5e4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 19:10:07 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 0
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 38ms
38ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=146316136182858&ev=Microdata&dl=https%3A%2F%2Fwww.givetochildrens.org%2F&rl=&if=false&ts=1666033806811&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtHome%20-%20UPMC%20Children%27s%20Hospital%20Foundation%5Cn%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.85&r=stable&ec=1&o=30&fbp=fb.1.1666033804761.114776895&it=1666033804498&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Oct 2022 19:10:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK st Show response
px.steelhousemedia.com/ 5 KB
2 KB 641ms
235ms Script
application/javascript 54.244.159.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.steelhousemedia.com/st?ga_tracking_id=UA-32995178-1&ga_client_id=2036448878.1666033804&shpt=Home%20-%20UPMC%20Children%27s%20Hospital%20Foundation&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-32995178-1%22%2C%22ga_client_id%22%3A%222036448878.1666033804%22%2C%22shpt%22%3A%22Home%20-%20UPMC%20Children%27s%20Hospital%20Foundation%22%2C%22dcm_cid%22%3A%221666033804.1%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getTrackingIdByGA%22%3A%22FAILED%22%2C%22getTrackingIdByOther1%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1666033804.1&dxver=4.0.0&shaid=30978&plh=https%3A%2F%2Fwww.givetochildrens.org%2F&cb=166603380656072&shguid=6a8ce816-a7d9-31bb-bb87-e6bbc7c6a25c&shgts=1666033807385
Requested by: Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.244.159.189 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-244-159-189.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a06f0c21f8544aa10fd9e29db22cf1ed1e9adb60d6377616ac081ff6a50f1336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 17 Oct 2022 19:10:08 GMT
content-encoding: gzip
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
connection: close
content-type: application/javascript;charset=utf-8

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 507ms
57ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=4fbe2e6c-4e4f-11ed-aed3-1507b836be64&gdpr=&gdpr_consent=
Requested by: Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 17 Oct 2022 19:10:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
261 B 507ms
57ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=oaoyhco&ct=0:zcutrc6&fmt=3
Requested by: Host: www.givetochildrens.org
URL: https://www.givetochildrens.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 17 Oct 2022 19:10:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 121ms
44ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NSS67ZPN3S&gtm=2oeaa0&_p=873221114&cid=923862557.1666033805&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1666033804&sct=1&seg=0&dl=https%3A%2F%2Fwww.givetochildrens.org%2F&dt=Home%20-%20UPMC%20Children%27s%20Hospital%20Foundation&en=scroll&epn.percent_scrolled=90&_et=16
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NSS67ZPN3S&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.givetochildrens.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 19:10:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.givetochildrens.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
ws.sharethis.com/secure/ Frame 9B4F 7 KB
2 KB 39ms
39ms Document
text/html 2600:9000:2251:ec00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure/index.html

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:ec00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

1d5d4a3d491d72214945792be081b07dc744bd7a67421f7e571aec699589ae4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.givetochildrens.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13383
content-encoding: gzip
content-length: 2090
content-type: text/html
date: Mon, 17 Oct 2022 15:27:06 GMT
etag: W/"62bdf287-1ade"
last-modified: Thu, 30 Jun 2022 18:59:19 GMT
server: nginx/1.20.1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
x-amz-cf-id: zPDwQMzRuU4kxDc48s9J2w9I8Zzf6qrNF5NSFveKC61J-qk2uifzIg==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
x-robots-tag: noindex, nofollow

GET
H2 200 st.da2f6a88d7bfe891c2a6f4578518e3f4.js Show response
ws.sharethis.com/secure/js/ Frame 9B4F 148 KB
38 KB 43ms
43ms Script
application/javascript 2600:9000:2251:ec00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure/js/st.da2f6a88d7bfe891c2a6f4578518e3f4.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:ec00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

fb0058690392ce74e443d304e2f2c81a70ca36eb25e0dfb1cadada9315074049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/secure/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:31:03 GMT
content-encoding: gzip
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.20.1
x-amz-cf-pop: FRA60-P3
age: 9416346
etag: W/"62bdf287-24e3c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: zsyZYndDvGyG_-0wX4LtzSwfS90mML_R62gishk3_d_ZaGpgeikfpQ==
expires: Fri, 30 Jun 2023 19:31:03 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 35.160.46.251
URL: https://35.160.46.251/is

Verdicts & Comments Add Verdict or Comment

379 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.givetochildrens.org/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: dctgrzk1zgeupkvfjeefaad0
www.givetochildrens.org/	1969-12-31 23:59:59	Name: CSRF_TOKEN Value: 109c8f4a7baf4ba48963361437c44e42
www.givetochildrens.org/	1970-01-20 16:23:13	Name: VisitorGuid Value: e38e0aea-8c78-4077-961c-fc7e19d7cda5
www.givetochildrens.org/	1969-12-31 23:59:59	Name: NSC_QH-698 Value: 14b5a3d9ccc32dc451f320dc64c2c9b3cd28c9264f417a8c5570468667a47527c2a49829
.vimeo.com/	1970-01-20 06:47:15	Name: __cf_bm Value: RhlryKSL4b1M8DkiGq47.Q6KTe8A94NVCCOMjsfvSyE-1666033804-0-AYSd8al/5WQBdpi/MrkU4ynvGtczn/oVytYD835iAFTNhJ9aOk0sLZxkQXw3c0QD6+YpIn36JyvCNmxBono4Ua0=
.givetochildrens.org/	1970-01-20 08:56:49	Name: _gcl_au Value: 1.1.1063394424.1666033804
.givetochildrens.org/	1970-01-20 16:23:13	Name: __utma Value: 267122200.2036448878.1666033804.1666033804.1666033804.1
.givetochildrens.org/	1969-12-31 23:59:59	Name: __utmc Value: 267122200
.givetochildrens.org/	1970-01-20 11:10:01	Name: __utmz Value: 267122200.1666033804.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.givetochildrens.org/	1970-01-20 06:47:14	Name: __utmt Value: 1
.givetochildrens.org/	1970-01-20 06:47:15	Name: __utmb Value: 267122200.1.10.1666033804
.givetochildrens.org/	1970-01-20 16:23:13	Name: _ga_NSS67ZPN3S Value: GS1.1.1666033804.1.0.1666033804.0.0.0
.givetochildrens.org/	1970-01-20 16:23:13	Name: _ga Value: GA1.1.923862557.1666033805
.givetochildrens.org/	1970-01-20 08:56:49	Name: _fbp Value: fb.1.1666033804761.114776895
.doubleclick.net/	1970-01-20 16:08:49	Name: IDE Value: AHWqTUnlzNK8scSlHT_2Z7zQmysp1TzoH19EMoT7gqbvdCo5ysoFQsKITLGu_KBmVS4
.adnxs.com/	1970-01-20 08:56:49	Name: uuid2 Value: 3116047730548557912
.adnxs.com/	1970-01-20 08:56:49	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2C$IiK%9<!]tbP6j2F-XstGt!@DP:$czfV
.vimeo.com/	1970-01-20 16:23:13	Name: vuid Value: pl983042648.1506157698
.quantserve.com/	1970-01-20 16:17:28	Name: mc Value: 634da88d-118d5-55f70-8e378
.givetochildrens.org/	1970-01-20 16:11:42	Name: __qca Value: P0-504346910-1666033805034
.steelhousemedia.com/	1970-01-20 16:23:13	Name: guid Value: 4fbe2e6c-4e4f-11ed-aed3-1507b836be64
.px.steelhousemedia.com/	1970-01-20 16:23:13	Name: tt Value: H4sIAAAAAAAAAKtWKlOyMtJR8guKNzawNLeIN7IwtlCyMtBRQuYampmZGRgbWxhYGBiZIis2tzQGKq4FAP0jrtNGAAAA
.steelhousemedia.com/	1970-01-20 16:23:13	Name: rt Value: "MzA5Nzg6MTY2NjAzMzgwOA=="

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

35.160.46.251
4498545.fls.doubleclick.net
4500927.fls.doubleclick.net
698.thankyou4caring.org
8065742.fls.doubleclick.net
a.adtpix.com
adservice.google.com
ajax.googleapis.com
cdnjs.cloudflare.com
clients1.google.com
connect.facebook.net
cse.google.com
dx.steelhousemedia.com
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
googleads.g.doubleclick.net
i.vimeocdn.com
ib.adnxs.com
insight.adsrvr.org
l.sharethis.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
pixel.quantserve.com
pixel.sitescout.com
player.vimeo.com
px.steelhousemedia.com
region1.google-analytics.com
rules.quantcount.com
secure.quantserve.com
ssl.google-analytics.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
up.pixel.ad
vimeo.com
ws.sharethis.com
ww.steelhousemedia.com
www.facebook.com
www.givetochildrens.org
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
35.160.46.251
142.250.184.198
142.250.186.34
151.101.14.109
162.159.128.61
178.79.242.181
18.196.212.55
2001:4860:4802:34::36
205.139.102.27
205.139.108.232
2600:9000:223c:c800:6:44e3:f8c0:93a1
2600:9000:2251:ec00:3:c04e:c780:93a1
2606:4700::6811:190e
2606:4700::6812:bcf
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c1b::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.33.220.150
34.120.202.204
37.252.172.249
44.238.130.186
44.241.10.203
54.236.134.1
54.244.159.189
66.155.71.150
006a785a7f4b20e70c74d3bf15154a759c222985fd5625842b819f42cc1873aa
0c6e64b38a4f3e370dbd6a64f331494fa59d7e2b7598326b8abccce85bc934a5
0d63b2372ab322eb8771c03334057480f67cc4a578241182943ea6ae653fc5bc
0e5e2feb79c90531d69cc90d57c9b1ecb76a3eb316191cb4482cffb876f92dc9
10788c863e0a88fc9da96acd843f06680adb587143e815816c2c64449d9acdd9
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1d5d4a3d491d72214945792be081b07dc744bd7a67421f7e571aec699589ae4f
1e5505e4f31c0da8435537cded1d98cf5050d680f3aafaa32f6d35ee44e22bc4
1f8d9180f9800e115adc535130d1593849ebb4ca5173a7d62d202d1df8055d52
241408519de2e0cf4cd0b926f6832c1fe886202a77981fd197aab8a34c134901
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2b90b265dc29a950566b2c5e1bdf835d5432334d73bb99452fdd5e31892e1d9e
2ca00b7447a1bd1919a69c29567509300074f3eadb5b031b57aca69e99c8c38e
2d3f015fbb4ed4acc18b5db11bcbb023a662e33faf0e23e3e2182ac031bee258
2ea61b2105754776effa3847b2e37f8f085fa820b0d7d040a103aa141adc8db5
30d8f035b9696343170ce98a0c1008c7213118b7f892af7ca7806239c6fc49bc
3858ac7edab887356da569286b39ba52130b3beba2e85d73869369fb264f9094
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
3ec1a77778661f0a96b2f189363f129232dbd06fc85894e01be134cbe6be0e9d
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6
4882e18e079c579d649be5190a3eda034d2f194dee0ce276b722f0ac32be0608
4f3368c92a2ec4328bc4c04349bfde9f3facb46ae06ac0ff940aea79d17c561d
52682784994bbe695fe57b41681d1d67ec80010a0257a4a8ff9359ba9ffb1b22
534915a2f4df5c6dc94fee557d60dccf3176b9b17fa28279822def1c4e4f38d9
5729bfa9203bf12fe81b3ff4e4b3b2b2c06b87e3b073c9e51e09fe717a29a6ce
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
5f3cc300663af91dd35b4ab993cc1291a655b47ca1a1042af3047e9971ea3e1a
6496a18e58cd9d0c386ebb223349d9be264f77c9560b2591fdfc05bd07aa9ffc
64e49918a2aa76d09ae5b22426bb1fba15919b575cf40acccffdc54a095bf3bf
69fb335442dd71f1443309528749e73e1537f84c85af5d497373cee8b4bc49c9
6c6ddff3842ea6ffd6075adfa7238ac13f8eb37bd8a5a4882cfac7fd77343b94
748718063bc84d056b5d0cf947b83aa71d7dbef7358d6ec62eab82c2f3881a1a
749d297c0c4c89e0eedfcfe8f41683e00501bfd96f04ea8b15dc62aad6634fbc
7771495dc0b66786fc48bd009e2d6630e6341e7e37266bb81937dffd4a06a629
782e3cdfa5e81963b818e6b5f1909d9059a4802b46d3515ed27eb957429aab04
7919e42c1593715dd408c9f1e4b5c51b5b80ead7dc71b94535180b452724519f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f4ed6f08c00340fc4139f8ba5d8582f8e53b3a2e47af7bc207e2b70c8d5deca
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8483f8aff591a64a3fc5fd8f6ce387eea3739053beba8c5f71c21fac13c1870e
86528b9b3691944f120890b52b0f33a146d4f01c40fbc911de0b1eb8a7cc8f10
866e70b761ef74f4e3cef52ad3893eb95e4c3eeedc11f96095ba33a912214089
87ee755e23558f6022250c2c06749b2bbf2c930f875364048fef3ff0ea83941b
8a626951000446c277058795cb3ee0adf9f14e66d1252d24d04bea3f744a53f1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
904d00360ebfc3288be59d9d3d4112f5ea3e6794b35041af1b225fa6511c8a84
9223c6db3ed8c8477a616f6c9b238ac18a3a28b0f0f95e6d808dac124c83c5d6
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
96960e47dfe9bbf5715d761b83c0d7aec2cd9eb7b07fae3e379a1992b78147f0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06f0c21f8544aa10fd9e29db22cf1ed1e9adb60d6377616ac081ff6a50f1336
a07bb813bd6c47fbea12050fcca0c6521dfcb77446131faf7b19fa8625b8b428
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a546cce815cd3fc8aaffb1fed884476e7aa21cccdd65985be9504ba518b154ba
a87d4a4d40583c35087e6af0246f7e54156def5837f14ef2551d89fb9c1330fa
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b074b170a561b2d842082ba23986edf9f88b7791fb235adec63c6e049560699c
b3b3c504b58e74e14cc0760c3e46e09f2c27ece770cac389d87759113791f9bf
b560432a34c71c86e2134a9275c1620a6729c851c28515b862b945d15ef57d17
b59fb33e2b672e232c6a16ad8e236d3c61c0e6be5df668aacb08bb5139ab36ee
bf0dc636372374677e07f86ea0aef737f56481d7461214c3c5d0d0792c50c496
bf696d28fbcc4dbbf3e0cefce9f13124e04e8c4ad180dacd9dca21d15e9bc512
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c1732796c9dfafddff16db9660e67a879d723f376b0160cccad730c6c414eed3
c2eabc8c6508b48c2458b89fecde542432ed6584585b8178713f6d34d41f8491
c46e79592c25d4f18e574cab3c33bc3a05851fd503b216501a0c6d474133e5e6
c49eaaea723ea46604b50aa49a950e58d97e887ff4594a7c1b4b036f4c5b5e4c
c4e8b1b379497fe55d2a10be0760d96a99caef527b5e6a9fd0d0ebde8f330bd0
c5ecbbd6678b8b4c03c399d2c63fecae57cfde1ae9b1940e60e9a192ea246078
ca4562cee5bd64b4f6d54c824c3a7e3b8ca7dfd655a1fe0b49c9e9afd8619206
cc8cb7044ee6124b69c62abe30940e8495f274144c18bf3caf0b52d6ff187560
d2af7862497328e9317b2e368f09dd5a0870c694a87a3e01dc27a8f7bf79a5e6
d4d402dd35744b88f8e22d801d4c2025dfbee6f1efbf78e169b5d1990f3668b7
d4f86f3c0793dbe4627c21f5bf3e742648436ce21caf3e08e1fd7a09e477527b
d7a3615c151001af8db9002b3ac6f6acb279763c1313dbba4555fe7416e61b44
d7cfad173dea2a301245f696f78f9f6832599ce8e3b28aa543da1147b94a89d9
d9e464ebed42cb05c4598950d9a8cfe67e414a886b3ccac76ef32aaa1f9035b3
dc78bb25898bf3a4f4b3e5631f5cf74304c6cbad066c4a246f49468b6a543a1c
dcc9717a11738ee4f001b38c666c55a481d6262986703a6a142943dbd9e0dbe4
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86
e0071ddecafca87fbcf3b88fa66fcc1a94ce82f18a2750c8e58cae836655ffed
e1674888878ee36b096b21dd6fd6eb0aa304cc5a9c2fc6e2afb15ed1f1b83637
e1fcd6ad676d51a59c4ff6dc848930da2a109b72dfbede5ae09171964758cbe4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62c08aa4a08e613b08703c96531fad4b028bc07f0aa0dac1186a3deb6c8d097
e6e677bab0666791f24cfc5587ccd1e81e4ab12b6235208f4809c8f9f3661bcd
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1
eb155da2dec3f197f2c3b235130c176d769bd3543bc53423c214537df48cd64f
eb9f99b2c3c812a1930734d95c0cd011ef5e9a2808853dc6a0b7e894f0ff73af
ec1555fc2430d7bf9eaccf108a229ebddd5522f8cdce5663ece904ec011da578
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f6314173f5a4103c62aba3b730bf679616be1047261b3d9d72caae4ac3c1b938
fa7fb0557c1cf1badffcbd0a8623ef8c6cafded338576ff142dad73ef1539c98
fb0058690392ce74e443d304e2f2c81a70ca36eb25e0dfb1cadada9315074049
fb70827d2642f5d077cdec125b934d00204a3a1e835acac5d90ba25b7ebea08c
fe01c1e1e2420e9dd4817895db5e171e7a4aaa30c1b31e65491323a7d4655eb7
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.givetochildrens.org Open in urlscan Pro 205.139.102.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

130 Requests

96 %HTTPS

56 %IPv6

26 Domains

44 Subdomains

36 IPs

5 Countries

4136 kBTransfer

7857 kBSize

23 Cookies

10 Outgoing links

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.givetochildrens.org Open in urlscan Pro
205.139.102.27 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

96 %
HTTPS

56 %
IPv6

26
Domains

44
Subdomains

36
IPs

5
Countries

4136 kB
Transfer

7857 kB
Size

23
Cookies

130 HTTP transactions
0 data transactions