www.sickkidsfoundation.com Open in urlscan Pro
107.154.141.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.emails.sickkidsfoundation.com/?qs=c4ed4078e43bd4e96b86b5f22f3867ca0d407f50b265c08a5ff6b041d383332292c34b04de972f6689cb3f00d485...
Effective URL:
https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_...
Submission: On November 28 via manual (November 28th 2023, 9:20:47 pm UTC) from US — Scanned from DE

Summary HTTP 167 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 52 IPs in 9 countries across 63 domains to perform 167 HTTP transactions. The main IP is 107.154.141.76, located in United States and belongs to INCAPSULA, US. The main domain is www.sickkidsfoundation.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q3 on July 12th 2023. Valid for: 6 months.

This is the only time www.sickkidsfoundation.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.134.107 13.111.134.107	14340 (SALESFORCE) (SALESFORCE)
49	107.154.141.76 107.154.141.76	19551 (INCAPSULA) (INCAPSULA)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	52.222.139.116 52.222.139.116	16509 (AMAZON-02) (AMAZON-02)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:780... 2a02:26f0:780::210:a423	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:8d::84 2a04:4e42:8d::84	54113 (FASTLY) (FASTLY)
2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.138.40.243 108.138.40.243	16509 (AMAZON-02) (AMAZON-02)
1	108.138.40.116 108.138.40.116	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	18.173.154.87 18.173.154.87	16509 (AMAZON-02) (AMAZON-02)
5	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
3	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
3	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.192.58 18.66.192.58	16509 (AMAZON-02) (AMAZON-02)
1	104.122.27.70 104.122.27.70	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:679... 2600:1f18:6791:a006:6738:3e9a:9c67:1bbc	14618 (AMAZON-AES) (AMAZON-AES)
1 28	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
4 4	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
2	54.76.20.17 54.76.20.17	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.146 185.86.138.146	201081 (SMARTADSE...) (SMARTADSERVER)
3 3	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	104.18.41.104 104.18.41.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:1f18:612... 2600:1f18:612b:4280:156d:759d:aa88:4c71	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.222.236.205 52.222.236.205	16509 (AMAZON-02) (AMAZON-02)
1	3.122.68.209 3.122.68.209	16509 (AMAZON-02) (AMAZON-02)
1 1	44.212.121.217 44.212.121.217	14618 (AMAZON-AES) (AMAZON-AES)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	34.252.184.202 34.252.184.202	16509 (AMAZON-02) (AMAZON-02)
1	34.160.236.64 34.160.236.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1 1	18.194.229.202 18.194.229.202	16509 (AMAZON-02) (AMAZON-02)
1 1	3.79.197.35 3.79.197.35	16509 (AMAZON-02) (AMAZON-02)
4 4	54.36.150.183 54.36.150.183	16276 (OVH) (OVH)
3 3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	3.124.56.216 3.124.56.216	16509 (AMAZON-02) (AMAZON-02)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 1	54.211.231.26 54.211.231.26	14618 (AMAZON-AES) (AMAZON-AES)
1	99.80.178.10 99.80.178.10	16509 (AMAZON-02) (AMAZON-02)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 1	18.184.223.197 18.184.223.197	16509 (AMAZON-02) (AMAZON-02)
2 2	18.195.149.147 18.195.149.147	16509 (AMAZON-02) (AMAZON-02)
1 1	2.19.244.177 2.19.244.177	16625 (AKAMAI-AS) (AKAMAI-AS)
1	188.65.124.66 188.65.124.66	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
2 2	2607:ae80:192... 2607:ae80:192:1::173	26558 (FREEWHEEL) (FREEWHEEL)
1	35.186.196.148 35.186.196.148	15169 (GOOGLE) (GOOGLE)
1	63.33.100.143 63.33.100.143	16509 (AMAZON-02) (AMAZON-02)
1	52.59.133.66 52.59.133.66	16509 (AMAZON-02) (AMAZON-02)
1	44.197.32.198 44.197.32.198	14618 (AMAZON-AES) (AMAZON-AES)
2 2	99.84.88.85 99.84.88.85	16509 (AMAZON-02) (AMAZON-02)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
1 1	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
167	52

1 13.111.134.107 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.emails.sickkidsfoundation.com

click.emails.sickkidsfoundation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 107.154.141.76 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.141.76.ip.incapdns.net

www.sickkidsfoundation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-116.ams50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:780::210:a423 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8d::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.40.243 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-40-243.muc50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.40.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-40-116.muc50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-87.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-58.muc50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.122.27.70 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-122-27-70.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6791:a006:6738:3e9a:9c67:1bbc (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

capi.annalect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.101 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.20.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-20-17.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.146 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:156d:759d:aa88:4c71 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.205 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-205.fra56.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.68.209 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-68-209.eu-central-1.compute.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.212.121.217 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-121-217.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.184.202 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-184-202.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.229.202 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-229-202.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.79.197.35 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-79-197-35.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.36.150.183 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ip183.ip-54-36-150.eu

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.56.216 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-56-216.eu-central-1.compute.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.211.231.26 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-231-26.compute-1.amazonaws.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.178.10 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-178-10.eu-west-1.compute.amazonaws.com

sync-amazon.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.223.197 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-223-197.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.149.147 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-149-147.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.244.177 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-244-177.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:ae80:192:1::173 (United States) 2 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.196.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 148.196.186.35.bc.googleusercontent.com

sync.rfp.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.100.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-100-143.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.133.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-133-66.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.197.32.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-32-198.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.88.85 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-85.muc50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.121 (Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	sickkidsfoundation.com 1 redirects click.emails.sickkidsfoundation.com www.sickkidsfoundation.com	3 MB
28	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 310	23 KB
8	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	6 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	526 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6003	5 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 849	2 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6862	841 B
5	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3040	823 B
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	292 KB
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 4023	1 KB
4	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	3 KB
4	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1186 analytics.twitter.com — Cisco Umbrella Rank: 747 syndication.twitter.com — Cisco Umbrella Rank: 1447	132 KB
3	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 327 cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460	431 B
3	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486	2 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	239 B
3	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 874	753 B
3	teads.tv p.teads.tv — Cisco Umbrella Rank: 5634 cm.teads.tv — Cisco Umbrella Rank: 4853 t.teads.tv — Cisco Umbrella Rank: 2845	7 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 366	14 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1222	1 KB
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	614 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 758 usermatch.krxd.net — Cisco Umbrella Rank: 1979	358 B
2	stickyadstv.com 2 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 566	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 351	881 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 522	343 B
2	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 924 image6.pubmatic.com — Cisco Umbrella Rank: 823	391 B
2	serving-sys.com 2 redirects bs.serving-sys.com — Cisco Umbrella Rank: 1584 lm.serving-sys.com — Cisco Umbrella Rank: 2729	779 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 228	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 376 token.rubiconproject.com — Cisco Umbrella Rank: 458	653 B
2	360yield.com match.360yield.com — Cisco Umbrella Rank: 2249	397 B
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1610 insight.adsrvr.org — Cisco Umbrella Rank: 584	3 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 847	21 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	69 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 778	7 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 901	61 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	45 KB
1	ispot.tv 1 redirects pi.ispot.tv — Cisco Umbrella Rank: 2696	342 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 417	140 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 559	35 B
1	fout.jp sync.rfp.fout.jp — Cisco Umbrella Rank: 4752	284 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 2641	123 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 685	472 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 560	486 B
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 1322	168 B
1	yieldmo.com sync-amazon.ads.yieldmo.com — Cisco Umbrella Rank: 6447	38 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com — Cisco Umbrella Rank: 3703	492 B
1	exelator.com loadus.exelator.com — Cisco Umbrella Rank: 1596	324 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 1180	375 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1324	213 B
1	samba.tv 1 redirects ads.samba.tv — Cisco Umbrella Rank: 5939	655 B
1	samplicio.us usersync.samplicio.us — Cisco Umbrella Rank: 3273	186 B
1	imdb.com 1 redirects www.imdb.com — Cisco Umbrella Rank: 4573	879 B
1	tremorhub.com 1 redirects amazon.partners.tremorhub.com — Cisco Umbrella Rank: 6050	390 B
1	connatix.com capi.connatix.com — Cisco Umbrella Rank: 1113	82 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733	163 B
1	annalect.com capi.annalect.com	171 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2687	257 B
1	t.co t.co — Cisco Umbrella Rank: 607	376 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1161	17 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 713	15 KB
0	spotxchange.com Failed sync.search.spotxchange.com Failed
0	myvisualiq.net Failed t.myvisualiq.net Failed
167	63

	Domain	Requested by
49	www.sickkidsfoundation.com	www.sickkidsfoundation.com
28	s.amazon-adsystem.com	1 redirects www.sickkidsfoundation.com s.amazon-adsystem.com
6	www.googletagmanager.com	www.sickkidsfoundation.com www.googletagmanager.com www.google-analytics.com
5	ct.pinterest.com	s.pinimg.com www.sickkidsfoundation.com
5	www.google.de	www.sickkidsfoundation.com
5	connect.facebook.net	www.sickkidsfoundation.com connect.facebook.net
4	cookie-matching.mediarithmics.com	4 redirects
4	ib.adnxs.com	4 redirects
4	www.google.com	www.sickkidsfoundation.com
3	cm.g.doubleclick.net	3 redirects
3	www.facebook.com	connect.facebook.net www.sickkidsfoundation.com
3	px.ads.linkedin.com	3 redirects
3	tr.snapchat.com	sc-static.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.sickkidsfoundation.com
3	googleads.g.doubleclick.net	www.googletagmanager.com
2	uipglob.semasio.net	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	ads.stickyadstv.com	2 redirects
2	x.bidswitch.net	2 redirects
2	us-u.openx.net	s.amazon-adsystem.com
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	ups.analytics.yahoo.com	s.amazon-adsystem.com
2	dsum-sec.casalemedia.com	2 redirects
2	match.360yield.com	s.amazon-adsystem.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	platform.twitter.com	www.sickkidsfoundation.com platform.twitter.com
2	s.pinimg.com	www.sickkidsfoundation.com s.pinimg.com
2	www.youtube.com	www.sickkidsfoundation.com www.youtube.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.jsdelivr.net	www.sickkidsfoundation.com
1	image6.pubmatic.com	s.amazon-adsystem.com
1	pi.ispot.tv	1 redirects
1	eb2.3lift.com	s.amazon-adsystem.com
1	usermatch.krxd.net	s.amazon-adsystem.com
1	match.sharethrough.com	s.amazon-adsystem.com
1	beacon.krxd.net	s.amazon-adsystem.com
1	sync.rfp.fout.jp	s.amazon-adsystem.com
1	cms.analytics.yahoo.com	1 redirects
1	public-prod-dspcookiematching.dmxleo.com	s.amazon-adsystem.com
1	tags.bluekai.com	1 redirects
1	aa.agkn.com	1 redirects
1	sync.taboola.com	1 redirects
1	sync-amazon.ads.yieldmo.com	s.amazon-adsystem.com
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	token.rubiconproject.com	1 redirects
1	image2.pubmatic.com	s.amazon-adsystem.com
1	crb.kargo.com	s.amazon-adsystem.com
1	ssum-sec.casalemedia.com	1 redirects
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	s.amazon-adsystem.com
1	pixel.rubiconproject.com	1 redirects
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	amazon.partners.tremorhub.com	1 redirects
1	capi.connatix.com	s.amazon-adsystem.com
1	rtb-csync.smartadserver.com	s.amazon-adsystem.com
1	insight.adsrvr.org	js.adsrvr.org
1	capi.annalect.com	connect.facebook.net
1	t.teads.tv	www.sickkidsfoundation.com
1	vc.hotjar.io	script.hotjar.com
1	syndication.twitter.com	platform.twitter.com
1	px4.ads.linkedin.com	www.sickkidsfoundation.com
1	www.linkedin.com	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	cm.teads.tv	p.teads.tv
1	script.hotjar.com	static.hotjar.com
1	analytics.twitter.com	www.sickkidsfoundation.com
1	t.co	www.sickkidsfoundation.com
1	region1.google-analytics.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	sc-static.net	www.sickkidsfoundation.com
1	p.teads.tv	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	click.emails.sickkidsfoundation.com	1 redirects
0	sync.search.spotxchange.com Failed	s.amazon-adsystem.com
0	t.myvisualiq.net Failed	s.amazon-adsystem.com
167	82

This site contains links to these domains. Also see Links.

Domain
donate.sickkidsfoundation.com
www.sickkids.ca

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-07-12` - `2024-01-08`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-07` - `2023-12-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
syndication.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
capi.annalect.com R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.samplicio.us Amazon RSA 2048 M01	`2023-04-14` - `2024-05-12`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.prod.euc1.green.ops.kargo.com Amazon RSA 2048 M01	`2022-11-13` - `2023-12-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
public-prod-dspcookiematching.dmxleo.com ZeroSSL RSA Domain Secure Site CA	`2023-10-14` - `2024-01-12`	3 months	crt.sh
*.rfp.fout.jp RapidSSL TLS RSA CA G1	`2023-08-03` - `2024-09-02`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
usermatch.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-02-20`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Frame ID: B6FF703DEAFA7349072C6391EE7E83D6
Requests: 113 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.sickkidsfoundation.com
Frame ID: E3992066712C17D7AD583628D5219394
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=1da237a8-8122-4c02-9fcf-0aa6fde57222&u_scsid=6b1924ee-98e6-496f-96d2-257f257c8331&u_sclid=36cf3184-d244-4fad-8cb0-677e41c7b108
Frame ID: F53C4127D64C7B61C57C94CC151B7BF3
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D64c440ec-0d27-a288-46eb-b5e5780ddfaa%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.sickkidsfoundation.com/&ex-hargs=v%3D1.0%3Bc%3D1480596890801%3Bp%3D64C440EC-0D27-A288-46EB-B5E5780DDFAA&cb=302208082784637400&dcc=t
Frame ID: 913C130DE381B06162691708C26F66EF
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 33B557906B647F20141B3F99C3BA2417
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=gwmjca0&ref=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&upid=frd07f7&upv=1.1.0
Frame ID: 1B41930226F0754AAE35F136966D1912
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes
Frame ID: AA49ABD77B4342716FE1B18B1A360A71
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate to SickKids | Help kids get home for the holidays

Page URL History Show full URLs

https://click.emails.sickkidsfoundation.com/?qs=c4ed4078e43bd4e96b86b5f22f3867ca0d407f50b265c08a5ff6b041d383332292c34b04... HTTP 302
https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

167
Requests

83 %
HTTPS

26 %
IPv6

63
Domains

82
Subdomains

52
IPs

9
Countries

4557 kB
Transfer

8084 kB
Size

71
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://donate.sickkidsfoundation.com/NDF?campaign=otdholiday&subcampaign=kaleymatchgt3x&appeal=24DML-12EM-012
Title: Continue with Donation

Search URL Search Domain Scan URL

URL: https://www.sickkids.ca/
Title: The hospital for sick children

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.emails.sickkidsfoundation.com/?qs=c4ed4078e43bd4e96b86b5f22f3867ca0d407f50b265c08a5ff6b041d383332292c34b04de972f6689cb3f00d4859b85f8b61acc29712becc4f9325aa8c1e0a6 HTTP 302
https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1701206441510&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1701206441510&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2274266%26time%3D1701206441510%26url%3Dhttps%253A%252F%252Fwww.sickkidsfoundation.com%252Fcampaign%252F2%252Fotdholidaygt%253Fappeal%253D24DML-12EM-012%2526utm_campaign%253Dfy24ddmotgholiday%2526utm_source%253Dskf%2526utm_content%253Dholidaygt%2526utm_medium%253Demail%2526utm_adtype%253Dgt%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1701206441510&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1701206441510&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&cookiesTest=true&liSync=true&e_ipv6=AQKs4EwyiIv5qwAAAYwXzkAYHObFf-FJ6NqVNdmN39YOnLKHbCE8M1NUem2zkpgFrBAXuLbNdHoM6BKcTyW8Wt2O_OIV

Request Chain 111

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D64c440ec-0d27-a288-46eb-b5e5780ddfaa%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.sickkidsfoundation.com/&ex-hargs=v%3D1.0%3Bc%3D1480596890801%3Bp%3D64C440EC-0D27-A288-46EB-B5E5780DDFAA&cb=302208082784637400 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D64c440ec-0d27-a288-46eb-b5e5780ddfaa%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.sickkidsfoundation.com/&ex-hargs=v%3D1.0%3Bc%3D1480596890801%3Bp%3D64C440EC-0D27-A288-46EB-B5E5780DDFAA&cb=302208082784637400&dcc=t

Request Chain 119

https://ib.adnxs.com/setuid/a9?entity=188&code=4GQftQ27T3OhjcOMaTavKA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3D4GQftQ27T3OhjcOMaTavKA%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=4GQftQ27T3OhjcOMaTavKA

Request Chain 122

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=auuBWkaNSVySSFrEoSKihg&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=auuBWkaNSVySSFrEoSKihg&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZWZZqtVKVaaSv6YXgpzuGgAA

Request Chain 125

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=8c08a18e34d249d6bf497f0d7eeb73d2

Request Chain 126

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 129

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=12332d302d3ca952f

Request Chain 130

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=zMXMN4IETIWvTeRvz5RI7w&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zMXMN4IETIWvTeRvz5RI7w

Request Chain 131

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=392O6ISLRAW9s7uoopN7uw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=392O6ISLRAW9s7uoopN7uw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=25539487652684942811293536780721688207

Request Chain 133

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6112333356251797235

Request Chain 134

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22414243fa-5176-47b9-9824-6fe3b7e3b6b5%22,%22Time%22:%2220231128T212043.116716%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=414243fa-5176-47b9-9824-6fe3b7e3b6b5

Request Chain 135

https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=amazon-na-23&gdpr=0 HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr=0&domid=1109 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx&google_gid=CAESEMzylmC5ZGlJB71qpHMWlAg&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEMzylmC5ZGlJB71qpHMWlAg&gdpr=0&action=GET_ID&etid=&domid=1109 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=6367645603294422580&opid=apx&ops=&utidl=tech:goo:CAESEMzylmC5ZGlJB71qpHMWlAg&gdpr=0&action=GET_ID&etid=&domid=1109 HTTP 303
https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-56752228565&gdpr=0

Request Chain 136

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=LDRumoV-H97i7eUj-_mALzc4fKw4ZgIC

Request Chain 138

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=6367645603294422580&ex=appnexus.com

Request Chain 140

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=8NtLVnBJHt7tnpLbvew_Mg&ex=rubiconproject.com&status=ok

Request Chain 142

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=AB3F1E0AAB59666529005C6702F71056

Request Chain 145

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=5ac1a333-e64c-4d25-a85c-cb2eac5ee445-tuctc5fdf2b

Request Chain 146

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=216603104714005213536&ex=neustar.biz

Request Chain 147

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=f4fb61bba8189b3cc9fe8ffe76b5a324

Request Chain 148

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 151

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini

Request Chain 152

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=1c94b9ff9e11dc9b9b513d371de492b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 156

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=Aq_M1oQqQMWWDlr5DWbdAg&redirectId=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=3814e943373ad37740a5a21663d244e5&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=Aq_M1oQqQMWWDlr5DWbdAg

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEJl9-Ssjv5jfULIW7em0kZE&google_cver=1

Request Chain 160

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=fa5c26875bc8119d0c3897b22511f275

Request Chain 163

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=9031848507FE2224

Request Chain 164

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=bpYyOyN7RQSbVsPf0HrkoA& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 165

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=018d0349c3402406a7e94ac2ef1f2ea47d3111fafb3d164aa7150b384fd29ffc

167 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request otdholidaygt Show response
www.sickkidsfoundation.com/campaign/2/
Redirect Chain

https://click.emails.sickkidsfoundation.com/?qs=c4ed4078e43bd4e96b86b5f22f3867ca0d407f50b265c08a5ff6b041d383332292c34b04de972f6689cb3f00d4859b85f8b61acc29712becc4f9325aa8c1e0a6
https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt

43 KB
10 KB

1043ms
468ms

Document
text/html

107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: bc1161890d59eb3acf730aaeeb18f3a39b6f53809f4c4b95155fd19efc18c867

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 28 Nov 2023 21:20:39 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cdn: Imperva
x-iinfo: 12-197393561-197393567 NNNN CT(104 228 0) RT(1701206439001 13) q(0 0 3 1) r(4 4) U12

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 316
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Nov 2023 21:20:38 GMT
Location: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt

GET
H2 200 bootstrap-theme.min.css
www.sickkidsfoundation.com/css/dependencies/bootstrap3/ 23 KB
3 KB 418ms
416ms Stylesheet
text/css 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/css/dependencies/bootstrap3/bootstrap-theme.min.css
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 8b273fe0ae11dfeb96f7a56f1b5ecd2d76500147927ad557356faa5227d17032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:39 GMT
content-encoding: gzip
last-modified: Wed, 22 Nov 2023 20:50:50 GMT
x-cdn: Imperva
etag: "0f14c93851dda1:0"
content-type: text/css
x-iinfo: 12-197393561-197391769 2VNN RT(1701206439001 492) q(0 0 0 -1) r(4 4)
cache-control: max-age=4043, public
content-length: 2769
expires: Tue, 28 Nov 2023 22:28:02 GMT

GET
H2 200 bootstrap.min.css
www.sickkidsfoundation.com/css/dependencies/bootstrap3/ 118 KB
19 KB 459ms
458ms Stylesheet
text/css 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/css/dependencies/bootstrap3/bootstrap.min.css
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:39 GMT
content-encoding: gzip
last-modified: Wed, 22 Nov 2023 20:50:52 GMT
x-cdn: Imperva
etag: "01e7e94851dda1:0"
content-type: text/css
x-iinfo: 12-197393561-197342446 2VNN RT(1701206439001 501) q(0 0 0 -1) r(4 4)
cache-control: max-age=4042, public
content-length: 19633
expires: Tue, 28 Nov 2023 22:28:01 GMT

GET
H2 200 main
www.sickkidsfoundation.com/bundles/css/ 292 KB
67 KB 471ms
470ms Stylesheet
text/css 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/css/main?v=oAv00LErvoBs7ew4JXRnRsuIq1eDawml3hQpEttpjgQ1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: fde6f7d69d3e82b6ad8bd523641139bfaa09af15775f8cf89328b1c7a0cacdda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:39 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 21:20:40 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
x-iinfo: 12-197393561-197393631 2NNN RT(1701206439001 511) q(0 0 0 -1) r(4 4)
cache-control: public
expires: Wed, 27 Nov 2024 21:20:40 GMT

GET
H2 200 jquery Show response
www.sickkidsfoundation.com/bundles/ 91 KB
41 KB 459ms
457ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/jquery?v=7AMc9pBn1GIYDuJDXGstN7nku_447XMEtvGIFvLEuGs1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: b6cb09e57c1ed08553566bda474cf9681c03fc4ba091731c81c78a6a4226740b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:39 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 21:20:40 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 12-197393561-197391773 2NNN RT(1701206439001 520) q(0 0 0 -1) r(4 4)
cache-control: public
content-length: 42005
expires: Wed, 27 Nov 2024 21:20:40 GMT

GET
H2 200 jqueryval Show response
www.sickkidsfoundation.com/bundles/ 25 KB
10 KB 470ms
469ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/jqueryval?v=hEGG8cMxk9p0ncdRUOJ-CnKN7NezhnPnWIvn6REucZo1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 52a8b689a73c228618294e3e544fac3e62507eabf2fe490dc77a00c16e34c452

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:39 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 21:20:40 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 12-197393561-197386843 2NNN RT(1701206439001 533) q(0 0 0 -1) r(4 4)
cache-control: public
content-length: 9965
expires: Wed, 27 Nov 2024 21:20:40 GMT

GET
H2 200 modernizr Show response
www.sickkidsfoundation.com/bundles/ 3 KB
2 KB 533ms
532ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/modernizr?v=9yygsVk3I-guoeu6EUt0fzBjgzee2gP6Y9SNVDkhZoc1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 44cec66e8f45f1c1573be7ee656b280f475f07b608982b8e68c742363d202ee1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:39 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 21:20:40 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 12-197393561-197393647 2NNN RT(1701206439001 546) q(0 0 0 -1) r(0 5)
cache-control: public
content-length: 1615
expires: Wed, 27 Nov 2024 21:20:40 GMT

GET
H2 200 header Show response
www.sickkidsfoundation.com/bundles/ 159 B
302 B 544ms
543ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/header?v=dJ6LOVfv49i9fuAW3MbtcyjUkVM3bJ8e5r4OUmJ-dUE1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 694bc35fc07d7091b82ee02e6b7cbcacc69edb23c9dfd515a18647d684456c51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:39 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 21:20:40 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 12-197393561-197388498 2NNN RT(1701206439001 558) q(0 3 3 -1) r(5 5)
cache-control: public
content-length: 214
expires: Wed, 27 Nov 2024 21:20:40 GMT

GET
H2 200 global Show response
www.sickkidsfoundation.com/bundles/ 146 KB
58 KB 570ms
568ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/global?v=gOU6YPoC12V0Txc2-hKRuYm12lswVd1I3h93rWtMcbI1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: e504ef5834756b1288609d33084c7db8c7b860e70b936dbb6f62a035f8cf4975

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:39 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 21:20:40 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 12-197393561-197393633 2NNN RT(1701206439001 572) q(0 4 4 -1) r(5 5)
cache-control: public
content-length: 58980
expires: Wed, 27 Nov 2024 21:20:40 GMT

GET
H2 200 eventmodal Show response
www.sickkidsfoundation.com/bundles/ 4 KB
2 KB 580ms
579ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/eventmodal?v=WifMKbbMA1Kq6ztfZQ2LySAzGuaWjy6plfdZkQQ8yfA1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 1c0f5ab277787d1bf8f1d0b5880c15cc75f54af28e6b12f9a898483476de6a3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:39 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 21:20:40 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 12-197393561-197393415 2NNN RT(1701206439001 578) q(0 4 4 -1) r(5 5)
cache-control: public
content-length: 1486
expires: Wed, 27 Nov 2024 21:20:40 GMT

GET
H2 200 skvs-logo.png
www.sickkidsfoundation.com/-/media/images/skf/common/ 15 KB
15 KB 680ms
679ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/common/skvs-logo.png?h=181&w=500&la=en&hash=24FE31180B4E08B47546A874EC50A350
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 908fc292fadc80ca940e5a08658b9e339ac7204b4918425d6252769cdd85d728

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Tue, 19 Sep 2023 19:22:25 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/png
x-iinfo: 12-197393561-197393647 2NNN RT(1701206439001 584) q(0 5 5 -1) r(6 6) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="SKVS-logo.png"
accept-ranges: bytes
content-length: 14884

GET
H2 200 secure.gif
www.sickkidsfoundation.com/images/ 2 KB
2 KB 214ms
212ms Image
image/gif 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/secure.gif
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: d7045fdb11dd6356bf559e5d35d9173d409d403a36a20040f4a4e5f08314c9a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Wed, 22 Nov 2023 20:50:52 GMT
x-cdn: Imperva
etag: "01e7e94851dda1:0"
content-type: image/gif
x-iinfo: 12-197393561-197391773 2VNN RT(1701206439001 1320) q(0 1 1 -1) r(2 2)
cache-control: max-age=3391, public
content-length: 1613
expires: Tue, 28 Nov 2023 22:17:11 GMT

GET
H2 200 apple-pay-card.png
www.sickkidsfoundation.com/-/media/images/skf/donationpages/default-assets/logo/payment/ 617 B
783 B 237ms
234ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/donationpages/default-assets/logo/payment/apple-pay-card.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 4d1bcb9682636c550d2f4063e7b32025b2306803fa3eecac56479de524d4f010

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Tue, 19 Sep 2023 21:09:15 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/png
x-iinfo: 12-197393561-197393633 2NNN RT(1701206439001 1321) q(0 1 1 -1) r(2 2) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="apple-pay-card.png"
accept-ranges: bytes
content-length: 617

GET
H2 200 gpay-card.png
www.sickkidsfoundation.com/-/media/images/skf/donationpages/default-assets/logo/payment/ 834 B
1016 B 282ms
279ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/donationpages/default-assets/logo/payment/gpay-card.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 19c0617159f72bcc33227467d0d6eac3d3c1419006f675ddc9e37ec2faf13fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Tue, 19 Sep 2023 21:09:26 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/png
x-iinfo: 12-197393561-197393823 NNNY CT(99 208 0) RT(1701206439001 1322) q(0 1 1 -1) r(2 2) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="gpay-card.png"
accept-ranges: bytes
content-length: 834

GET
H2 200 paypal-card.png
www.sickkidsfoundation.com/-/media/images/skf/donationpages/default-assets/logo/payment/ 670 B
812 B 328ms
325ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/donationpages/default-assets/logo/payment/paypal-card.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 2dae75e09c3493c23f75ebc4777388092193001170c4a6e819994c8b168d2b4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Tue, 19 Sep 2023 21:09:49 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/png
x-iinfo: 12-197393561-197388498 2NNN RT(1701206439001 1323) q(0 2 2 -1) r(3 3) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="paypal-card.png"
accept-ranges: bytes
content-length: 670

GET
H2 200 visa-card.png
www.sickkidsfoundation.com/-/media/images/skf/donationpages/default-assets/logo/payment/ 757 B
897 B 346ms
344ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/donationpages/default-assets/logo/payment/visa-card.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 9711afc4940d302e084549f57f587758f7051371bc482fda59b3be7b0b1aefe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Tue, 19 Sep 2023 21:09:56 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/png
x-iinfo: 12-197393561-197393633 2NNN RT(1701206439001 1324) q(0 2 2 -1) r(3 3) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="visa-card.png"
accept-ranges: bytes
content-length: 757

GET
H2 200 mastercard-card.png
www.sickkidsfoundation.com/-/media/images/skf/donationpages/default-assets/logo/payment/ 508 B
652 B 383ms
381ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/donationpages/default-assets/logo/payment/mastercard-card.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 63d8ade1273d0e531ba26cb60b53acd928f9c3b95880f8f7014742c8afa87edc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Tue, 19 Sep 2023 21:09:35 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/png
x-iinfo: 12-197393561-197391773 2NNN RT(1701206439001 1326) q(0 2 2 -1) r(3 3) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="mastercard-card.png"
accept-ranges: bytes
content-length: 508

GET
H2 200 amex-card.png
www.sickkidsfoundation.com/-/media/images/skf/donationpages/default-assets/logo/payment/ 664 B
804 B 434ms
432ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/donationpages/default-assets/logo/payment/amex-card.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 73ee450b3f9b36ada802d2a74a0ecbd1ee0b5948defe8af2ac88fd70ed41be38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Tue, 19 Sep 2023 21:08:40 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/png
x-iinfo: 12-197393561-197393823 PNNy RT(1701206439001 1327) q(0 3 3 -1) r(4 4) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="amex-card.png"
accept-ranges: bytes
content-length: 664

GET
H2 200 index.js Show response
www.sickkidsfoundation.com/assets/js/skf/pov/ 1 KB
785 B 662ms
661ms Script
application/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/assets/js/skf/pov/index.js
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: f39c9d441fa20b6c5fe88846a7dccf08b8ab5db895985dc85c98674b5ea36c8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
content-encoding: gzip
last-modified: Wed, 22 Nov 2023 20:50:50 GMT
x-cdn: Imperva
etag: "0f14c93851dda1:0"
content-type: application/javascript
x-iinfo: 12-197393561-197388498 2VNN RT(1701206439001 589) q(0 5 5 -1) r(6 6)
cache-control: max-age=4042, public
content-length: 640
expires: Tue, 28 Nov 2023 22:28:02 GMT

GET
H2 200 hero-with-donation-widget.js Show response
www.sickkidsfoundation.com/assets/js/skf/pov/ 5 KB
1 KB 120ms
119ms Script
application/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/assets/js/skf/pov/hero-with-donation-widget.js
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: ee3249b8fe5def737e9801e953b169c22b5fcce4acedd5b203025e8319870234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
content-encoding: gzip
last-modified: Wed, 22 Nov 2023 20:50:50 GMT
x-cdn: Imperva
etag: "0f14c93851dda1:0"
content-type: application/javascript
x-iinfo: 12-197393561-197388498 2VNN RT(1701206439001 1159) q(0 0 0 -1) r(1 1)
cache-control: max-age=4987, public
content-length: 1104
expires: Tue, 28 Nov 2023 22:43:47 GMT

GET
H2 200 swiper-bundle.min.css
cdn.jsdelivr.net/npm/swiper@8/ 16 KB
5 KB 33ms
16ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8533
x-jsd-version: 8.4.7
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230025-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"406d-rwCOh5O6dcNGNg6U6W482jFM4n8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMBzPmD1qKdp%2BT7AIql8ErChbDBEdr9ju%2BdpuSTSXdFR6YInTtKPzgbjeh%2FPuedZfq9sjEL5ZKv7DZHglZ8iPLO%2BhcI%2BKArEdn5ca%2BFmbkpZwlnNqKEcrGfWmDFBl3H2zYJLjSt4vDeerkxN8d8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82d5a8000c329b55-FRA

GET
H2 200 swiper-bundle.min.js Show response
cdn.jsdelivr.net/npm/swiper@8/ 140 KB
40 KB 20ms
19ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 30667
x-jsd-version: 8.4.7
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230138-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"2315a-9NyNRghnOcWBIRhbLQ9OGQcQ8Rs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSLVU1LVgJiEVPSuPDlVJ5pKEpLb7xg8hy%2B0hdS9BlfhpUnSsYPi5o%2Fd79rGfqRZU9%2BOv85X9iGU5YR45744GON2VDY0xZovwAZzuH7DUqj63vvPcac9C81rdScSYgCz2Mttm912XX8yeGVrr1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82d5a8001c479b55-FRA

GET
H2 200 social-proof1-v2.js Show response
www.sickkidsfoundation.com/assets/js/skf/pov/ 7 KB
2 KB 121ms
121ms Script
application/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/assets/js/skf/pov/social-proof1-v2.js
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 0a88f665737f9b846a66cc596f195d635fe46dab14892faf0e09dea722d364e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
content-encoding: gzip
last-modified: Wed, 22 Nov 2023 20:50:50 GMT
x-cdn: Imperva
etag: "0f14c93851dda1:0"
content-type: application/javascript
x-iinfo: 12-197393561-197393647 2VNN RT(1701206439001 1234) q(0 0 0 -1) r(1 1)
cache-control: max-age=1, public
content-length: 1507
expires: Tue, 28 Nov 2023 21:20:41 GMT

GET
H2 200 patientfamily_thomas.png
www.sickkidsfoundation.com/-/media/images/campaign/_global/testimonials/ 13 KB
13 KB 120ms
120ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/campaign/_global/testimonials/patientfamily_thomas.png?h=65&w=65&la=en&hash=6A7D09D4B8013705B7302FD2B58062D0
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 4630ed59ddd0a987f90df59a719808e7811321ba78040641c9096f8d87a6eff5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Wed, 01 Nov 2023 19:08:45 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/png
x-iinfo: 12-197393561-197388498 2NNN RT(1701206439001 1285) q(0 0 0 -1) r(1 1) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="patientfamily_thomas.png"
accept-ranges: bytes
content-length: 13583

GET
H2 200 patientfamily_maddie.png
www.sickkidsfoundation.com/-/media/images/campaign/_global/testimonials/ 13 KB
13 KB 121ms
118ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/campaign/_global/testimonials/patientfamily_maddie.png?h=65&w=65&la=en&hash=80C25222F127C03B4C891C2C76653B23
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 1f4bbaa394118293607788f717e91908e175203227f170138548081806248bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Wed, 01 Nov 2023 19:09:28 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/png
x-iinfo: 12-197393561-197393633 2NNN RT(1701206439001 1308) q(0 0 0 -1) r(1 1) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="patientfamily_maddie.png"
accept-ranges: bytes
content-length: 12961

GET
H2 200 patientfamily_maya.jpg
www.sickkidsfoundation.com/-/media/images/campaign/_global/testimonials/ 6 KB
6 KB 120ms
117ms Image
image/jpeg 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/campaign/_global/testimonials/patientfamily_maya.jpg?h=65&w=65&la=en&hash=395136346E7F9F22B49665677E56C386
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 67c0d8e8bd913bacd7172365ee1b13fcfd7c90236aced463b976bda5e4271668

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Fri, 26 May 2023 20:59:01 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/jpeg
x-iinfo: 12-197393561-197393567 PNNN RT(1701206439001 1310) q(0 0 0 -1) r(1 1) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="patientfamily_maya.jpg"
accept-ranges: bytes
content-length: 6036

GET
H2 200 patientfamily_maxen.jpg
www.sickkidsfoundation.com/-/media/images/campaign/_global/testimonials/ 3 KB
3 KB 121ms
118ms Image
image/jpeg 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/campaign/_global/testimonials/patientfamily_maxen.jpg?h=65&w=65&la=en&hash=A6BD65B3C1E8101BF25F54424180FBCF
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: fddb5bf3e5b0baa0d80d34bc3083ffe8d91f35971ca0560fd7b7624099cbab96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Mon, 29 May 2023 20:53:27 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/jpeg
x-iinfo: 12-197393561-197393631 2NNN RT(1701206439001 1313) q(0 0 0 -1) r(1 1) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="patientfamily_maxen.jpg"
accept-ranges: bytes
content-length: 2753

GET
H2 200 testimonial_bg_kaley_m.jpg
www.sickkidsfoundation.com/-/media/images/campaign/otd_holiday/fy24_wave1/ 149 KB
150 KB 449ms
448ms Image
image/jpeg 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/campaign/otd_holiday/fy24_wave1/testimonial_bg_kaley_m.jpg
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: e11424efc1e2c3a8af70c97bbe4e74a3b2eb8d145300d5ee51f0036a34408f0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Wed, 25 Oct 2023 13:56:25 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/jpeg
x-iinfo: 12-197393561-197393647 2NNN RT(1701206439001 1329) q(0 3 3 -1) r(4 4) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="testimonial_bg_kaley_m.jpg"
accept-ranges: bytes
content-length: 152797

GET
H2 200 we-make-history.png
www.sickkidsfoundation.com/-/media/images/campaign/_global/value-props/ 3 KB
3 KB 484ms
483ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/campaign/_global/value-props/we-make-history.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: faeff0a262528e9f6706045c8dd2f530b29a126fc657e9a809091d6420c0c568

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Mon, 05 Jun 2023 15:16:33 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/png
x-iinfo: 12-197393561-197391773 2NNN RT(1701206439001 1330) q(0 3 3 -1) r(4 4) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="we-make-history.png"
accept-ranges: bytes
content-length: 3238

GET
H2 200 complex-conditions.png
www.sickkidsfoundation.com/-/media/images/campaign/_global/value-props/ 2 KB
2 KB 536ms
535ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/campaign/_global/value-props/complex-conditions.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: fb663501dda8043e1aad1fe4ad7538b8082c280103ae347484d63e3ef08785cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Mon, 05 Jun 2023 15:32:55 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/png
x-iinfo: 12-197393561-197388498 2NNN RT(1701206439001 1333) q(0 4 4 -1) r(5 5) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="complex-conditions.png"
accept-ranges: bytes
content-length: 2370

GET
H2 200 we-offer-advanced-care.png
www.sickkidsfoundation.com/-/media/images/campaign/_global/value-props/ 3 KB
3 KB 584ms
583ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/campaign/_global/value-props/we-offer-advanced-care.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: c28139c8e906777d36436dcd4a4dfe7a7634c0eeb2e1f1e058570237c9d45388

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Mon, 05 Jun 2023 15:34:55 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/png
x-iinfo: 12-197393561-197391773 2NNN RT(1701206439001 1339) q(0 4 4 -1) r(5 5) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="we-offer-advanced-care.png"
accept-ranges: bytes
content-length: 3271

GET
H2 200 mediawithtext_kaley_m.jpg
www.sickkidsfoundation.com/-/media/images/campaign/otd_holiday/fy24_wave1/ 112 KB
113 KB 632ms
631ms Image
image/jpeg 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/campaign/otd_holiday/fy24_wave1/mediawithtext_kaley_m.jpg
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 7258cf70c12c19441e1f551eeb88192951a367a1ac0adcd343ed0edad851901e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Wed, 25 Oct 2023 13:54:35 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/jpeg
x-iinfo: 12-197393561-197342446 2NNN RT(1701206439001 1341) q(0 5 5 -1) r(6 6) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="mediawithtext_kaley_m.jpg"
accept-ranges: bytes
content-length: 114822

GET
H2 200 skvs-logo-white.png
www.sickkidsfoundation.com/-/media/images/skf/common/ 15 KB
15 KB 642ms
641ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/common/skvs-logo-white.png?h=144&w=466&la=en&hash=2282E3C31B6686637F89CD57AA644DBB
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: b7d25b646b5a4180a9e95d25d818a9a0f0ff91747076719024efbcae18604b61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Tue, 19 Sep 2023 19:22:25 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/png
x-iinfo: 12-197393561-197393567 PNNN RT(1701206439001 1344) q(0 5 5 -1) r(6 6) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="SKVS-logo-white.png"
accept-ranges: bytes
content-length: 15178

GET
H2 200 app Show response
www.sickkidsfoundation.com/bundles/ 15 KB
5 KB 117ms
114ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/app?v=tjkTPOWxhiXGidqKrZGQ59tzwyf43YBcZGGbrGMP21k1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: b1cdabcbe4a918fd2e291cce9bd3273a4d68c3dceb9d24a27deca30348c84adf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 21:20:41 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 12-197393561-197391773 2NNN RT(1701206439001 1315) q(0 0 0 -1) r(1 1)
cache-control: public
content-length: 5032
expires: Wed, 27 Nov 2024 21:20:41 GMT

GET
H2 200 social Show response
www.sickkidsfoundation.com/bundles/ 802 B
760 B 157ms
155ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/social?v=jNG_Zuncs3Uy5QCszY2DbJBTFVN_awNWLLRTpXz4zAs1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: ae45007c10fb058099dce27a7af043e710c0065c0aa56ea608b06eb5bc9958f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 21:20:41 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 12-197393561-197393415 2NNN RT(1701206439001 1318) q(0 0 0 -1) r(1 1)
cache-control: public
content-length: 637
expires: Wed, 27 Nov 2024 21:20:41 GMT

GET
H2 200 _Incapsula_Resource Show response
www.sickkidsfoundation.com/ 140 KB
20 KB 52ms
51ms Script
application/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1214694606
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 9ad9de382f989fdde5f516d5e2248055b8acf93f25f32219f637e52a28cb3e37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 20090
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 591 KB
141 KB 74ms
54ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a81dd46c838be20fe76de408d9ab3e6d69a00f0ca2d36db9a0275fd758a3a386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144336
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Nov 2023 21:20:41 GMT

GET
H2 200 hero_and_widget_panel.jpg
www.sickkidsfoundation.com/-/media/images/campaign/otd_holiday/fy24_wave1/ 290 KB
293 KB 682ms
682ms Image
image/jpeg 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/campaign/otd_holiday/fy24_wave1/hero_and_widget_panel.jpg
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 20bb37261dffd4b322eaeb500976b2def287a29152d8e53053079ba89630ad45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Wed, 25 Oct 2023 13:46:36 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/jpeg
x-iinfo: 12-197393561-197391773 2NNN RT(1701206439001 1353) q(0 5 5 -1) r(6 6) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="hero_and_widget_panel.jpg"
accept-ranges: bytes
content-length: 297431

GET
H2 200 cta-arrow-blue.svg
www.sickkidsfoundation.com/images/icons/ 580 B
527 B 743ms
743ms Image
image/svg+xml 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/icons/cta-arrow-blue.svg
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/main?v=oAv00LErvoBs7ew4JXRnRsuIq1eDawml3hQpEttpjgQ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 0e1b3b92eb57bcb5de50262bdc39283d4d73c329e34c3a1d205a5449f25cdb87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/bundles/css/main?v=oAv00LErvoBs7ew4JXRnRsuIq1eDawml3hQpEttpjgQ1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: gzip
last-modified: Wed, 22 Nov 2023 20:50:52 GMT
x-cdn: Imperva
etag: "01e7e94851dda1:0"
content-type: image/svg+xml
x-iinfo: 12-197393561-197388498 2VNN RT(1701206439001 1361) q(0 6 6 -1) r(7 7)
cache-control: max-age=3390, public
content-length: 321
expires: Tue, 28 Nov 2023 22:17:11 GMT

GET
H2 200 Inter-VariableFont_slnt-wght.ttf
www.sickkidsfoundation.com/fonts/ 785 KB
785 KB 203ms
203ms Font
application/octet-stream 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Inter-VariableFont_slnt-wght.ttf
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/main?v=oAv00LErvoBs7ew4JXRnRsuIq1eDawml3hQpEttpjgQ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: b9a8e5e213977665be2a56db66945a16c686da3d9861af1e7851322cf15495ea

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/main?v=oAv00LErvoBs7ew4JXRnRsuIq1eDawml3hQpEttpjgQ1
Origin: https://www.sickkidsfoundation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Wed, 22 Nov 2023 20:50:52 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "01e7e94851dda1:0"
content-type: application/octet-stream
x-iinfo: 12-197393561-197393808 NNNY CT(102 214 0) RT(1701206439001 1366) q(0 1 1 -1) r(2 2) U12
x-incap-sess-cookie-hdr: aeANU/FE21g/VeR7SbWbA6hZZmUAAAAAOoQVVyfwU8nsgY/hCtm2Kw==
accept-ranges: bytes
content-length: 803384

GET
H2 200 Anton-Regular.ttf
www.sickkidsfoundation.com/fonts/ 158 KB
158 KB 224ms
223ms Font
application/octet-stream 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Anton-Regular.ttf
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/main?v=oAv00LErvoBs7ew4JXRnRsuIq1eDawml3hQpEttpjgQ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 28beb8f6542f642ba4143bd4a1d1cfc7be7b1dedc951096efd8e0942502ea1bf

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/main?v=oAv00LErvoBs7ew4JXRnRsuIq1eDawml3hQpEttpjgQ1
Origin: https://www.sickkidsfoundation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Wed, 22 Nov 2023 20:50:52 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "01e7e94851dda1:0"
content-type: application/octet-stream
x-iinfo: 12-197393561-197393567 PNNN RT(1701206439001 1370) q(0 1 1 -1) r(2 2) U12
x-incap-sess-cookie-hdr: vHFdeVfqqww/VeR7SbWbA6hZZmUAAAAAUf0UbnP5twI1QBggn0TSEA==
accept-ranges: bytes
content-length: 161588

GET
H2 200 skvs-logo-white.png
www.sickkidsfoundation.com/-/media/images/skf/common/ 15 KB
15 KB 714ms
713ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/common/skvs-logo-white.png?h=144&w=466&la=en&hash=2282E3C31B6686637F89CD57AA644DBB
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: b7d25b646b5a4180a9e95d25d818a9a0f0ff91747076719024efbcae18604b61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Tue, 19 Sep 2023 19:22:25 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/png
x-iinfo: 12-197393561-197393567 PNNN RT(1701206439001 1384) q(0 6 6 -1) r(7 7) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="SKVS-logo-white.png"
accept-ranges: bytes
content-length: 15178

GET
H2 200 secure.gif
www.sickkidsfoundation.com/images/ 2 KB
2 KB 801ms
801ms Image
image/gif 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/secure.gif
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: d7045fdb11dd6356bf559e5d35d9173d409d403a36a20040f4a4e5f08314c9a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
last-modified: Wed, 22 Nov 2023 20:50:52 GMT
x-cdn: Imperva
etag: "01e7e94851dda1:0"
content-type: image/gif
x-iinfo: 12-197393561-197393647 2VNN RT(1701206439001 1386) q(0 7 7 -1) r(8 8)
cache-control: max-age=21600, public
content-length: 1613
expires: Wed, 29 Nov 2023 03:20:41 GMT

GET
H2 200 testimonial_bg_kaley.jpg
www.sickkidsfoundation.com/-/media/images/campaign/otd_holiday/fy24_wave1/ 419 KB
422 KB 819ms
819ms Image
image/jpeg 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/campaign/otd_holiday/fy24_wave1/testimonial_bg_kaley.jpg
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 917bb62f90de4bda378d9d5dc390755bc94bdd3c0becf2df5e7a0b34f7ca7729

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
last-modified: Wed, 25 Oct 2023 13:48:58 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/jpeg
x-iinfo: 12-197393561-197393633 2NNN RT(1701206439001 1387) q(0 7 7 -1) r(8 8) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="testimonial_bg_kaley.jpg"
accept-ranges: bytes
content-length: 428964

GET
H2 200 arrow-right.svg
www.sickkidsfoundation.com/images/icons/ 245 B
332 B 887ms
887ms Image
image/svg+xml 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/icons/arrow-right.svg
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/main?v=oAv00LErvoBs7ew4JXRnRsuIq1eDawml3hQpEttpjgQ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: c7ccc03d60758981d5146dc551c60c45c03315027f898536486ddc1609a95f83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/bundles/css/main?v=oAv00LErvoBs7ew4JXRnRsuIq1eDawml3hQpEttpjgQ1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: gzip
last-modified: Wed, 22 Nov 2023 20:50:52 GMT
x-cdn: Imperva
etag: "01e7e94851dda1:0"
content-type: image/svg+xml
x-iinfo: 12-197393561-197393682 2VNN RT(1701206439001 1390) q(0 8 8 -1) r(9 9)
cache-control: max-age=1, public
content-length: 189
expires: Tue, 28 Nov 2023 21:20:42 GMT

GET
H2 200 mediawithtext_kaley.jpg
www.sickkidsfoundation.com/-/media/images/campaign/otd_holiday/fy24_wave1/ 343 KB
346 KB 951ms
951ms Image
image/jpeg 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/campaign/otd_holiday/fy24_wave1/mediawithtext_kaley.jpg
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 04f16b23200066c0e74752d448222b6516f677745d0b09f4a8b5bb1e29a1f627

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
last-modified: Wed, 25 Oct 2023 13:53:42 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/jpeg
x-iinfo: 12-197393561-197393647 2NNN RT(1701206439001 1394) q(0 8 8 -1) r(9 9) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="mediawithtext_kaley.jpg"
accept-ranges: bytes
content-length: 351512

GET
H2 200 AnekMalayalam-VariableFont_wdth,wght.ttf
www.sickkidsfoundation.com/fonts/ 647 KB
647 KB 183ms
183ms Font
application/octet-stream 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/AnekMalayalam-VariableFont_wdth,wght.ttf
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/main?v=oAv00LErvoBs7ew4JXRnRsuIq1eDawml3hQpEttpjgQ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: cfab5761d720007545de64c695e5d5f44d6a9b7b8aac8be4642646e317985c3c

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/main?v=oAv00LErvoBs7ew4JXRnRsuIq1eDawml3hQpEttpjgQ1
Origin: https://www.sickkidsfoundation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Wed, 22 Nov 2023 20:50:52 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: "01e7e94851dda1:0"
content-type: application/octet-stream
x-iinfo: 12-197393561-197393814 NNNY CT(100 210 0) RT(1701206439001 1397) q(0 1 1 -1) r(2 2) U12
x-incap-sess-cookie-hdr: K5NLMvraCBY/VeR7SbWbA6hZZmUAAAAAji9ueAnXBncqSRRdiuBWqw==
accept-ranges: bytes
content-length: 662272

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://www.sickkidsfoundation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
91 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1N3ZYKZ49X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

049602d1971142a5773823b2102994f8c49751162d0f257de9136a0cd4644b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93359
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 21:20:41 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
6ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Nov 2023 19:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5463
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 28 Nov 2023 21:49:38 GMT

GET
H2 200 hotjar-302599.js Show response
static.hotjar.com/c/ 9 KB
4 KB 111ms
50ms Script
application/javascript 52.222.139.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-302599.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-116.ams50.r.cloudfront.net

Software

Resource Hash

3610351ca807d250b6ef559a515c2f0aba1f66e10c8e85be1f548f2b3e805c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 415e8d76bf2c69e5e03b89ba8461cd7e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
etag: W/c0142c6b66287865c315dde17a1e26ee
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 50Dtjrf1RChxfygpjQ7sayIW1P1Q1v9MS6kblQXySfsHvJDdjyn1yQ==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 65ms
20ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230034-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1036497480/ 3 KB
2 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036497480/?random=1701206441231&cv=11&fst=1701206441231&bg=ffffff&guid=ON&async=1&gtm=45He3b81v71468454&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&hn=www.googleadservices.com&frm=0&tiba=Donate%20to%20SickKids%20%7C%20Help%20kids%20get%20home%20for%20the%20holidays&auid=1557589946.1701206441&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6415c2d7187b719d0abdae1768bef1a3d1c12a27630c1cf32e80e486b07ecd2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1373
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 69ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 28 Nov 2023 21:20:40 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D4D41B02C6B84B92A7016F409E8564AB Ref B: FRAEDGE1317 Ref C: 2023-11-28T21:20:41Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/711607319/ 3 KB
2 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/711607319/?random=1701206441235&cv=11&fst=1701206441235&bg=ffffff&guid=ON&async=1&gtm=45He3b81v71468454&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&hn=www.googleadservices.com&frm=0&tiba=Donate%20to%20SickKids%20%7C%20Help%20kids%20get%20home%20for%20the%20holidays&auid=1557589946.1701206441&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40d3c704e30089bd4fe87243b11e56c84235e1e6032e3d8f1a3a3f5d560f2234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1369
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 86ms
23ms Script
application/javascript 2a02:26f0:780::210:a423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a423 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3a7ff26e3fea300cdd6456f976a6b7ac113ebc0e88891359313d02f448213ffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Nov 2023 10:31:24 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=47461
accept-ranges: bytes
content-length: 3840

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 51ms
14ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Nov 2023 21:20:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: wJnW5b9Qpimpme5A/jqa+dOGy5lOvU4sYDUK8DS9H/7udmvIZak2ull00aj+arbUt1dJWixYPd8iAkEIEdaEFA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 64ms
27ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0de2a176ad08f62d4eb01561e51936094f156760b03746e2f17e69345824f7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 28 Nov 2023 21:20:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-880455918

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9ee30adfb0c23587e69d79db63da54a12aad0493da0f8e32c2a45ff87b461d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72268
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Nov 2023 21:20:41 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 4 KB
2 KB 49ms
7ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: br
x-cdn: fastly
etag: "8d7d8ce32aa2a45d64e9f04a9a5cb1c4"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1793

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 19 KB
7 KB 87ms
16ms Script
application/javascript 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 36ace6e4c38fc4c8a5904f8acd8359f20b14394d5f6177bde16607d10e0c1f7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 21:20:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 15:40:20 GMT
Server: AmazonS3
x-amz-request-id: G7WGADDZ57N1WK5V
ETag: "defce75bc9a27c30948c8dc044bb8873"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=116
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6208
x-amz-id-2: 14TM9RTILZCP/k93vt3CS5m9NTtDO9BS6UNAq/PyXKNKuMJsCNE259b1G6NjeGZz2pnsg3npul0=

GET
H2 200 scevent.min.js Show response
sc-static.net/ 40 KB
17 KB 111ms
44ms Script
application/javascript 108.138.40.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.40.243 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-40-243.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 98a95ec0ce66575d7c332369abd1a2e288674d741c5cae81efcaddaa29de6228

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: gzip
via: 1.1 beaace02cc7004781239800a1c484ca0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17230
x-amz-cf-id: PDgQm0Okt7DUQAIHKBMaf-Cr4qYWOaM0nbeUH5RW6a9CteIkVeBRhg==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 53ms
14ms Script
application/x-javascript 108.138.40.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.40.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-40-116.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 02:56:46 GMT
Content-Encoding: gzip
Via: 1.1 beaace02cc7004781239800a1c484ca0.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Nov 2023 02:56:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P2
Age: 66236
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: DEM9xXPG4KbStl-IRTeNklBnsQtsJtCkfrg7g3nRaimsGUQMxnosdA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 304 KB
75 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M37RLKB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25e9146af71e2a008bbcdd19c17b2659e7c147842b301ebd0f4dc41099c8a189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76615
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Nov 2023 21:20:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-5627812&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41850f62ff49755e1453bc9c416575b92fbe495c8d74f63f2758e6c9608a4b2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67294
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Nov 2023 21:20:41 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 89ms
14ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/social?v=jNG_Zuncs3Uy5QCszY2DbJBTFVN_awNWLLRTpXz4zAs1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B74) /
Resource Hash: 9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 21:20:41 GMT
Content-Encoding: gzip
Age: 552
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27598
Last-Modified: Mon, 09 Oct 2023 20:29:49 GMT
Server: ECS (amb/6B74)
Etag: "391b7fdf0c468036f27102529636f0ca+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 25ms
24ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/social?v=jNG_Zuncs3Uy5QCszY2DbJBTFVN_awNWLLRTpXz4zAs1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b7fde8dd6c63a0880e3bc2cbd143ea0b7dcdc3e56d63f31bb1413cadf7f5fe6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Nov 2023 21:20:41 GMT
content-md5: FgKhJeyg4tXyHHEVH9gVOA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints
x-fb-debug: xoocswIoGiLnuFAKayCfiH+hMU/fA/8on4tXHH1vfxlneHIpEx8EPqJM0RlyPMiCPrkQDiRfmF1GbNheeae/xQ==
x-fb-content-md5: 10ec8334cfa38a8e233e3bccde2ad1ae
cross-origin-opener-policy: same-origin-allow-popups
etag: "b934c71a6a7921873bea9590e4bd542d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 28 Nov 2023 21:34:26 GMT

GET
H2 200 _Incapsula_Resource
www.sickkidsfoundation.com/ 1 B
49 B 7ms
7ms Image
text/plain 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/_Incapsula_Resource?SWKMTFSR=1&e=0.9517477618076058
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
229 B 14ms
13ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=635400423&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&ul=en-us&de=UTF-8&dt=Donate%20to%20SickKids%20%7C%20Help%20kids%20get%20home%20for%20the%20holidays&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiAABBAAAACAAI~&jid=260314126&gjid=958182074&cid=1142654540.1701206441&tid=UA-66351416-1&_gid=312722628.1701206441&_slc=1&gtm=45He3b81n71NJ4P25v71468454&cd8=gt&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=391780113

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

c6e5c039a5419a555da7a580f6b25584c3fcaa3bba577f3154d0690e13e21002

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sickkidsfoundation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
357 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-66351416-1&cid=1142654540.1701206441&jid=260314126&gjid=958182074&_gid=312722628.1701206441&_u=YGBAiAABBAAAAGAAI~&z=209030518

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 28 Nov 2023 21:20:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sickkidsfoundation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/880455918/ 3 KB
2 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/880455918/?random=1701206441288&cv=11&fst=1701206441288&bg=ffffff&guid=ON&async=1&gtm=45be3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&hn=www.googleadservices.com&frm=0&tiba=Donate%20to%20SickKids%20%7C%20Help%20kids%20get%20home%20for%20the%20holidays&auid=1557589946.1701206441&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-880455918

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65ab61863ef0e388b6fd53a1d3b0f45c9f60619b172b856d05dcb04d3a7a348e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1393
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
262 B 36ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1N3ZYKZ49X&gtm=45je3b81v9119577223z871468454&_p=1701206440279&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1142654540.1701206441&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701206441&sct=1&seg=0&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&dt=Donate%20to%20SickKids%20%7C%20Help%20kids%20get%20home%20for%20the%20holidays&en=page_view&_fv=1&_ss=1&tfd=2917
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1N3ZYKZ49X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sickkidsfoundation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
82 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N87CSHY5ZB&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c12f1e0b2b596f71989d0f1ce65dba5f10852b8ffaff557d280b8b419b105b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84095
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 21:20:41 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 56ms
34ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-66351416-1&cid=1142654540.1701206441&jid=260314126&_u=YGBAiAABBAAAAGAAI~&z=1699340703

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 55ms
33ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-66351416-1&cid=1142654540.1701206441&jid=260314126&_u=YGBAiAABBAAAAGAAI~&z=1699340703

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1036497480/ 42 B
455 B 46ms
24ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1036497480/?random=1701206441231&cv=11&fst=1701205200000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v71468454&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&frm=0&tiba=Donate%20to%20SickKids%20%7C%20Help%20kids%20get%20home%20for%20the%20holidays&fmt=3&is_vtc=1&cid=CAQSGwDICaaNZRWGqvGR-mOqfiMBZxHHD0hXHukqwg&random=2686574532&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1036497480/ 42 B
108 B 44ms
23ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1036497480/?random=1701206441231&cv=11&fst=1701205200000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v71468454&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&frm=0&tiba=Donate%20to%20SickKids%20%7C%20Help%20kids%20get%20home%20for%20the%20holidays&fmt=3&is_vtc=1&cid=CAQSGwDICaaNZRWGqvGR-mOqfiMBZxHHD0hXHukqwg&random=2686574532&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/711607319/ 42 B
108 B 46ms
25ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/711607319/?random=1701206441235&cv=11&fst=1701205200000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v71468454&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&frm=0&tiba=Donate%20to%20SickKids%20%7C%20Help%20kids%20get%20home%20for%20the%20holidays&fmt=3&is_vtc=1&cid=CAQSGwDICaaNxI04x3ApLf5q2PBYk6k2e4ueErJkPg&random=1431940463&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/711607319/ 42 B
455 B 44ms
23ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/711607319/?random=1701206441235&cv=11&fst=1701205200000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v71468454&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&frm=0&tiba=Donate%20to%20SickKids%20%7C%20Help%20kids%20get%20home%20for%20the%20holidays&fmt=3&is_vtc=1&cid=CAQSGwDICaaNxI04x3ApLf5q2PBYk6k2e4ueErJkPg&random=1431940463&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.74d80534.js Show response
s.pinimg.com/ct/lib/ 65 KB
19 KB 11ms
9ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: br
x-cdn: fastly
etag: "cb251578b1e91b3cc440fd1521770cc5"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 18895

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/63e90c30/www-widgetapi.vflset/ 215 KB
67 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/63e90c30/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af82cd92cb1df231870f60b847a411fcc4adfffef67f01fff41885828edee2e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 892
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68238
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 02:45:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 27 Nov 2024 21:05:49 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 297 KB
85 KB 28ms
14ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=30ec80190a9fe8324ed12728ee38f3bf

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f57b363b716edd65349c23c06555c8496c9f0ff5fd2c3995fd2f5b33b4797d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.sickkidsfoundation.com/
Origin: https://www.sickkidsfoundation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Nov 2023 21:20:41 GMT
content-md5: eXKSVex5GBs+MsBvF7w2nw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86881
reporting-endpoints
x-fb-debug: nhhNR+jsCQlwa8HmS0VLFzVU88qjcjJAqLObgQl8o74QWOnmoISIMGfmtyjnSMzRvBaykMpmQVEZCX0K5WimkA==
x-fb-content-md5: bb8b9a472ee64748f1eeab87b8e83165
cross-origin-opener-policy: same-origin-allow-popups
etag: "3c72738ca231b2c251db4b65b83a4cf3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 27 Nov 2024 20:17:25 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 30ms
30ms Script
application/x-javascript 2a02:26f0:780::210:a423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a423 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=50219
accept-ranges: bytes
content-length: 3272

GET
H2 200 adsct
t.co/i/ 43 B
376 B 203ms
176ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=61290e73-8839-4e04-ad91-e3a40042a3e0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=17b5263b-7646-47f1-84b9-f19d70fee01a&tw_document_href=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxw6l&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 169
date: Tue, 28 Nov 2023 21:20:41 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 27b4ef9679012013
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 2f2f5a0119a6840c8e69e6b7a35d990e76aa029cbeaf204d2a2a4f3d5c29d1ea
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 182ms
122ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=61290e73-8839-4e04-ad91-e3a40042a3e0&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=17b5263b-7646-47f1-84b9-f19d70fee01a&tw_document_href=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxw6l&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 28 Nov 2023 21:20:40 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 3d7fd1d7135700d3
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 293ba1b75b63684d43c458bb6ca2fb7e5c77294c3096e53075d991f3948b207f
content-length: 43

GET
H2 200 modules.28e3191d8757c557b4b7.js Show response
script.hotjar.com/ 227 KB
57 KB 54ms
14ms Script
application/javascript 18.173.154.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.28e3191d8757c557b4b7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-302599.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-87.muc50.r.cloudfront.net

Software

Resource Hash

77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 94313a5530517e71f4769858ce013d58.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 458375
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 57395
last-modified: Thu, 23 Nov 2023 14:00:23 GMT
etag: "1ab24a53e715dcb189ab626bacc0e88b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 23iFUYRkZIuMKJMnV2iRWbb_Gq4fvrSYA8LTl2tWRhVYrZIVxDSf7g==

GET
H3 200 250085185187976 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 145ms
145ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/250085185187976?v=2.9.138&r=stable&domain=www.sickkidsfoundation.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a24c77868ce13ac619eb8efc18e31a999838ec9678c3bb3cbf5e8f7677eaf342

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Nov 2023 21:20:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: R5OecEIEAaCdxAs8LD3fuz965C3wFpJ5VFFvparI8cCZm7mnPz7902r+pDpul259f1ZQFMZgNUuBHsjzKBdbFw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 25070334.js Show response
bat.bing.com/p/action/ 0
117 B 90ms
90ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25070334.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 28 Nov 2023 21:20:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3B6114BDB9B94C95995A720960CF496A Ref B: FRAEDGE1317 Ref C: 2023-11-28T21:20:41Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
284 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25070334&tm=gtm002&Ver=2&mid=d6ab29a2-dcd9-4225-b281-e9c448ce80b3&sid=fbd395b08e3311eea255474f24f87a85&vid=fbd38e108e3311ee8a2105632faf2077&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20to%20SickKids%20%7C%20Help%20kids%20get%20home%20for%20the%20holidays&kw=SickKids%20Foundation,%20hospital%20foundation,%20children%E2%80%99s%20hospital%20foundation,%20donate,%20donate%20online,%20children%E2%80%99s%20charity,%20holiday%20donation,%20donate%20for%20the%20holidays,%20donations%20for%20kids,%20support%20sick%20kids,%20support%20a%20hospital,%20help%20children,%20give%20back%20at%20the%20holidays,%20Giving%20Tuesday&p=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&r=&lt=2804&evt=pageLoad&sv=1&rn=633038

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Nov 2023 21:20:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0A73A065515149BAAB389FB4776792F1 Ref B: FRAEDGE1317 Ref C: 2023-11-28T21:20:41Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 145 B
596 B 107ms
51ms Fetch
application/json 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&advertiser_id=31041
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 70b7c81cf7f32317f9f0173ae57c3ade74b69342e89a5e69ba85c9826d05e90d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:41 GMT
Observe-Browsing-Topics: ?1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.sickkidsfoundation.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 145
Expires: Tue, 28 Nov 2023 21:20:41 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/880455918/ 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/880455918/?random=1701206441288&cv=11&fst=1701205200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&frm=0&tiba=Donate%20to%20SickKids%20%7C%20Help%20kids%20get%20home%20for%20the%20holidays&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNqarIPEwg9elK2dUav2zNP0CaFNhqRHlImOiLZwmWEqzX_KMH&random=3326311471&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/880455918/ 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/880455918/?random=1701206441288&cv=11&fst=1701205200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&frm=0&tiba=Donate%20to%20SickKids%20%7C%20Help%20kids%20get%20home%20for%20the%20holidays&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNqarIPEwg9elK2dUav2zNP0CaFNhqRHlImOiLZwmWEqzX_KMH&random=3326311471&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html Show response
platform.twitter.com/widgets/ Frame E399 319 KB
104 KB 15ms
15ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.sickkidsfoundation.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB8) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://www.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4322896
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Nov 2023 21:20:41 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BB8)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 / Show response
ct.pinterest.com/user/ 297 B
290 B 75ms
38ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612982544860&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1701206441464&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 3
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1028374570580123
content-length: 172
pin-unauth: dWlkPU5XTXlOemcxTXpRdFpUUmpaQzAwTmpNNUxXRmpObVV0WVdJd01HUTRNVGd5WkRKag
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sickkidsfoundation.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 5d3c2f1679281f2c8de82ecae570034b947dbf31
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 297 B
625 B 70ms
34ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&tid=2612982544860&cb=1701206441465&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 7878604571341558
content-length: 172
pin-unauth: dWlkPVlUQXlZemN6TVRVdE9ESTBZaTAwTlRJMExXRTRObVV0TWpFeU5Ea3lZek0zWmprMg
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sickkidsfoundation.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 5d3c2f1679281f2c8de82ecae570034b947dbf31
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
185 B 62ms
36ms Image
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2612982544860&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2274d80534%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1701206441475
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:41 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 5d3c2f1679281f2c8de82ecae570034b947dbf31
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 9126097753705919
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N87CSHY5ZB&gtm=45je3b81v9167702062&_p=1701206440279&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1142654540.1701206441&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&dt=Donate%20to%20SickKids%20%7C%20Help%20kids%20get%20home%20for%20the%20holidays&sid=1701206441&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_8=gt&tfd=3053
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N87CSHY5ZB&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sickkidsfoundation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 20ms
19ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N87CSHY5ZB&cid=1142654540.1701206441&gtm=45je3b81v9167702062&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N87CSHY5ZB&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sickkidsfoundation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 36ms
36ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N87CSHY5ZB&cid=1142654540.1701206441&gtm=45je3b81v9167702062&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=743579357

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1da237a8-8122-4c02-9fcf-0aa6fde57222.js Show response
tr.snapchat.com/config/com/ 167 B
452 B 102ms
19ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/1da237a8-8122-4c02-9fcf-0aa6fde57222.js?v=3.6.1-2311282110

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

7f990d124f912b1abe6e398928afd9346fa249b8047830ba3abb89fd2795b1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/
Origin: https://www.sickkidsfoundation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://www.sickkidsfoundation.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame F53C 0
201 B 99ms
18ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=1da237a8-8122-4c02-9fcf-0aa6fde57222&u_scsid=6b1924ee-98e6-496f-96d2-257f257c8331&u_sclid=36cf3184-d244-4fad-8cb0-677e41c7b108

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 28 Nov 2023 21:20:41 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 1

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1701206441510&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Df...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1701206441510&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Df...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2274266%26time%3D1701206441510%26url%3Dhttps%253A%252F%252Fwww.sickkidsfoundation...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1701206441510&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Df...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1701206441510&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3D...

0
265 B

141ms
116ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1701206441510&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&cookiesTest=true&liSync=true&e_ipv6=AQKs4EwyiIv5qwAAAYwXzkAYHObFf-FJ6NqVNdmN39YOnLKHbCE8M1NUem2zkpgFrBAXuLbNdHoM6BKcTyW8Wt2O_OIV
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B4FD5D91765A42829C2BFB8155F6F5C2 Ref B: FRAEDGE1109 Ref C: 2023-11-28T21:20:42Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLPP2spzreFh4Zz2ZqRw==

Redirect headers

date: Tue, 28 Nov 2023 21:20:41 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5AA9E844246148B08E8434B24223A338 Ref B: FRAEDGE1512 Ref C: 2023-11-28T21:20:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1701206441510&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&cookiesTest=true&liSync=true&e_ipv6=AQKs4EwyiIv5qwAAAYwXzkAYHObFf-FJ6NqVNdmN39YOnLKHbCE8M1NUem2zkpgFrBAXuLbNdHoM6BKcTyW8Wt2O_OIV
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLPP2qF8fz6Ssq0UooKw==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame E399 869 B
658 B 177ms
124ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=97cbf11a6e7ef68bf2f529f2d2c9c248524788f7

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.sickkidsfoundation.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 105
date: Tue, 28 Nov 2023 21:20:40 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 28 Nov 2023 21:20:41 GMT
server: tsa_f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: bd056a3289eba7bd
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 2034e5e471e52cf14c15cf66bf0157bc8dbdfe5e4af04e56d0c560854153d1a1
content-length: 337

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 123ms
108ms Fetch
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=157977957983408&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=30ec80190a9fe8324ed12728ee38f3bf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Tue, 28 Nov 2023 21:20:41 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: Vg2ezJCkJtiCIwB8bIwtcsBA+ofSa3ehh6SyfiSMggmFRe3eQ74lSr7PMJ4PxKceTHdL534H2DEzc83ASGPveQ==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sickkidsfoundation.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 302599 Show response
vc.hotjar.io/sessions/ 0
257 B 115ms
48ms XHR
text/plain 18.66.192.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/302599?s=0.25&r=0.09960093904573708
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.28e3191d8757c557b4b7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-58.muc50.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
via: 1.1 29473aa9cc185f2a037ec3a7e2ffd74c.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: m3ytC8WydxIhtgxP81Mrjymf-CvdXM3bjL8gns25a1MQqLLoWHVeqQ==

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
330 B 35ms
34ms Image
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&tid=2612982544860&cb=1701206441574&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2274d80534%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:41 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 5d3c2f1679281f2c8de82ecae570034b947dbf31
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 8544010198095687
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
134 B 140ms
76ms Image
image/gif 104.122.27.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-web&tag_version=6.15.2_12a9676&provider=tag&advertiser_id=31041&referer=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&user_session_id=cc4cf9a6-77fd-4841-9f9e-14da993e03e3
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.122.27.70 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-122-27-70.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 28 Nov 2023 21:20:41 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H3 200 1728472720702530 Show response
connect.facebook.net/signals/config/ 371 KB
115 KB 313ms
313ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1728472720702530?v=2.9.138&r=stable&domain=www.sickkidsfoundation.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

56e7f0f2c9628cf0fa4c92f6c94eee8227beefcc017e835956e1fb1e1c267fd6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Nov 2023 21:20:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: mqLw1ODf64LXtT6kOYCb0mMp95oO88Hg/AsPykX9fnqyNwJuZDNTG6pwkKSWKT9gDOaErrJ70j8yAgzrbErzMw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 7ms
6ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=250085185187976&ev=PageView&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&rl=&if=false&ts=1701206441619&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701206441618.1055263149&cs_est=true&ler=empty&it=1701206441441&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 21:20:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 p
tr.snapchat.com/ 0
100 B 24ms
24ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://www.sickkidsfoundation.com
x-envoy-upstream-service-time: 5
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 55ca8236b27c373045deebbd637d2fb44a0b1e8d25972fa4d98c586ac59daea0 Show response
capi.annalect.com/events/ 0
171 B 330ms
99ms XHR
text/plain 2600:1f18:6791:a006:6738:3e9a:9c67:1bbc
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://capi.annalect.com/events/55ca8236b27c373045deebbd637d2fb44a0b1e8d25972fa4d98c586ac59daea0

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1728472720702530?v=2.9.138&r=stable&domain=www.sickkidsfoundation.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f18:6791:a006:6738:3e9a:9c67:1bbc Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.sickkidsfoundation.com
date: Tue, 28 Nov 2023 21:20:42 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 7ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1728472720702530&ev=PageView&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&rl=&if=false&ts=1701206442081&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701206441618.1055263149&cs_est=true&ler=empty&eid=ob3_plugin-set_d8800fd9286b027aca4688baa0aa6bff962382218511d3ffbad6d425a7462463&it=1701206441441&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Nov 2023 21:20:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 913C
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D64c440ec-0d27-a288-46eb-b5e5780ddfaa%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.sickkidsfoundation.com/&ex-hargs=v%3D1.0%3Bc%3...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D64c440ec-0d27-a288-46eb-b5e5780ddfaa%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.sickkidsfoundation.com/&ex-hargs=v%3D1.0%3Bc%3...

2 KB
2 KB

126ms
126ms

Document
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D64c440ec-0d27-a288-46eb-b5e5780ddfaa%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.sickkidsfoundation.com/&ex-hargs=v%3D1.0%3Bc%3D1480596890801%3Bp%3D64C440EC-0D27-A288-46EB-B5E5780DDFAA&cb=302208082784637400&dcc=t

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

8b4c5baa50a130fcb34ec64a6e779290ec0d0193c3b9aa7cf875ad07b664a8b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1695
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 28 Nov 2023 21:20:42 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 5MX95MFF6F8XQHVCC8ZN

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 28 Nov 2023 21:20:42 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D64c440ec-0d27-a288-46eb-b5e5780ddfaa%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.sickkidsfoundation.com/&ex-hargs=v%3D1.0%3Bc%3D1480596890801%3Bp%3D64C440EC-0D27-A288-46EB-B5E5780DDFAA&cb=302208082784637400&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: SD0ARJMFJQ5BYN69C3W8

GET
H2 200 patientfamily_thomas.png
www.sickkidsfoundation.com/-/media/images/campaign/_global/testimonials/ 13 KB
13 KB 132ms
130ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/campaign/_global/testimonials/patientfamily_thomas.png?h=65&w=65&la=en&hash=6A7D09D4B8013705B7302FD2B58062D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 4630ed59ddd0a987f90df59a719808e7811321ba78040641c9096f8d87a6eff5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
last-modified: Wed, 01 Nov 2023 19:08:45 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/png
x-iinfo: 12-197393561-197393808 PNNy RT(1701206439001 2461) q(0 0 0 -1) r(1 1) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="patientfamily_thomas.png"
accept-ranges: bytes
content-length: 13583

GET
H2 200 patientfamily_maddie.png
www.sickkidsfoundation.com/-/media/images/campaign/_global/testimonials/ 13 KB
13 KB 139ms
137ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/campaign/_global/testimonials/patientfamily_maddie.png?h=65&w=65&la=en&hash=80C25222F127C03B4C891C2C76653B23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 1f4bbaa394118293607788f717e91908e175203227f170138548081806248bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
last-modified: Wed, 01 Nov 2023 19:09:28 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/png
x-iinfo: 12-197393561-197393814 PNNy RT(1701206439001 2468) q(0 0 0 -1) r(1 1) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="patientfamily_maddie.png"
accept-ranges: bytes
content-length: 12961

GET
H2 200 patientfamily_maxen.jpg
www.sickkidsfoundation.com/-/media/images/campaign/_global/testimonials/ 3 KB
3 KB 141ms
140ms Image
image/jpeg 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/campaign/_global/testimonials/patientfamily_maxen.jpg?h=65&w=65&la=en&hash=A6BD65B3C1E8101BF25F54424180FBCF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: fddb5bf3e5b0baa0d80d34bc3083ffe8d91f35971ca0560fd7b7624099cbab96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
last-modified: Mon, 29 May 2023 20:53:27 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/jpeg
x-iinfo: 12-197393561-197393567 PNNN RT(1701206439001 2477) q(0 0 0 -1) r(1 1) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="patientfamily_maxen.jpg"
accept-ranges: bytes
content-length: 2753

GET
H2 200 patientfamily_maya.jpg
www.sickkidsfoundation.com/-/media/images/campaign/_global/testimonials/ 6 KB
6 KB 142ms
141ms Image
image/jpeg 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/campaign/_global/testimonials/patientfamily_maya.jpg?h=65&w=65&la=en&hash=395136346E7F9F22B49665677E56C386
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 67c0d8e8bd913bacd7172365ee1b13fcfd7c90236aced463b976bda5e4271668

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sickkidsfoundation.com/campaign/2/otdholidaygt?appeal=24DML-12EM-012&utm_campaign=fy24ddmotgholiday&utm_source=skf&utm_content=holidaygt&utm_medium=email&utm_adtype=gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:41 GMT
last-modified: Fri, 26 May 2023 20:59:01 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
content-type: image/jpeg
x-iinfo: 12-197393561-197393647 2NNN RT(1701206439001 2481) q(0 0 0 -1) r(1 1) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="patientfamily_maya.jpg"
accept-ranges: bytes
content-length: 6036

GET
H3 200 ct.html Show response
ct.pinterest.com/ Frame 33B5 565 B
516 B 37ms
37ms Document
text/html 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://www.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 28 Nov 2023 21:20:42 GMT
pinterest-version: 5d3c2f1679281f2c8de82ecae570034b947dbf31
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1069082807739288

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 1B41 0
60 B 103ms
32ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=gwmjca0&ref=https%3A%2F%2Fwww.sickkidsfoundation.com%2Fcampaign%2F2%2Fotdholidaygt%3Fappeal%3D24DML-12EM-012%26utm_campaign%3Dfy24ddmotgholiday%26utm_source%3Dskf%26utm_content%3Dholidaygt%26utm_medium%3Demail%26utm_adtype%3Dgt&upid=frd07f7&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Tue, 28 Nov 2023 21:20:42 GMT
server: Kestrel

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame AA49 7 KB
8 KB 101ms
100ms Document
text/html 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D64c440ec-0d27-a288-46eb-b5e5780ddfaa%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.sickkidsfoundation.com/&ex-hargs=v%3D1.0%3Bc%3D1480596890801%3Bp%3D64C440EC-0D27-A288-46EB-B5E5780DDFAA&cb=302208082784637400&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

08c50d91ca936b8e3d83294b6c12d00cedace142c512d167a6ca9157546bd83a

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D64c440ec-0d27-a288-46eb-b5e5780ddfaa%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.sickkidsfoundation.com/&ex-hargs=v%3D1.0%3Bc%3D1480596890801%3Bp%3D64C440EC-0D27-A288-46EB-B5E5780DDFAA&cb=302208082784637400&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 7544
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 28 Nov 2023 21:20:42 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: JW351H46Q5RZ045K3977

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=4GQftQ27T3OhjcOMaTavKA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3D4GQftQ27T3OhjcOMaTavKA%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=4GQftQ27T3OhjcOMaTavKA

43 B
479 B

105ms
105ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=4GQftQ27T3OhjcOMaTavKA

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:42 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6QRY3C3B0EXS7ESF95QR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:42 GMT
an-x-request-uuid: 618466a7-d9ac-4986-bea0-a8a9a2b59c6e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=4GQftQ27T3OhjcOMaTavKA
x-proxy-origin: 45.141.152.72; 45.141.152.72; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 match
match.360yield.com/ Frame AA49 43 B
199 B 118ms
30ms Image
image/gif 54.76.20.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=x4VCZr6dQCK5HyESd-5tQA&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.20.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-20-17.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 28 Nov 2023 21:20:42 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame AA49 43 B
163 B 187ms
38ms Image
image/gif 185.86.138.146
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=8QjrWv0oQEW3-LUSbn_IkQ
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.146 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:42 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=auuBWkaNSVySSFrEoSKihg&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=auuBWkaNSVySSFrEoSKihg&C=1
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZWZZqtVKVaaSv6YXgpzuGgAA

43 B
479 B

196ms
99ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZWZZqtVKVaaSv6YXgpzuGgAA

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Y485APB6G3G0KZAQRAP5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0icWVUate3NNM7TvR8QT9iQ0q7%2FPiTMrBvbAy5OkyAZ85Fafm6xih4OA2Z92xBW0SXKWn2cZSXz3iqJsJdhnhaNHMLA7GN%2Bfk58tFsgyBGWqRr4J5AuD9LjC0TGkdVTKcw8z7hIQPbkiQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZWZZqtVKVaaSv6YXgpzuGgAA
cache-control: no-cache
cf-ray: 82d5a80c3ffe0374-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58516/ Frame AA49 0
125 B 64ms
9ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=rHxo0Mg2R1-wkHVLybGZeQ

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:42 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
capi.connatix.com/us/ Frame AA49 82 B
82 B 88ms
49ms Image
image/gif 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?pId=32&puId=GMHoS8msTIe9Ah44l6Rajw&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DconnatixHMT%26id%3D%7BpuId%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 82d5a80c297818cb-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=8c08a18e34d249d6bf497f0d7eeb73d2

43 B
479 B

196ms
109ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=8c08a18e34d249d6bf497f0d7eeb73d2

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KE0C8136FNFFB3CHKPA0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=8c08a18e34d249d6bf497f0d7eeb73d2
date: Tue, 28 Nov 2023 21:20:43 GMT
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

203ms
97ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: X7A9ZYM3EMBW81RPECMM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 28 Nov 2023 21:20:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=P1T6RBX4Q1ZMFRE3E6GZ:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: P1T6RBX4Q1ZMFRE3E6GZ
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: KZlgcWxdivxPMDzwwPbAol_zeWIprY60kRWfE9MFS-AxQMn6ixp0gg==

GET
H2 200 match
match.360yield.com/ Frame AA49 43 B
198 B 114ms
31ms Image
image/gif 54.76.20.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.20.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-20-17.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 28 Nov 2023 21:20:42 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 pixel.gif
usersync.samplicio.us/amazon/ Frame AA49 0
186 B 152ms
117ms Image
text/plain 3.122.68.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.122.68.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-68-209.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:43 GMT
x-ratelimit-remaining: 0
location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
cache-control: no-cache, no-store, must-revalidate
x-ratelimit-reset: 0
x-ratelimit-limit: 0
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=12332d302d3ca952f

43 B
479 B

195ms
106ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=12332d302d3ca952f

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JQWRMEGDK377G586RVCD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 28 Nov 2023 21:20:43 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=12332d302d3ca952f
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
critical-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=zMXMN4IETIWvTeRvz5RI7w&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zMXMN4IETIWvTeRvz5RI7w

43 B
479 B

200ms
97ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zMXMN4IETIWvTeRvz5RI7w

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NGJ28JG6XENJ34R45KG2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zMXMN4IETIWvTeRvz5RI7w
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=392O6ISLRAW9s7uoopN7uw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=392O6ISLRAW9s7uoopN7uw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=25539487652684942811293536780721688207

43 B
479 B

148ms
101ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=25539487652684942811293536780721688207

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PPNP27MTGH7MJS876T6A
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

dcs: dcs-prod-irl1-1-v054-0a80e641c.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Tue, 28 Nov 2023 21:20:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: Mb6Lqx8tSBY=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=25539487652684942811293536780721688207
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 v2
odr.mookie1.com/t/ Frame AA49 42 B
213 B 38ms
16ms Image
image/gif 34.160.236.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=XP_9Z_t2RQa8yxSLgEi4tA
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:43 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6112333356251797235

43 B
479 B

169ms
100ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6112333356251797235

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: H2W3JKY3E4ZBATG7N8NA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=6112333356251797235
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22414243fa-5176-47b9-9824-6fe3b7e3b6b5%22,%22Time%22:%2220231128T212043.116716%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=414243fa-5176-47b9-9824-6fe3b7e3b6b5

43 B
479 B

139ms
100ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=414243fa-5176-47b9-9824-6fe3b7e3b6b5

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AY1SPCGTDK5E1W4N08VT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=414243fa-5176-47b9-9824-6fe3b7e3b6b5
Server: LogModule 0.6
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=amazon-na-23&gdpr=0
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr=0&domid=1109
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx&google_gid=CAESEMzylmC5ZGlJB71qpHMWlAg&google_cver=1
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEMzylmC5ZGlJB71qpHMWlAg&gdpr=0&action=GET_ID&etid=&domid=1109
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=6367645603294422580&opid=apx&ops=&utidl=tech:goo:CAESEMzylmC5ZGlJB71qpHMWlAg&gdpr=0&action=GET_ID&etid=&domid=1109
https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-56752228565&gdpr=0

43 B
479 B

217ms
102ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-56752228565&gdpr=0

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: C9X2MKGX89BHKDYETWBR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-56752228565&gdpr=0
date: Tue, 28 Nov 2023 21:20:43 GMT
strict-transport-security: max-age=63072000;includeSubDomains;preload
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=LDRumoV-H97i7eUj-_mALzc4fKw4ZgIC

43 B
479 B

230ms
104ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=LDRumoV-H97i7eUj-_mALzc4fKw4ZgIC

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KH5QG9EMRMCCVRQTV5B5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2B5oVYGgzFE%2FU%2F%2FwRTULZdpY%2Fd9lByQ5voQSeLMcDa%2F%2F6fewZ2Dft9HdGtIZ1gw0Dsx71MlMikysEnjMOfqCIyZZ%2BnbqcKR8dlH3Vr2pujIP%2FtKrCI0svi1FreJMJrMs7pgUXY9MALG52A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=index&id=LDRumoV-H97i7eUj-_mALzc4fKw4ZgIC
cache-control: no-cache
cf-ray: 82d5a80d18f70374-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 amazon
crb.kargo.com/api/v1/dsync/ Frame AA49 43 B
375 B 171ms
133ms Image
image/gif 3.124.56.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/amazon?exid=UACbj1gTQl-apYkAvEWKqQ&r=https://s.amazon-adsystem.com/ecm3?ex=KargoHMT&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.56.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-56-216.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:43 GMT
x-accel-expires: 0
vary: Origin
x-rejected: consent
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=6367645603294422580&ex=appnexus.com

43 B
479 B

170ms
105ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=6367645603294422580&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1XPG49605WABN312C718
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:43 GMT
an-x-request-uuid: 2e912482-21a1-454c-8c15-876a4b4d4996
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s.amazon-adsystem.com/ecm3?id=6367645603294422580&ex=appnexus.com
x-proxy-origin: 45.141.152.72; 45.141.152.72; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame AA49 0
225 B 82ms
21ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=INxq8WCDRLm_MmHtpkZUCw&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 28 Nov 2023 21:20:43 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=8NtLVnBJHt7tnpLbvew_Mg&ex=rubiconproject.com&status=ok

43 B
479 B

132ms
98ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=8NtLVnBJHt7tnpLbvew_Mg&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ACRBP08YN77MC1PWMB0Z
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=8NtLVnBJHt7tnpLbvew_Mg&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 /
loadus.exelator.com/load/ Frame AA49 0
324 B 99ms
8ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=AB3F1E0AAB59666529005C6702F71056

43 B
479 B

99ms
99ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=AB3F1E0AAB59666529005C6702F71056

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JZR83DATHGWNTP59F5M2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 28 Nov 2023 21:20:43 GMT
server: openresty/1.21.4.1
content-type: text/html
location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=AB3F1E0AAB59666529005C6702F71056
access-control-allow-origin: https://www.homedepot.com
access-control-expose-headers: User-NDAT
cache-control: no-cache, private
access-control-allow-credentials: true
p3p: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
content-length: 151
expires: Tue, 28 Nov 2023 21:20:42 GMT

GET
H2 200 sync
sync-amazon.ads.yieldmo.com/ Frame AA49 0
38 B 177ms
31ms Image
text/plain 99.80.178.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-amazon.ads.yieldmo.com/sync?pn_id=amazon&id=PJ-SbgYTSQaMoQ14Mtn0Iw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DyieldmoHMT%26id%3D%7B%7Buserid%7D%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.178.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-178-10.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:43 GMT
content-length: 0

GET
H2 204 sd
us-u.openx.net/w/1.0/ Frame AA49 0
119 B 38ms
18ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072986&val=JnS64b9GSeulXx3UI5fxQg&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DopenxHMT%26id%3D%7BOPENX_RTB_USERID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:43 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=5ac1a333-e64c-4d25-a85c-cb2eac5ee445-tuctc5fdf2b

43 B
479 B

110ms
109ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=5ac1a333-e64c-4d25-a85c-cb2eac5ee445-tuctc5fdf2b

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4HJ9C2HKT2NE7VN2J7EH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=5ac1a333-e64c-4d25-a85c-cb2eac5ee445-tuctc5fdf2b
date: Tue, 28 Nov 2023 21:20:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14721

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=216603104714005213536&ex=neustar.biz

43 B
479 B

110ms
110ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=216603104714005213536&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:44 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RHC8G0FT0YFXJ55T9D0W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:44 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=216603104714005213536&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=f4fb61bba8189b3cc9fe8ffe76b5a324

43 B
479 B

105ms
105ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=f4fb61bba8189b3cc9fe8ffe76b5a324

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6FX6VW3AZCHKAVH0HSW2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=f4fb61bba8189b3cc9fe8ffe76b5a324
date: Tue, 28 Nov 2023 21:20:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

108ms
108ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:44 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6DV39C1CEQ7432YH0GHY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Tue, 28 Nov 2023 21:20:44 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET sync
t.myvisualiq.net/ Frame AA49 0
0

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame AA49 0
123 B 63ms
15ms Image
text/plain 188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=Z70A7RBERAiKtdPdy9834A&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT2&id=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-kpzhx
date: Tue, 28 Nov 2023 21:20:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58725/ Frame AA49
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini

0
15 B

9ms
9ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini

Requested by

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:43 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini
date: Tue, 28 Nov 2023 21:20:43 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.87
content-length: 355
content-language: en

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=1c94b9ff9e11dc9b9b513d371de492b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

101ms
101ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=1c94b9ff9e11dc9b9b513d371de492b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NXAFHYRHV88BZBNVWD1Z
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=1c94b9ff9e11dc9b9b513d371de492b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1701206443482062-420

GET
H2 200 map
sync.rfp.fout.jp/ Frame AA49 43 B
284 B 288ms
248ms Image
image/gif 35.186.196.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.rfp.fout.jp/map?dsp_id=12&uid=CyPqn4OuQaeL_LEMSLx37w
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.196.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.196.186.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:43 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
vary: Accept-Encoding
p3p: CP="ADM NOI OUR"
content-type: image/gif
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame AA49 0
338 B 123ms
30ms Image
text/plain 63.33.100.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=y5s0OlM1QoSP9XdOFnzefQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.100.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-100-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by: beacon-n002-dub-prod.krxd.net
date: Tue, 28 Nov 2023 21:20:43 GMT
cache-control: private, no-cache, no-store
x-request-time: D=45 t=1701206443
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame AA49 0
35 B 70ms
10ms Image
text/plain 52.59.133.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=wE4DpHXcQL5mguNBAJxVK3sW&source_user_id=xGyuM_k4RpSWO-GzL0RL6g
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.133.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-133-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:43 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=Aq_M1oQqQMWWDlr5DWbdAg&redirectId=2545
https://s.amazon-adsystem.com/ecm3?id=3814e943373ad37740a5a21663d244e5&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=Aq_M1oQqQMWWDlr5DWbdAg

43 B
479 B

104ms
103ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=3814e943373ad37740a5a21663d244e5&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=Aq_M1oQqQMWWDlr5DWbdAg

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZHVB58SMNXR88MM4BH9Q
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=3814e943373ad37740a5a21663d244e5&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=Aq_M1oQqQMWWDlr5DWbdAg
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1701206443527016-415

GET partner
sync.search.spotxchange.com/ Frame AA49 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEJl9-Ssjv5jfULIW7em0kZE&google_cver=1

43 B
479 B

108ms
107ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEJl9-Ssjv5jfULIW7em0kZE&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 58522CK3MDN3JBYVTW1N
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEJl9-Ssjv5jfULIW7em0kZE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame AA49 20 B
20 B 316ms
96ms Image
text/plain 44.197.32.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.197.32.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-32-198.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by: usermatch-a010-ash-prod.krxd.net
date: Tue, 28 Nov 2023 21:20:43 GMT
content-type: text/plain; charset=utf-8
x-age: 0
content-length: 20
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=fa5c26875bc8119d0c3897b22511f275

43 B
479 B

104ms
104ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=fa5c26875bc8119d0c3897b22511f275

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J5J02295DB164FE9AKKR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 28 Nov 2023 21:20:43 GMT
via: 1.1 24615eefe0727e5d65935ccaddca2f78.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MUC50-C1
x-cache: Miss from cloudfront
location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=fa5c26875bc8119d0c3897b22511f275
content-length: 0
x-amz-cf-id: 1s1oC4F5eo3d5GxCNt4uyevx0LtmrxtcPBThD6ilJ8EjO6MzRCZKPg==

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame AA49 43 B
224 B 17ms
17ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:43 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 xuid
eb2.3lift.com/ Frame AA49 37 B
140 B 37ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=8341&xuid=v_kOPqGDRTyNZhZjOjQDVw&dongle=az46&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 21:20:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=9031848507FE2224

43 B
479 B

105ms
105ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=9031848507FE2224

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J8XS4A8AP1QRTSHTCWBZ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:42 GMT
frontend-id: 9
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=9031848507FE2224
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=bpYyOyN7RQSbVsPf0HrkoA&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
479 B

102ms
102ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NC1KQS6HBVAXPDTXCGV7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AA49
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=018d0349c3402406a7e94ac2ef1f2ea47d3111fafb3d164aa7150b384fd29ffc

43 B
479 B

98ms
98ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=018d0349c3402406a7e94ac2ef1f2ea47d3111fafb3d164aa7150b384fd29ffc

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 21:20:43 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6DYGNTSPCG13F3RPBX1P
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 21:20:43 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=018d0349c3402406a7e94ac2ef1f2ea47d3111fafb3d164aa7150b384fd29ffc
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame AA49 0
166 B 66ms
12ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=y5s0OlM1QoSP9XdOFnzefQ&dmt=3&ex-pl-n-g-hmt=bpYyOyN7RQSbVsPf0HrkoA&ep=ttam_T219Ay-cPciHbT10g5C-2PlMhbbcxFUxBuA8jB230nTqYe8Lc1Bcki9Uh_Pj9i9h541u9bafk5PG7JoybI9B-8GV30cTal40_XJJV2THg_Mo9xx6fBmmKtKjSiTnMDRDc3pJI5qNaUK8m7LUSCHnyLGEOtbyB94eC10WiYGiEbNUfZVOF1aFSeki5c45T_K8XAlyg831frkxDKHchAM1LJagVkmppsMDlNmW_FrgRtYnDqTBbC_s-QoLfywrwdAAS7ebrV76wIIMUJ47iaiIrLKkbD_UPc6KDfeOtALeOxRYqu8Mt_Eona7dXnmNWfHHjZb8icbdRJT9AiPUv50ltkrDr0s2gmZp4YEqyvIPy-JIexIRm4aRCQU4TB9foQUYVoua4dvuFW3WMJSjowqCUx_9llErFewuCcBwN1KAHVX6sYAUVp1FqDSDI52Pkj5fQzJooP89gOb07JCh3SIq15J1LgVoTCSyVbsqO04LvLCo9JsYyYs8Cxo1IA0ws3NORNsQRvR_1PaELdz2JCJbKfozJzq2U-RL557Ws5TQ8-NEgqOG4khSFxIn9EmKH4HIjvqZPIFey8TdQea5lnucPfaVM51V4bkhL3rzCkrDr1NcLfN6Wim06lfkZgil6X-J9_dQ5gATj7TjyXlQ1AmLsMMgNHe-mAiSPIouMdRzjamubxZ2ZoRp-6F9qnhveFGms9NropKL1l3uNQlLGZO1deKDljmp2pUs73nORjzk9sBZgFIUt6i99eIR9CwINAq1UDDPj0FPTPvz2N_FFYJ4XhBBmnfVdShvsgqhDoKP7OwGHqNWRdwCLyNsmxGrqroxf7y-kntmnjBuDeZh4eP4W_2lsfysg_AUSylTQXnXp1QyRYKCp3-ETznO_h_SCCKvOrKAMiVWhdnXLYfJ4zwFDH1qLqLQVaIagrLe-RkD_f9F9i-CR5oPCAM-YYZH1ZfxNuswAZQJ6hy5SVEh0uyH53uH8mIZ2VQGK2QYes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 28 Nov 2023 21:20:42 GMT
content-length: 0
content-type: text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.myvisualiq.net
URL: https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

71 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 16:34:52	Name: X-AB Value: undefined
www.sickkidsfoundation.com/	1969-12-31 23:59:59	Name: shell#lang Value: en
www.sickkidsfoundation.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 1yjkyiyoejqp2y4wce4vhulc
.sickkidsfoundation.com/	1970-01-21 01:17:46	Name: visid_incap_901569 Value: GudcuLo4SUy7Aj2sHKHZGqdZZmUAAAAAQUIPAAAAAAB9q3NEwM1sdrlfayyXUFgf
.sickkidsfoundation.com/	1969-12-31 23:59:59	Name: incap_ses_260_901569 Value: MMhxWc8PkHg/VeR7SbWbA6dZZmUAAAAAz90/SgpVWBu8ZDmSE/ONow==
.sickkidsfoundation.com/	1970-01-20 18:43:02	Name: _gcl_au Value: 1.1.1557589946.1701206441
.sickkidsfoundation.com/	1970-01-20 16:34:52	Name: _gid Value: GA1.2.312722628.1701206441
.sickkidsfoundation.com/	1970-01-20 16:33:26	Name: _dc_gtm_UA-66351416-1 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 8hy2Cn0rwyI
.youtube.com/	1970-01-20 20:52:38	Name: VISITOR_INFO1_LIVE Value: wzFMcAd9r04
.doubleclick.net/	1970-01-21 01:55:02	Name: IDE Value: AHWqTUn9TfARq6UpQLQ3M-FnGBMMp7oPgN9AXe2jYR9VHZhjoGZ7IgZfaSpX49YH
.sickkidsfoundation.com/	1970-01-21 02:09:26	Name: _ga_1N3ZYKZ49X Value: GS1.1.1701206441.1.0.1701206441.0.0.0
.sickkidsfoundation.com/	1970-01-21 02:09:26	Name: _ga Value: GA1.1.1142654540.1701206441
.sickkidsfoundation.com/	1970-01-20 16:34:52	Name: _uetsid Value: fbd395b08e3311eea255474f24f87a85
.sickkidsfoundation.com/	1970-01-21 01:55:02	Name: _uetvid Value: fbd38e108e3311ee8a2105632faf2077
.sickkidsfoundation.com/	1970-01-21 02:03:13	Name: _scid Value: 6c57934a-609c-4e41-aa7d-00fbd6fbcf86
.sickkidsfoundation.com/	1970-01-21 02:03:13	Name: _scid_r Value: 6c57934a-609c-4e41-aa7d-00fbd6fbcf86
.bing.com/	1970-01-21 01:55:02	Name: MUID Value: 3730A09B3BBD68C228D1B34C3A6F6940
.sickkidsfoundation.com/	1970-01-21 02:09:26	Name: _ga_N87CSHY5ZB Value: GS1.2.1701206441.1.0.1701206441.60.0.0
.pinterest.com/	1970-01-21 01:19:02	Name: ar_debug Value: 1
.sickkidsfoundation.com/	1970-01-21 01:19:02	Name: _pin_unauth Value: dWlkPU5XTXlOemcxTXpRdFpUUmpaQzAwTmpNNUxXRmpObVV0WVdJd01HUTRNVGd5WkRKag
.sickkidsfoundation.com/	1970-01-21 01:19:02	Name: _hjSessionUser_302599 Value: eyJpZCI6IjdhNDVhYzlmLWEyYzAtNWM3OC1iZGYyLWY2NDM3ODY3MWVjZCIsImNyZWF0ZWQiOjE3MDEyMDY0NDE1NzEsImV4aXN0aW5nIjpmYWxzZX0=
.sickkidsfoundation.com/	1970-01-20 16:33:28	Name: _hjFirstSeen Value: 1
.sickkidsfoundation.com/	1970-01-20 16:33:28	Name: _hjIncludedInSessionSample_302599 Value: 0
.sickkidsfoundation.com/	1970-01-20 16:33:28	Name: _hjSession_302599 Value: eyJpZCI6Ijg0ODJmMjgzLTI1MmEtNGRlOS1hMzY0LTZmYTE3Y2YwN2JlOSIsImNyZWF0ZWQiOjE3MDEyMDY0NDE1NzIsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6dHJ1ZX0=
.sickkidsfoundation.com/	1970-01-20 16:33:28	Name: _hjAbsoluteSessionInProgress Value: 1
.sickkidsfoundation.com/	1970-01-20 16:33:28	Name: tfpsi Value: cc4cf9a6-77fd-4841-9f9e-14da993e03e3
.ct.pinterest.com/	1970-01-21 01:19:02	Name: _pinterest_ct_ua Value: "TWc9PSZ4Mk9Hb3E2anpsZzR3alg1bmpTV1I1cSs0dlI1MHdwRVBEakhXVTA4ZDhtZHRqK1UvRXlkUlhYRXR1S1p5ZExYamJGK1Uzc1FFTzhpSDNDdkZ1cy80NzJEQWdLalpNZnJ2SGNqV2dWSUtRYz0mOFAyNGJLS3pWblFPbEw4QzZCQXVSQXBuTHIwPQ=="
.twitter.com/	1970-01-21 02:09:26	Name: personalization_id Value: "v1_SbqnaGQy5zfqj14mzsZGBw=="
.sickkidsfoundation.com/	1970-01-20 18:43:02	Name: _fbp Value: fb.1.1701206441618.1055263149
.t.co/	1970-01-21 02:09:26	Name: muc_ads Value: bc4ebfc6-4301-4bad-a532-097780e90bfc
.linkedin.com/	1970-01-20 18:43:02	Name: li_sugr Value: 1cbd6b7b-6396-49b5-a33e-8d4a8daff53e
.linkedin.com/	1970-01-21 01:19:02	Name: bcookie Value: "v=2&74766c42-e6bf-4b17-81bf-f1c4f04eadf0"
.linkedin.com/	1970-01-20 16:34:52	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=3156:u=1:x=1:i=1701206441:t=1701292841:v=2:sig=AQG6AFDegn7R2qU9ucUFm6Y-gMWXnkdK"
.linkedin.com/	1970-01-20 17:16:38	Name: UserMatchHistory Value: AQLnA1oTBnsaQgAAAYwXzj8qeR0PIY4MVyPUmQ7M4gaLnIJShls9-7RFjPNi0kMwEsn-XJA0FUcWBg
.linkedin.com/	1970-01-20 17:16:38	Name: AnalyticsSyncHistory Value: AQIdQs35s0gKZAAAAYwXzj8rmxEbxOjkDRbavGc9NCAqW7JalQInoVxjBt1X_Sigl7bMl7cunNupPYxyw3B4RA
.www.linkedin.com/	1970-01-21 01:19:02	Name: bscookie Value: "v=1&20231128212041f2b0d6a8-ed3b-4831-87d2-a4f8ee518697AQF0dWmXnRVOYpxAAqUwuPugYDyTPjl3"
.linkedin.com/	1970-01-20 20:52:38	Name: li_gc Value: MTswOzE3MDEyMDY0NDE7MjswMjEbvCXVy1WwZfE9jrj2gDyTyTH8pMKslv8dvffmwG2RvA==
.amazon-adsystem.com/	1970-01-20 21:44:28	Name: ad-id Value: A_tbR1X5r0epvVeol9CBnIA
.amazon-adsystem.com/	1970-01-21 02:09:26	Name: ad-privacy Value: 0
.casalemedia.com/	1970-01-21 01:19:02	Name: CMID Value: ZWZZqtVKVaaSv6YXgpzuGgAA
.casalemedia.com/	1970-01-20 18:43:02	Name: CMPS Value: 3275
.casalemedia.com/	1970-01-20 18:43:02	Name: CMPRO Value: 3275
.adnxs.com/	1970-01-20 18:43:02	Name: uuid2 Value: 6367645603294422580
.adnxs.com/	1970-01-20 18:43:02	Name: anj Value: dTM7k!M4/YF7/.XF']wIg2E?bkvwSM!]tbPl1M]o$IyEVUcIZZCx90uSf5gkMs!NIcQiVTD`]c$ctK]<A3pMT#BI7y)N[UD!!+_%)h`5V
.adform.net/	1970-01-20 17:16:38	Name: C Value: 1
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1701206443_1
.serving-sys.com/	1970-01-20 17:16:38	Name: u2 Value: 414243fa-5176-47b9-9824-6fe3b7e3b6b54PF060
.adform.net/	1970-01-20 17:59:50	Name: uid Value: 6112333356251797235
.demdex.net/	1970-01-20 20:52:38	Name: demdex Value: 25539487652684942811293536780721688207
.dpm.demdex.net/	1970-01-20 20:52:38	Name: dpm Value: 25539487652684942811293536780721688207
.tremorhub.com/	1970-01-21 01:19:23	Name: tvid Value: 59640f010ae34467a4df02b3b378d51a
.tremorhub.com/	1970-01-21 02:09:26	Name: tv_UIAM Value: 8c08a18e34d249d6bf497f0d7eeb73d2
.mediarithmics.com/	1970-01-21 01:19:02	Name: mics_vid Value: 56752228565
.mediarithmics.com/	1970-01-21 01:19:02	Name: mics_uaid Value: web:1:a5fe501b-b387-4475-a740-4a318170c192
.mediarithmics.com/	1970-01-21 01:19:02	Name: mics_lts Value: 1701206443189
ads.samba.tv/	1970-01-21 02:03:40	Name: sambapxid Value: 12332d302d3ca952f
.kargo.com/	1970-01-21 01:19:02	Name: ktcid Value: a6d3ae55-f7ad-05ab-5261-2dfb0389b312
.bidswitch.net/	1970-01-21 01:19:02	Name: tuuid Value: 0cc1d9ac-fb03-4481-a04b-2f592e257022
.bidswitch.net/	1970-01-21 01:19:02	Name: c Value: 1701206443
.bidswitch.net/	1970-01-21 01:19:02	Name: tuuid_lu Value: 1701206443
.yahoo.com/	1970-01-21 01:19:24	Name: A3 Value: d=AQABBKtZZmUCEOQMhbD7HjaLGo0ZRHDrBQgFEgEBAQGrZ2VwZeAKyiMA_eMAAA&S=AQAAAgezEVCWbrw4K6kTqJSRLYk
.ads.stickyadstv.com/	1970-01-20 17:16:38	Name: UID Value: 3814e943373ad37740a5a21663d244e5
.ads.stickyadstv.com/	1970-01-20 16:53:36	Name: uid-bp-30833 Value: Aq_M1oQqQMWWDlr5DWbdAg
.krxd.net/	1970-01-20 20:52:38	Name: _kuid_ Value: P8Y8GTMA
.ninthdecimal.com/	1970-01-21 01:19:02	Name: ndat Value: Ch4/q2VmWatnXAApVhD3Ag==
.ispot.tv/	1970-01-21 02:09:26	Name: pt Value: v2:018d0349c3402406a7e94ac2ef1f2ea47d3111fafb3d164aa7150b384fd29ffc\|38e94d38eb6e78bf086137711b19490da70d9b553ac6b8d01be771a0feccb0cc
.semasio.net/	1970-01-21 01:19:02	Name: SEUNCY Value: 9031848507FE2224
.bluekai.com/	1970-01-20 20:55:31	Name: bku Value: b/X99v+jjZVUk1Rp
.bluekai.com/	1970-01-20 20:55:31	Name: bkpa Value: KJy9RQY5d02pSUHknp1tmexywlJkjsk0wVC65cOpJEBOJEJsJEJsz08CqVabqtT+RVHpKUB6jV6rRt2+JEJsjVB+10DpHZPTJEBWRZhNjV+CSu8Mqt6k1MjojYDpHYD0Ba2YuN2PPDkW9y9ZOH2a
.agkn.com/	1970-01-21 01:19:02	Name: ab Value: 0001%3AAxGLbwWTQjFkMIdoZ%2BbGoyVhvqObueHY

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://usermatch.krxd.net/um/v2?partner=amzn Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.samba.tv
ads.stickyadstv.com
amazon.partners.tremorhub.com
analytics.twitter.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c1.adform.net
capi.annalect.com
capi.connatix.com
cdn.jsdelivr.net
click.emails.sickkidsfoundation.com
cm.g.doubleclick.net
cm.teads.tv
cms.analytics.yahoo.com
connect.facebook.net
cookie-matching.mediarithmics.com
crb.kargo.com
ct.pinterest.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
match.360yield.com
match.sharethrough.com
odr.mookie1.com
p.teads.tv
pi.ispot.tv
pixel.rubiconproject.com
platform.twitter.com
public-prod-dspcookiematching.dmxleo.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.pinimg.com
sb.scorecardresearch.com
sc-static.net
script.hotjar.com
snap.licdn.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
sync-amazon.ads.yieldmo.com
sync.rfp.fout.jp
sync.search.spotxchange.com
sync.taboola.com
syndication.twitter.com
t.co
t.myvisualiq.net
t.teads.tv
tags.bluekai.com
token.rubiconproject.com
tr.snapchat.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.imdb.com
www.linkedin.com
www.sickkidsfoundation.com
www.youtube.com
x.bidswitch.net
sync.search.spotxchange.com
t.myvisualiq.net
104.122.27.70
104.18.36.155
104.18.41.104
104.244.42.200
104.244.42.3
104.244.42.5
107.154.141.76
108.138.40.116
108.138.40.243
13.107.42.14
13.111.134.107
13.248.245.213
141.226.228.48
142.250.186.34
146.75.120.157
151.101.192.84
151.101.66.132
18.173.154.87
18.184.223.197
18.194.229.202
18.195.149.147
18.198.69.109
18.66.192.58
185.64.191.210
185.86.138.146
185.89.210.101
188.65.124.66
198.47.127.19
2.19.244.177
2001:4860:4802:32::178
2001:4860:4802:32::36
23.35.237.56
2600:1f18:612b:4280:156d:759d:aa88:4c71
2600:1f18:6791:a006:6738:3e9a:9c67:1bbc
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:5714
2607:ae80:192:1::173
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:810::2008
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:400c:c07::9d
2a02:26f0:780::210:a423
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:8d::84
3.122.68.209
3.124.56.216
3.75.62.37
3.79.197.35
34.160.236.64
34.252.184.202
34.98.64.218
35.186.196.148
35.190.43.134
35.71.131.137
37.157.6.254
44.197.32.198
44.212.121.217
52.222.139.116
52.222.236.205
52.46.130.91
52.59.133.66
54.211.231.26
54.36.150.183
54.76.20.17
63.33.100.143
69.173.144.139
77.243.51.121
99.80.178.10
99.84.88.85
049602d1971142a5773823b2102994f8c49751162d0f257de9136a0cd4644b42
04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470
04f16b23200066c0e74752d448222b6516f677745d0b09f4a8b5bb1e29a1f627
08c50d91ca936b8e3d83294b6c12d00cedace142c512d167a6ca9157546bd83a
0a88f665737f9b846a66cc596f195d635fe46dab14892faf0e09dea722d364e8
0de2a176ad08f62d4eb01561e51936094f156760b03746e2f17e69345824f7b2
0e1b3b92eb57bcb5de50262bdc39283d4d73c329e34c3a1d205a5449f25cdb87
0f57b363b716edd65349c23c06555c8496c9f0ff5fd2c3995fd2f5b33b4797d4
19c0617159f72bcc33227467d0d6eac3d3c1419006f675ddc9e37ec2faf13fdd
1c0f5ab277787d1bf8f1d0b5880c15cc75f54af28e6b12f9a898483476de6a3f
1f4bbaa394118293607788f717e91908e175203227f170138548081806248bb2
20bb37261dffd4b322eaeb500976b2def287a29152d8e53053079ba89630ad45
25e9146af71e2a008bbcdd19c17b2659e7c147842b301ebd0f4dc41099c8a189
28beb8f6542f642ba4143bd4a1d1cfc7be7b1dedc951096efd8e0942502ea1bf
2dae75e09c3493c23f75ebc4777388092193001170c4a6e819994c8b168d2b4c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3610351ca807d250b6ef559a515c2f0aba1f66e10c8e85be1f548f2b3e805c6f
36ace6e4c38fc4c8a5904f8acd8359f20b14394d5f6177bde16607d10e0c1f7e
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a7ff26e3fea300cdd6456f976a6b7ac113ebc0e88891359313d02f448213ffe
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
40d3c704e30089bd4fe87243b11e56c84235e1e6032e3d8f1a3a3f5d560f2234
41850f62ff49755e1453bc9c416575b92fbe495c8d74f63f2758e6c9608a4b2d
44cec66e8f45f1c1573be7ee656b280f475f07b608982b8e68c742363d202ee1
4630ed59ddd0a987f90df59a719808e7811321ba78040641c9096f8d87a6eff5
4d1bcb9682636c550d2f4063e7b32025b2306803fa3eecac56479de524d4f010
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52a8b689a73c228618294e3e544fac3e62507eabf2fe490dc77a00c16e34c452
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56e7f0f2c9628cf0fa4c92f6c94eee8227beefcc017e835956e1fb1e1c267fd6
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb
63d8ade1273d0e531ba26cb60b53acd928f9c3b95880f8f7014742c8afa87edc
6415c2d7187b719d0abdae1768bef1a3d1c12a27630c1cf32e80e486b07ecd2b
65ab61863ef0e388b6fd53a1d3b0f45c9f60619b172b856d05dcb04d3a7a348e
67c0d8e8bd913bacd7172365ee1b13fcfd7c90236aced463b976bda5e4271668
694bc35fc07d7091b82ee02e6b7cbcacc69edb23c9dfd515a18647d684456c51
70b7c81cf7f32317f9f0173ae57c3ade74b69342e89a5e69ba85c9826d05e90d
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
7258cf70c12c19441e1f551eeb88192951a367a1ac0adcd343ed0edad851901e
73ee450b3f9b36ada802d2a74a0ecbd1ee0b5948defe8af2ac88fd70ed41be38
77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1
7f990d124f912b1abe6e398928afd9346fa249b8047830ba3abb89fd2795b1b0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b273fe0ae11dfeb96f7a56f1b5ecd2d76500147927ad557356faa5227d17032
8b4c5baa50a130fcb34ec64a6e779290ec0d0193c3b9aa7cf875ad07b664a8b6
908fc292fadc80ca940e5a08658b9e339ac7204b4918425d6252769cdd85d728
917bb62f90de4bda378d9d5dc390755bc94bdd3c0becf2df5e7a0b34f7ca7729
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
9711afc4940d302e084549f57f587758f7051371bc482fda59b3be7b0b1aefe9
98a95ec0ce66575d7c332369abd1a2e288674d741c5cae81efcaddaa29de6228
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ad9de382f989fdde5f516d5e2248055b8acf93f25f32219f637e52a28cb3e37
a24c77868ce13ac619eb8efc18e31a999838ec9678c3bb3cbf5e8f7677eaf342
a81dd46c838be20fe76de408d9ab3e6d69a00f0ca2d36db9a0275fd758a3a386
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae45007c10fb058099dce27a7af043e710c0065c0aa56ea608b06eb5bc9958f3
af82cd92cb1df231870f60b847a411fcc4adfffef67f01fff41885828edee2e3
b1cdabcbe4a918fd2e291cce9bd3273a4d68c3dceb9d24a27deca30348c84adf
b6cb09e57c1ed08553566bda474cf9681c03fc4ba091731c81c78a6a4226740b
b7d25b646b5a4180a9e95d25d818a9a0f0ff91747076719024efbcae18604b61
b7fde8dd6c63a0880e3bc2cbd143ea0b7dcdc3e56d63f31bb1413cadf7f5fe6d
b9a8e5e213977665be2a56db66945a16c686da3d9861af1e7851322cf15495ea
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc1161890d59eb3acf730aaeeb18f3a39b6f53809f4c4b95155fd19efc18c867
c12f1e0b2b596f71989d0f1ce65dba5f10852b8ffaff557d280b8b419b105b6c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c28139c8e906777d36436dcd4a4dfe7a7634c0eeb2e1f1e058570237c9d45388
c6e5c039a5419a555da7a580f6b25584c3fcaa3bba577f3154d0690e13e21002
c7ccc03d60758981d5146dc551c60c45c03315027f898536486ddc1609a95f83
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfab5761d720007545de64c695e5d5f44d6a9b7b8aac8be4642646e317985c3c
d7045fdb11dd6356bf559e5d35d9173d409d403a36a20040f4a4e5f08314c9a3
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e11424efc1e2c3a8af70c97bbe4e74a3b2eb8d145300d5ee51f0036a34408f0f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e504ef5834756b1288609d33084c7db8c7b860e70b936dbb6f62a035f8cf4975
ee3249b8fe5def737e9801e953b169c22b5fcce4acedd5b203025e8319870234
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c
f39c9d441fa20b6c5fe88846a7dccf08b8ab5db895985dc85c98674b5ea36c8a
f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f9ee30adfb0c23587e69d79db63da54a12aad0493da0f8e32c2a45ff87b461d5
faeff0a262528e9f6706045c8dd2f530b29a126fc657e9a809091d6420c0c568
fb663501dda8043e1aad1fe4ad7538b8082c280103ae347484d63e3ef08785cc
fddb5bf3e5b0baa0d80d34bc3083ffe8d91f35971ca0560fd7b7624099cbab96
fde6f7d69d3e82b6ad8bd523641139bfaa09af15775f8cf89328b1c7a0cacdda

www.sickkidsfoundation.com Open in urlscan Pro 107.154.141.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

167 Requests

83 %HTTPS

26 %IPv6

63 Domains

82 Subdomains

52 IPs

9 Countries

4557 kBTransfer

8084 kBSize

71 Cookies

2 Outgoing links

Page URL History

Redirected requests

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sickkidsfoundation.com Open in urlscan Pro
107.154.141.76 Public Scan

Screenshot
Live screenshot

Full Image

167
Requests

83 %
HTTPS

26 %
IPv6

63
Domains

82
Subdomains

52
IPs

9
Countries

4557 kB
Transfer

8084 kB
Size

71
Cookies

167 HTTP transactions
1 data transactions