www.sickkidsfoundation.com Open in urlscan Pro
107.154.141.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sickkidsfoundationnc.com/page.redir?target=http%3a%2f%2fwww.sickkidsfoundation.com%2faboutus%2fnewsandmedia%2fNews_Octobe...
Effective URL:
https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Submission: On October 14 via manual (October 14th 2020, 7:01:34 pm UTC) from US

Summary HTTP 94 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 35 IPs in 7 countries across 29 domains to perform 94 HTTP transactions. The main IP is 107.154.141.76, located in United States and belongs to INCAPSULA, US. The main domain is www.sickkidsfoundation.com.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on October 12th 2020. Valid for: a year.

This is the only time www.sickkidsfoundation.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.211.123.187 67.211.123.187	21570 (ACI-1) (ACI-1)
1 27	107.154.141.76 107.154.141.76	19551 (INCAPSULA) (INCAPSULA)
3	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:10c... 2a02:26f0:10c:58e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	99.86.243.126 99.86.243.126	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:9::84 2a04:4e42:9::84	54113 (FASTLY) (FASTLY)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	99.86.243.115 99.86.243.115	16509 (AMAZON-02) (AMAZON-02)
1	2.16.110.114 2.16.110.114	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:205... 2600:9000:2057:a000:16:cfb1:a0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.17.148.237 52.17.148.237	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	23.210.248.189 23.210.248.189	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	54.229.6.193 54.229.6.193	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	99.86.243.108 99.86.243.108	16509 (AMAZON-02) (AMAZON-02)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
1	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
4	104.108.145.75 104.108.145.75	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.210.249.113 23.210.249.113	16625 (AKAMAI-AS) (AKAMAI-AS)
1	63.32.141.164 63.32.141.164	16509 (AMAZON-02) (AMAZON-02)
1	99.86.243.96 99.86.243.96	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
94	35

1 67.211.123.187 (Toronto, Canada) 1 redirects

ASN21570 (ACI-1, CA)
PTR: 187.123.211.67.static.addr.dsl4u.ca

sickkidsfoundationnc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 107.154.141.76 (United States) 1 redirects

ASN19551 (INCAPSULA, US)
PTR: 107.154.141.76.ip.incapdns.net

www.sickkidsfoundation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:10c:58e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.243.126 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-126.vie50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:9::84 (Ascension Island)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.243.115 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-115.vie50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.110.114 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-110-114.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:a000:16:cfb1:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.c212.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.148.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-148-237.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.210.248.189 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-189.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.6.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-6-193.eu-west-1.compute.amazonaws.com

c212.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8004:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.243.108 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-108.vie50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

sf19-scmcdn-va.ibytedtos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.108.145.75 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-75.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.210.249.113 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-113.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.141.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-141-164.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.243.96 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-96.vie50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	sickkidsfoundation.com 1 redirects www.sickkidsfoundation.com	3 MB
5	facebook.com 1 redirects www.facebook.com	803 B
5	google.de www.google.de	839 B
5	google.com www.google.com	926 B
5	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	6 KB
5	teads.tv p.teads.tv t.teads.tv	5 KB
5	facebook.net connect.facebook.net	220 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	73 KB
3	mathtag.com pixel.mathtag.com	2 KB
3	pinterest.com ct.pinterest.com	1 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	twitter.com platform.twitter.com analytics.twitter.com	29 KB
3	bing.com bat.bing.com	9 KB
3	googletagmanager.com www.googletagmanager.com	159 KB
2	snapchat.com tr.snapchat.com
2	c212.net cdn.c212.net c212.net	2 KB
2	pinimg.com s.pinimg.com	18 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	licdn.com snap.licdn.com	3 KB
1	hotjar.io vc.hotjar.io	256 B
1	ibytedtos.com sf19-scmcdn-va.ibytedtos.com	8 KB
1	atdmt.com cx.atdmt.com	423 B
1	t.co t.co	448 B
1	adsrvr.org insight.adsrvr.org	261 B
1	tiktok.com analytics.tiktok.com	21 KB
1	sc-static.net sc-static.net	6 KB
1	googleadservices.com www.googleadservices.com	11 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	sickkidsfoundationnc.com 1 redirects sickkidsfoundationnc.com	515 B
94	29

	Domain	Requested by
27	www.sickkidsfoundation.com	1 redirects www.sickkidsfoundation.com
5	www.facebook.com	1 redirects connect.facebook.net www.sickkidsfoundation.com
5	www.google.de	www.sickkidsfoundation.com
5	www.google.com	www.sickkidsfoundation.com
5	connect.facebook.net	www.sickkidsfoundation.com connect.facebook.net
4	t.teads.tv	www.sickkidsfoundation.com p.teads.tv
4	googleads.g.doubleclick.net	www.googleadservices.com
3	pixel.mathtag.com	c212.net www.sickkidsfoundation.com
3	ct.pinterest.com	s.pinimg.com www.sickkidsfoundation.com
3	bat.bing.com	www.sickkidsfoundation.com
3	www.googletagmanager.com	www.sickkidsfoundation.com www.googletagmanager.com
2	tr.snapchat.com	www.sickkidsfoundation.com
2	px.ads.linkedin.com	1 redirects www.sickkidsfoundation.com
2	s.pinimg.com	www.sickkidsfoundation.com s.pinimg.com
2	www.google-analytics.com	www.googletagmanager.com www.sickkidsfoundation.com
2	platform.twitter.com	www.sickkidsfoundation.com platform.twitter.com
2	snap.licdn.com	www.sickkidsfoundation.com snap.licdn.com
1	analytics.twitter.com	static.ads-twitter.com
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	sf19-scmcdn-va.ibytedtos.com	analytics.tiktok.com
1	script.hotjar.com	static.hotjar.com
1	cx.atdmt.com	www.sickkidsfoundation.com
1	c212.net	cdn.c212.net
1	t.co	www.sickkidsfoundation.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.linkedin.com	1 redirects
1	insight.adsrvr.org	www.sickkidsfoundation.com
1	cdn.c212.net	www.googletagmanager.com
1	analytics.tiktok.com	www.sickkidsfoundation.com
1	sc-static.net	www.sickkidsfoundation.com
1	p.teads.tv	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	sickkidsfoundationnc.com	1 redirects
94	37

This site contains links to these domains. Also see Links.

Domain
secure.sickkidsfoundation.com
shop.sickkidsfoundation.com
bit.ly
twitter.com
www.facebook.com
www.youtube.com
www.instagram.com
www.twitter.com
www.imaginecanada.ca
www.sickkids.ca

Subject Issuer	Validity	Valid
incapsula.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-12` - `2021-09-30`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.hotjar.com Amazon	`2020-01-22` - `2021-02-22`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
teads.tv Let's Encrypt Authority X3	`2020-09-01` - `2020-11-30`	3 months	crt.sh
sc-static.net DigiCert SHA2 Secure Server CA	`2019-03-11` - `2021-03-15`	2 years	crt.sh
*.tiktok.com RapidSSL RSA CA 2018	`2019-11-14` - `2022-01-12`	2 years	crt.sh
*.c212.net DigiCert SHA2 High Assurance Server CA	`2019-11-19` - `2022-01-05`	2 years	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-08-12` - `2020-11-10`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
tr.snapchat.com DigiCert SHA2 Secure Server CA	`2019-02-19` - `2021-02-23`	2 years	crt.sh
*.ibytedtos.com RapidSSL RSA CA 2018	`2020-05-12` - `2022-05-12`	2 years	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
*.hotjar.io Amazon	`2020-09-15` - `2021-10-15`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Frame ID: B08D041C0ECAC4FD0F254FF4F00D4C22
Requests: 90 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.sickkidsfoundation.com
Frame ID: 2CA1688D4A7F859EE85C0CA7C821E30F
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=1da237a8-8122-4c02-9fcf-0aa6fde57222
Frame ID: 1DEE90DB2FB5848B4BD63BF599571292
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: DBE1D14983B99671D8EF2025C8847BD5
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: AF449F4FC93C100825F826A2521ADA27
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://sickkidsfoundationnc.com/page.redir?target=http%3a%2f%2fwww.sickkidsfoundation.com%2faboutus%2fnewsan... HTTP 302
http://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak HTTP 301
https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

94
Requests

100 %
HTTPS

46 %
IPv6

29
Domains

37
Subdomains

35
IPs

7
Countries

3163 kB
Transfer

5377 kB
Size

19
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.sickkidsfoundation.com/donate
Title: Donate

Search URL Search Domain Scan URL

URL: https://shop.sickkidsfoundation.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://bit.ly/3nANUgI
Title: https://bit.ly/3nANUgI

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Kids%20with%20complex%20conditions%20are%20at%20higher%20risk%20for%20mental%20health%20challenges%20as%20they%20grow.%20%20Read%20how%20Dr.%20Eva%20Mamak%20connects%20with%20her%20patients%20https%3A%2F%2Fbit.ly%2F3nANUgI
Title: Click To Tweet

Search URL Search Domain Scan URL

URL: https://twitter.com/sickkids
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sickkidsfoundation
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/sickkidsfoundation
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sickkidsvs/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Dr.%20Mamak%3A%20treating%20the%20whole%20patient%0Ahttps%3A%2F%2Fwww.sickkidsfoundation.com%3A443%2Faboutus%2Fnewsandmedia%2Fnews_october2020_newsletter_drmamak
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=157977957983408&display=popup&caption=Dr.%20Mamak%3A%20treating%20the%20whole%20patient&link=https://www.sickkidsfoundation.com:443/aboutus/newsandmedia/news_october2020_newsletter_drmamak&description=%20&image=
Title: Share

Search URL Search Domain Scan URL

URL: http://www.twitter.com/sickkids
Title: TW

Search URL Search Domain Scan URL

URL: http://www.youtube.com/sickkidsfoundation
Title: YT

Search URL Search Domain Scan URL

URL: http://www.imaginecanada.ca/standards

Search URL Search Domain Scan URL

URL: http://www.sickkids.ca/
Title: The Hospital For Sick Children

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sickkidsfoundationnc.com/page.redir?target=http%3a%2f%2fwww.sickkidsfoundation.com%2faboutus%2fnewsandmedia%2fNews_October2020_Newsletter_DrMamak&srcid=11108&srctid=1&erid=e374dd3d-0301-469c-8052-5527cf3110ab&trid=e374dd3d-0301-469c-8052-5527cf3110ab HTTP 302
http://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak HTTP 301
https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266%2C1371570&time=1602702074884&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2274266%252C1371570%26time%3D1602702074884%26url%3Dhttps%253A%252F%252Fwww.sickkidsfoundation.com%252Faboutus%252Fnewsandmedia%252FNews_October2020_Newsletter_DrMamak%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266%2C1371570&time=1602702074884&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&liSync=true

Request Chain 67

https://www.facebook.com/tr/?id=1728472720702530&ev=PageView&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&rl=&if=false&ts=1602702075013&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1602702074982.1712187758&it=1602702074907&coo=false&rqm=GET HTTP 302
https://cx.atdmt.com/?c=430752460205681891&f=AYxtmksuMeQe5q_njsKuYB1oUW90pVEzrf0gzAUDFSBhaf7v-rGmjBWCvr3jFHydgQlnXQxoTGwBsANgXRuJMmoB&id=1728472720702530&l=3&v=0

94 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request News_October2020_Newsletter_DrMamak Show response
www.sickkidsfoundation.com/aboutus/newsandmedia/
Redirect Chain

https://sickkidsfoundationnc.com/page.redir?target=http%3a%2f%2fwww.sickkidsfoundation.com%2faboutus%2fnewsandmedia%2fNews_October2020_Newsletter_DrMamak&srcid=11108&srctid=1&erid=e374dd3d-0301-469...
http://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

88 KB
14 KB

720ms
675ms

Document
text/html

107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 64b73fe1e719ef80662f1f2b2c2029c40bd222ae5177747b75f82907fa0a84c9

Request headers

:method: GET
:authority: www.sickkidsfoundation.com
:scheme: https
:path: /aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/8.5
set-cookie: ASP.NET_SessionId=5002l15plmwgwralqhgl2h5s; path=/; HttpOnly; SameSite=Lax visid_incap_901569=Xnb5n4XbTK6CqWVkFRNHzPhKh18AAAAAQUIPAAAAAACJ8DfGvNQiLDExlNSNC5Y7; expires=Thu, 14 Oct 2021 07:09:53 GMT; HttpOnly; path=/; Domain=.sickkidsfoundation.com incap_ses_534_901569=F4DrAuemqmR7t8PxXiZpB/lKh18AAAAAlcIZZDpjiyc/nFrfV04FZQ==; path=/; Domain=.sickkidsfoundation.com
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Wed, 14 Oct 2020 19:01:13 GMT
x-cdn: Incapsula
x-iinfo: 4-25895566-25895567 NNNN CT(110 223 0) RT(1602702072965 0) q(0 0 4 0) r(6 7) U12

Redirect headers

Location: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Content-Length: 0
Connection: close

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 34ms
31ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-5627812

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6d88f2b8060daf613247b4ff968aa8ae633f1bffd77ba730a895ec4e71af4c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:13 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37256
x-xss-protection: 0
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Oct 2020 19:01:13 GMT

GET
H2 200 bootstrap-theme.min.css
www.sickkidsfoundation.com/css/dependencies/bootstrap3/ 23 KB
3 KB 482ms
479ms Stylesheet
text/css 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/css/dependencies/bootstrap3/bootstrap-theme.min.css
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 8b273fe0ae11dfeb96f7a56f1b5ecd2d76500147927ad557356faa5227d17032

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
content-encoding: gzip
last-modified: Tue, 09 May 2017 15:48:38 GMT
x-cdn: Incapsula
etag: "8b117fb9dbc8d21:0"
content-type: text/css
status: 200
x-iinfo: 4-25895703-25893314 2VNN RT(1602702073650 0) q(0 0 0 -1) r(5 5)
cache-control: max-age=604800, public
content-length: 2780
expires: Wed, 21 Oct 2020 19:01:14 GMT

GET
H2 200 bootstrap.min.css
www.sickkidsfoundation.com/css/dependencies/bootstrap3/ 118 KB
27 KB 458ms
456ms Stylesheet
text/css 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/css/dependencies/bootstrap3/bootstrap.min.css
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
content-encoding: gzip
last-modified: Tue, 09 May 2017 15:48:38 GMT
x-cdn: Incapsula
etag: "ad5f7fb9dbc8d21:0"
content-type: text/css
status: 200
x-iinfo: 4-25895704-25893736 2VNN RT(1602702073652 0) q(0 0 0 -1) r(4 4)
cache-control: max-age=604800, public
content-length: 27680
expires: Wed, 21 Oct 2020 19:01:14 GMT

GET
H2 200 main
www.sickkidsfoundation.com/bundles/css/ 292 KB
63 KB 598ms
596ms Stylesheet
text/css 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/css/main?v=dlnc5IxI49WdYAD1QWbj_WxvNDVs85nD21m98xgg8YE1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e30ef2ff748480f8a9cc09721f299a00076f30b126eed909cd2150ec6fa985d3

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:13 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 19:01:14 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
x-iinfo: 4-25895705-25895278 2NNN RT(1602702073654 0) q(0 0 0 -1) r(6 6)
cache-control: public
content-length: 64452
x-cdn: Incapsula
expires: Thu, 14 Oct 2021 19:01:14 GMT

GET
H2 200 jquery Show response
www.sickkidsfoundation.com/bundles/ 91 KB
41 KB 601ms
599ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/jquery?v=7AMc9pBn1GIYDuJDXGstN7nku_447XMEtvGIFvLEuGs1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b6cb09e57c1ed08553566bda474cf9681c03fc4ba091731c81c78a6a4226740b

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:13 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 19:01:14 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
x-iinfo: 4-25895706-25893320 2NNN RT(1602702073654 0) q(0 0 0 -1) r(6 6)
cache-control: public
content-length: 42005
x-cdn: Incapsula
expires: Thu, 14 Oct 2021 19:01:14 GMT

GET
H2 200 jqueryval Show response
www.sickkidsfoundation.com/bundles/ 25 KB
10 KB 575ms
573ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/jqueryval?v=hEGG8cMxk9p0ncdRUOJ-CnKN7NezhnPnWIvn6REucZo1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 52a8b689a73c228618294e3e544fac3e62507eabf2fe490dc77a00c16e34c452

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:13 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 19:01:14 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
x-iinfo: 4-25895707-25895708 2NNN RT(1602702073655 0) q(0 0 0 -1) r(0 6)
cache-control: public
content-length: 9965
x-cdn: Incapsula
expires: Thu, 14 Oct 2021 19:01:14 GMT

GET
H2 200 modernizr Show response
www.sickkidsfoundation.com/bundles/ 3 KB
2 KB 478ms
476ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/modernizr?v=9yygsVk3I-guoeu6EUt0fzBjgzee2gP6Y9SNVDkhZoc1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 44cec66e8f45f1c1573be7ee656b280f475f07b608982b8e68c742363d202ee1

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:13 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 19:01:14 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
x-iinfo: 4-25895709-25887619 2NNN RT(1602702073656 0) q(0 0 0 -1) r(5 5)
cache-control: public
content-length: 1615
x-cdn: Incapsula
expires: Thu, 14 Oct 2021 19:01:14 GMT

GET
H2 200 header Show response
www.sickkidsfoundation.com/bundles/ 159 B
301 B 571ms
569ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/header?v=dJ6LOVfv49i9fuAW3MbtcyjUkVM3bJ8e5r4OUmJ-dUE1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 694bc35fc07d7091b82ee02e6b7cbcacc69edb23c9dfd515a18647d684456c51

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:13 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 19:01:14 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
x-iinfo: 4-25895710-25895797 2NNN RT(1602702073656 0) q(0 4 4 -1) r(4 5)
cache-control: public
content-length: 214
x-cdn: Incapsula
expires: Thu, 14 Oct 2021 19:01:14 GMT

GET
H2 200 global Show response
www.sickkidsfoundation.com/bundles/ 146 KB
58 KB 711ms
710ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/global?v=gOU6YPoC12V0Txc2-hKRuYm12lswVd1I3h93rWtMcbI1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e504ef5834756b1288609d33084c7db8c7b860e70b936dbb6f62a035f8cf4975

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:13 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 19:01:14 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
x-iinfo: 4-25895711-25893316 2NNN RT(1602702073657 0) q(0 5 5 -1) r(7 7)
cache-control: public
content-length: 58980
x-cdn: Incapsula
expires: Thu, 14 Oct 2021 19:01:14 GMT

GET
H2 200 eventmodal Show response
www.sickkidsfoundation.com/bundles/ 4 KB
2 KB 606ms
605ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/eventmodal?v=WifMKbbMA1Kq6ztfZQ2LySAzGuaWjy6plfdZkQQ8yfA1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1c0f5ab277787d1bf8f1d0b5880c15cc75f54af28e6b12f9a898483476de6a3f

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:13 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 19:01:14 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
x-iinfo: 4-25895712-25893736 2NNN RT(1602702073658 0) q(0 5 5 -1) r(6 6)
cache-control: public
content-length: 1486
x-cdn: Incapsula
expires: Thu, 14 Oct 2021 19:01:14 GMT

GET
H2 200 sickkids_vs_logo.png
www.sickkidsfoundation.com/-/media/images/skf/common/ 83 KB
83 KB 156ms
155ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/common/sickkids_vs_logo.png?h=160&w=240&la=en&hash=0D0F46C58F7158769061282A6B580295AFCEB33D
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1ac1851e1d7f0afdbf8037a3cc9df67b12b7a67771545718f551b922ff73b6c4

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
last-modified: Mon, 24 Apr 2017 15:04:35 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
status: 200
x-iinfo: 4-25895907-25895708 2NNN RT(1602702074594 0) q(0 0 0 -1) r(2 2) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="sickkids_vs_logo.png"
accept-ranges: bytes
content-length: 84640
x-cdn: Incapsula
expires: Wed, 21 Oct 2020 19:01:14 GMT

GET
H2 200 dr_marnak.jpg
www.sickkidsfoundation.com/-/media/images/skf/sickkids-stories/newsletter-october-2020/ 1 MB
1 MB 587ms
586ms Image
image/jpeg 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/sickkids-stories/newsletter-october-2020/dr_marnak.jpg?h=4032&w=3024&la=en&hash=7532330525884615AA2DFB2A710F81488EFE3F14
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 92dae3fb3e2d8b1ccb4b5c60007308dbc568736f841598b1a45195f1c4e6df8a

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
last-modified: Fri, 09 Oct 2020 15:06:53 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
status: 200
x-iinfo: 4-25895908-25895784 2NNN RT(1602702074597 0) q(0 0 0 -1) r(6 6) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="dr_marnak.jpg"
accept-ranges: bytes
content-length: 1496682
x-cdn: Incapsula
expires: Wed, 21 Oct 2020 19:01:15 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 470 KB
86 KB 117ms
99ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f76400cd1b7b29cc0fac47343ee8e98f3189f21c37f60e8bfce339642abfa76c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87889
x-xss-protection: 0
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Oct 2020 19:01:14 GMT

GET
H2 200 app Show response
www.sickkidsfoundation.com/bundles/ 4 KB
2 KB 134ms
134ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/app?v=V5pOGDR0EOkGhCnuxBWYa81CQiJpqvIGKhA9q_O7vL01
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 34d899767134cd01e47e7197ce9a9b697bd86dacfaaace39fad4978b85874013

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 19:01:14 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
x-iinfo: 4-25895887-25893320 2NNN RT(1602702074464 0) q(0 0 0 -1) r(1 1)
cache-control: public
content-length: 1997
x-cdn: Incapsula
expires: Thu, 14 Oct 2021 19:01:14 GMT

GET
H2 200 social Show response
www.sickkidsfoundation.com/bundles/ 802 B
725 B 134ms
134ms Script
text/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/bundles/social?v=jNG_Zuncs3Uy5QCszY2DbJBTFVN_awNWLLRTpXz4zAs1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ae45007c10fb058099dce27a7af043e710c0065c0aa56ea608b06eb5bc9958f3

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 19:01:14 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
x-iinfo: 4-25895904-25893316 2NNN RT(1602702074577 0) q(0 0 0 -1) r(1 1)
cache-control: public
content-length: 637
x-cdn: Incapsula
expires: Thu, 14 Oct 2021 19:01:14 GMT

GET
H2 200 _Incapsula_Resource Show response
www.sickkidsfoundation.com/ 137 KB
19 KB 40ms
40ms Script
application/javascript 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=449534226
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: b874fe0c79a8cc27a49b15bd4ddb072999dbd512105f51de530cc4f1337e1af6

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 19728
content-type: application/javascript

GET
H2 200 desktop-header-background.png
www.sickkidsfoundation.com/images/ 40 KB
40 KB 161ms
160ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/desktop-header-background.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/main?v=dlnc5IxI49WdYAD1QWbj_WxvNDVs85nD21m98xgg8YE1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: d6af43677b5ee5433fab178cd71cfe6e141078fb257c7a73bc320ec9766f3e02

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/main?v=dlnc5IxI49WdYAD1QWbj_WxvNDVs85nD21m98xgg8YE1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
last-modified: Tue, 09 May 2017 15:48:38 GMT
x-cdn: Incapsula
etag: "a6658fb9dbc8d21:0"
content-type: image/png
status: 200
x-iinfo: 4-25895910-25895911 2VNN RT(1602702074606 0) q(0 0 0 -1) r(0 1)
cache-control: max-age=604800, public
content-length: 41317
expires: Wed, 21 Oct 2020 19:01:14 GMT

GET
H2 200 highfive_1956x888.jpg
www.sickkidsfoundation.com/-/media/images/skf/about-us/news-and-media/news-and-media-type-headers/ 546 KB
549 KB 164ms
164ms Image
image/jpeg 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/-/media/images/skf/about-us/news-and-media/news-and-media-type-headers/highfive_1956x888.jpg
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: bac55964d082a92f005805a689fda6fead6324c1c17e394115a05cc290b80d7a

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
last-modified: Tue, 13 Jun 2017 15:28:12 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
status: 200
x-iinfo: 4-25895912-25895278 2NNN RT(1602702074609 0) q(0 0 0 -1) r(1 1) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="HighFive_1956x888.jpg"
accept-ranges: bytes
content-length: 558968
x-cdn: Incapsula
expires: Wed, 21 Oct 2020 19:01:14 GMT

GET
H2 200 sickkids-footer-logo.png
www.sickkidsfoundation.com/images/ 3 KB
3 KB 165ms
165ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/sickkids-footer-logo.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/main?v=dlnc5IxI49WdYAD1QWbj_WxvNDVs85nD21m98xgg8YE1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: a9bae822288365e478a012a878f420a8d882140366921b778ee6f04883aaa96b

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/main?v=dlnc5IxI49WdYAD1QWbj_WxvNDVs85nD21m98xgg8YE1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
last-modified: Tue, 09 May 2017 15:48:38 GMT
x-cdn: Incapsula
etag: "3ca397b9dbc8d21:0"
content-type: image/png
status: 200
x-iinfo: 4-25895914-25895797 2VNN RT(1602702074612 0) q(0 0 0 -1) r(1 1)
cache-control: max-age=604800, public
content-length: 3055
expires: Wed, 21 Oct 2020 19:01:14 GMT

GET
H2 200 trustmark.png
www.sickkidsfoundation.com/images/ 17 KB
17 KB 454ms
453ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/trustmark.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/main?v=dlnc5IxI49WdYAD1QWbj_WxvNDVs85nD21m98xgg8YE1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: f70d6b776764d40f70d36c0d47cbf3cf94d8cfa967b5249d986c0dc5e6f8ab89

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/main?v=dlnc5IxI49WdYAD1QWbj_WxvNDVs85nD21m98xgg8YE1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:15 GMT
last-modified: Tue, 31 Oct 2017 15:23:30 GMT
x-cdn: Incapsula
etag: "ea411f355c52d31:0"
content-type: image/png
status: 200
x-iinfo: 4-25895915-25895708 2VNN RT(1602702074613 0) q(0 3 3 -1) r(4 4)
cache-control: max-age=604800, public
content-length: 16916
expires: Wed, 21 Oct 2020 19:01:15 GMT

GET
H2 200 footer-hbar-dots.png
www.sickkidsfoundation.com/images/ 105 B
247 B 814ms
813ms Image
image/png 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/images/footer-hbar-dots.png
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/main?v=dlnc5IxI49WdYAD1QWbj_WxvNDVs85nD21m98xgg8YE1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 61ed697adcb10f1530bf63fd24d054c4b349911eb7e32d73300ebec8b792af65

Request headers

Referer: https://www.sickkidsfoundation.com/bundles/css/main?v=dlnc5IxI49WdYAD1QWbj_WxvNDVs85nD21m98xgg8YE1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:15 GMT
last-modified: Tue, 09 May 2017 15:48:38 GMT
x-cdn: Incapsula
etag: "fa7292b9dbc8d21:0"
content-type: image/png
status: 200
x-iinfo: 4-25895916-25895951 2VNN RT(1602702074614 0) q(0 3 3 -1) r(7 7)
cache-control: max-age=604800, public
content-length: 105
expires: Wed, 21 Oct 2020 19:01:15 GMT

GET
H2 200 Montserrat-Regular.ttf
www.sickkidsfoundation.com/fonts/ 28 KB
28 KB 549ms
547ms Font
application/octet-stream 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Montserrat-Regular.ttf?wrbnf9&chache=1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/main?v=dlnc5IxI49WdYAD1QWbj_WxvNDVs85nD21m98xgg8YE1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 32f9bdc73ecf308a19c0e918b407e12da12b6cd9a667decdc2ddcb74f457839a

Request headers

Origin: https://www.sickkidsfoundation.com
Referer: https://www.sickkidsfoundation.com/bundles/css/main?v=dlnc5IxI49WdYAD1QWbj_WxvNDVs85nD21m98xgg8YE1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:15 GMT
last-modified: Tue, 09 May 2017 15:48:38 GMT
x-cdn: Incapsula
etag: "b9f88ab9dbc8d21:0"
content-type: application/octet-stream
status: 200
x-iinfo: 4-25895917-25895939 2VNN RT(1602702074614 0) q(0 0 0 -1) r(0 5)
cache-control: max-age=604800, public
content-length: 29016
expires: Wed, 21 Oct 2020 19:01:15 GMT

GET
H2 200 Montserrat-Bold.ttf
www.sickkidsfoundation.com/fonts/ 29 KB
29 KB 275ms
274ms Font
application/octet-stream 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Montserrat-Bold.ttf?wrbnf9&chache=1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/main?v=dlnc5IxI49WdYAD1QWbj_WxvNDVs85nD21m98xgg8YE1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 9cb7dc18ee6175ab86bea008eb7aff1992ea7b06933964d5e2e864090206c20a

Request headers

Origin: https://www.sickkidsfoundation.com
Referer: https://www.sickkidsfoundation.com/bundles/css/main?v=dlnc5IxI49WdYAD1QWbj_WxvNDVs85nD21m98xgg8YE1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
last-modified: Tue, 09 May 2017 15:48:38 GMT
x-cdn: Incapsula
etag: "755c8ab9dbc8d21:0"
content-type: application/octet-stream
status: 200
x-iinfo: 4-25895918-25893316 2VNN RT(1602702074615 0) q(0 1 1 -1) r(2 2)
cache-control: max-age=604800, public
content-length: 29560
expires: Wed, 21 Oct 2020 19:01:14 GMT

GET
H2 200 skf.woff
www.sickkidsfoundation.com/fonts/ 5 KB
5 KB 271ms
270ms Font
font/x-woff 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/skf.woff
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/main?v=dlnc5IxI49WdYAD1QWbj_WxvNDVs85nD21m98xgg8YE1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: 14e0e9e6ada3040dacca5c75fa38a833a2c07e07313f4c597da40c0a9d563d90

Request headers

Origin: https://www.sickkidsfoundation.com
Referer: https://www.sickkidsfoundation.com/bundles/css/main?v=dlnc5IxI49WdYAD1QWbj_WxvNDVs85nD21m98xgg8YE1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
last-modified: Fri, 15 Mar 2019 18:51:28 GMT
x-cdn: Incapsula
etag: "0b8cc1860dbd41:0"
content-type: font/x-woff
status: 200
x-iinfo: 4-25895919-25895911 2VNN RT(1602702074616 0) q(0 1 1 -1) r(2 2)
cache-control: max-age=604800, public
content-length: 5400
expires: Wed, 21 Oct 2020 19:01:14 GMT

GET
H2 200 Oswald-Regular.ttf
www.sickkidsfoundation.com/fonts/ 50 KB
50 KB 380ms
379ms Font
application/octet-stream 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Oswald-Regular.ttf?wrbnf9&chache=1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/main?v=dlnc5IxI49WdYAD1QWbj_WxvNDVs85nD21m98xgg8YE1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: cce43fdf41f6092c71f3c1b14147e3571f3499eb85132aa6a11beb7e7316741e

Request headers

Origin: https://www.sickkidsfoundation.com
Referer: https://www.sickkidsfoundation.com/bundles/css/main?v=dlnc5IxI49WdYAD1QWbj_WxvNDVs85nD21m98xgg8YE1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
last-modified: Tue, 09 May 2017 15:48:38 GMT
x-cdn: Incapsula
etag: "74a68cb9dbc8d21:0"
content-type: application/octet-stream
status: 200
x-iinfo: 4-25895920-25893320 2VNN RT(1602702074617 0) q(0 2 2 -1) r(3 3)
cache-control: max-age=604800, public
content-length: 50944
expires: Wed, 21 Oct 2020 19:01:14 GMT

GET
H2 200 Oswald-Bold.ttf
www.sickkidsfoundation.com/fonts/ 52 KB
52 KB 385ms
384ms Font
application/octet-stream 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sickkidsfoundation.com/fonts/Oswald-Bold.ttf?wrbnf9&chache=1
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/css/main?v=dlnc5IxI49WdYAD1QWbj_WxvNDVs85nD21m98xgg8YE1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: fddd19f5a6d8e9f5ccf42fa3cb4542db815b05ba14c0b1cd00f484e6c1c431a1

Request headers

Origin: https://www.sickkidsfoundation.com
Referer: https://www.sickkidsfoundation.com/bundles/css/main?v=dlnc5IxI49WdYAD1QWbj_WxvNDVs85nD21m98xgg8YE1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
last-modified: Tue, 09 May 2017 15:48:38 GMT
x-cdn: Incapsula
etag: "1fe38bb9dbc8d21:0"
content-type: application/octet-stream
status: 200
x-iinfo: 4-25895921-25895911 2VNN RT(1602702074617 0) q(0 2 2 -1) r(3 3)
cache-control: max-age=604800, public
content-length: 53056
expires: Wed, 21 Oct 2020 19:01:14 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
8 KB 2667ms
2651ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3cb5162e19d9c6ecb634881fc079ab3aa8e9855a7bc164a830730a752a73e440

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:17 GMT
content-encoding: gzip
last-modified: Thu, 08 Oct 2020 02:14:47 GMT
x-msedge-ref: Ref A: 548D93252DAD486FADF799AC8231266E Ref B: FRAEDGE1220 Ref C: 2020-10-14T19:01:14Z
status: 200
etag: "80553cb189dd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8318

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 10ms
9ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 14 Oct 2020 19:01:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=65563
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 32ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/social?v=jNG_Zuncs3Uy5QCszY2DbJBTFVN_awNWLLRTpXz4zAs1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41AE) /
Resource Hash: 2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 14 Oct 2020 19:01:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
Server: ECS (fcn/41AE)
Age: 69
Etag: "a671d4d584ef50954e5cebb21da17065+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28698

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/bundles/social?v=jNG_Zuncs3Uy5QCszY2DbJBTFVN_awNWLLRTpXz4zAs1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5c8d58b27a60ee43399e469a217dddc3affb9625c546d6f2d65643d3f2d1be4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: z12PepPLQUCyoS+QTf051A==
status: 200
cross-origin-resource-policy: cross-origin
expires: Wed, 14 Oct 2020 19:14:31 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
etag: "a526d7e0ea46d7774cc4e1f94a6dd299"
x-fb-debug: VMIj/ubXumW4YBoMmykMD5tfDVVl+8P33sJHRkSUAMZ+NDF2NNorVhPsEvU9/lvO1z1M8Ymx4EALXB8LxXt24A==
x-fb-trip-id: 664085054
x-fb-content-md5: be26942be19b5f68f4dd742b73dd963d
date: Wed, 14 Oct 2020 19:01:14 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 _Incapsula_Resource
www.sickkidsfoundation.com/ 1 B
35 B 30ms
29ms Image
text/plain 107.154.141.76
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sickkidsfoundation.com/_Incapsula_Resource?SWKMTFSR=1&e=0.9129737356394714
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.141.76 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.141.76.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 14ms
13ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 14 Oct 2020 19:01:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=71404
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 4309
date: Wed, 14 Oct 2020 17:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Wed, 14 Oct 2020 19:49:25 GMT

GET
H2 200 hotjar-302599.js Show response
static.hotjar.com/c/ 4 KB
2 KB 242ms
123ms Script
application/javascript 99.86.243.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-302599.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.126 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-126.vie50.r.cloudfront.net

Software

Resource Hash

95c36ec3c36d2c127d54ec244bd92e382a2d7d3bc3898ad064ee643de158f2f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
x-cache-hit: 1
x-amz-cf-pop: VIE50-C1
status: 200
etag: W/aeb7cfee0a341318da43cccbaa03c891
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
content-length: 1681
via: 1.1 e6726d8c260dc6d0bdf74050840f4b1b.cloudfront.net (CloudFront)
x-amz-cf-id: tPME52nIRYX0JJBhZeeK6fHKpuCl0q17aUEV_H5mmnHxNozZYNEUOw==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 65ms
22ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
content-encoding: gzip
age: 64490
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1958
x-served-by: cache-fra19138-FRA
last-modified: Mon, 10 Aug 2020 18:10:59 GMT
x-timer: S1602702075.897492,VS0,VE0
etag: "a4cc3f907681b24a3efd540acd5d2996+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 35ms
34ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

d859a4dd217c69f291adef445e1c3a938ef7d850af3ba0f79f8ae081cda89e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11343
x-xss-protection: 0
server: cafe
etag: 2112904452244658753
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Oct 2020 19:01:14 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23070
x-xss-protection: 0
pragma: public
x-fb-debug: 8kaTFm13lyGvSCTuQp1PLbEPWLsKXNrdL0qB3UiZXFtpPbb7nRPy7fcGRxxTogttO3GXNrVBulaW3Ej1BLb+hQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 14 Oct 2020 19:01:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-880455918

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7fa13c6657317c3d7263813877fbbbaa16fe1e3f01545d26a5247b2f4c8aa4c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37256
x-xss-protection: 0
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Oct 2020 19:01:14 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 12ms
11ms Script
application/javascript 2a04:4e42:9::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:9::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: edb66434567b603679a9fd45786ff3b3b2bf3903d0da2e1c5af626688540bcc4

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
fastly-restarts: 1
x-cdn: fastly
status: 200
etag: "16423308d2b448e51a13f749cab3576e"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 4 KB
5 KB 78ms
21ms Script
application/javascript 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 81c3710b706c74f2d5dadcfcddf694cbf8a6c900667344d98280411c8516c23a

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 14 Oct 2020 19:01:14 GMT
Last-Modified: Fri, 18 Sep 2020 10:03:28 GMT
Server: AmazonS3
x-amz-request-id: EMBXFVAP3S9T7W8Y
ETag: "4788d3cecbebadb8ae5caf6cd933415b"
Content-Type: application/javascript
Cache-Control: max-age=394
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4421
x-amz-id-2: zFITY/OZ6Gm2BOTutUyCoVHyT+GG/6e9qT6JiqRJ2+X12hf3EHgLYzKSOg4MW9gMeheCuFT0G4U=

GET
H2 200 scevent.min.js Show response
sc-static.net/ 13 KB
6 KB 244ms
75ms Script
application/javascript 99.86.243.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.115 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-115.vie50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 4548c412ce3bd15ddf652328dd58fad638a41fbd5c08473a1ab485e5a12076c9

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:15 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: VIE50-C1
status: 200
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 5415
via: 1.1 87459a7837f980cdc57ba8a2c23a55ae.cloudfront.net (CloudFront)
x-amz-cf-id: nVlETLcoLGTUPH3LTmjN6pmD_JZmOPW0BY1Xr2pK6nd9UfvAVqv3AQ==

GET
H/1.1 200
OK sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 56 KB
21 KB 247ms
199ms Script
application/javascript 2.16.110.114
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.110.114 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-110-114.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3439d28ca48770ab920298cd27a12c6620dc192b69a0e41167d105572041a753

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Akamai-Request-ID: eb48cf6e.28cf5061
Date: Wed, 14 Oct 2020 19:01:15 GMT
Content-Encoding: gzip
X-Cache-Remote: TCP_MISS from a23-200-218-94.deploy.akamaitechnologies.com (AkamaiGHost/10.1.5-30889964) (-)
Upstream-Caught: 1602702075000912
X-Cache: TCP_MISS from a2-16-110-110.deploy.akamaitechnologies.com (AkamaiGHost/10.1.5-30889964) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Parent-Response-Time: 177,2.16.110.110
server-timing: cdn-cache; desc=MISS, edge; dur=169, origin; dur=9, inner; dur=8
Content-Length: 20314
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Server: nginx
X-Tt-Logid: 20201014190115010115176155170D6D92
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
X-Origin-Response-Time: 9,23.200.218.94
Expires: Wed, 14 Oct 2020 19:01:15 GMT

GET
H2 200 c.min.js Show response
cdn.c212.net/ 747 B
1 KB 46ms
7ms Script
application/javascript 2600:9000:2057:a000:16:cfb1:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.c212.net/c.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:a000:16:cfb1:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10fdc76cd92396525cf18941196d2251aa4d0c05ba2a0a5421e3af99c01503ae

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 09:08:39 GMT
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jan 2020 19:12:36 GMT
server: AmazonS3
age: 35556
etag: "9f5634a151b9e5ecb2adec9462f783d6"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 747
x-amz-cf-id: gEpB-JfI9yOQyypYwc2fEhOUVKLKtGQk5T70nfUCCaIKLuFY4NrdVA==

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
261 B 107ms
35ms Image
image/gif 52.17.148.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=tkox4xf&ct=0:h5zomvk&fmt=3
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.148.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-148-237.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 14 Oct 2020 19:01:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 194 KB
59 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=30cdefb21320272795bf3b3ffd539c50&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e17280e9be73f1384b78765dfd78fe0be55de3737f9a6c507f4b11b5505503a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.sickkidsfoundation.com
Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: R7xVBKBZkvfDB26ZQtD4iQ==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 59981
etag: "3e60cf7ca212e0b57a34d27c713146a4"
x-fb-debug: y/V88mdDYG8LAnIxLpRRrLSwHW86uH7bMaxa5orvwQqMePXbe/qeXp/m2fqXeOQZzGqGtRecmu49QBxlwSDecg==
x-fb-trip-id: 664085054
x-fb-content-md5: 5cd6181e26cfeb08b4662cd0b961def8
x-frame-options: DENY
date: Wed, 14 Oct 2020 19:01:14 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Thu, 14 Oct 2021 18:46:16 GMT

GET
H/1.1 200
OK widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame 2CA1 0
0 8ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.sickkidsfoundation.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40EA) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 75072
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 14 Oct 2020 19:01:14 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Thu, 01 Oct 2020 21:50:01 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40EA)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266%2C1371570&time=1602702074884&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2274266%252C1371570%26time%3D1602702074884%26url%3Dhttps%253A%252F%252Fwww.sickki...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266%2C1371570&time=1602702074884&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&l...

0
57 B

176ms
176ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266%2C1371570&time=1602702074884&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&liSync=true
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:15 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: A079zQvxPRbAhkhf9ioAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: 96EYwQvxPRawBF3/NCsAAA==
pragma: no-cache
x-li-pop: afd-prod-esv5
x-msedge-ref: Ref A: 09B7335A96E34811977F4EA7DE11A4D9 Ref B: FRAEDGE1108 Ref C: 2020-10-14T19:01:15Z
x-frame-options: sameorigin
date: Wed, 14 Oct 2020 19:01:14 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266%2C1371570&time=1602702074884&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 main.2424edb5.js Show response
s.pinimg.com/ct/lib/ 48 KB
17 KB 12ms
12ms Script
application/javascript 2a04:4e42:9::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.2424edb5.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:9::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 87ba34a2dac0d833ec28f5da1f52fa5a2b8279152500e1b825e241e4a64ea488

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
status: 200
etag: "f387c9c6b7338963d43f8909d77d8840"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 16965
access-control-expose-headers: X-CDN

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
96 B 14ms
13ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-66351416-1&cid=485553519.1602702075&jid=2060966869&gjid=927915898&_gid=1821044787.1602702075&_u=YGBAgAABAAAAAE~&z=827915769

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 14 Oct 2020 19:01:14 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.sickkidsfoundation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
62 B 7ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=1891920129&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=2060966869&gjid=927915898&cid=485553519.1602702075&tid=UA-66351416-1&_gid=1821044787.1602702075&gtm=2wg9u1NJ4P25&z=1328738674

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Oct 2020 06:06:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46501
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 250085185187976 Show response
connect.facebook.net/signals/config/ 234 KB
69 KB 9ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/250085185187976?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b11a80114a52e9fe554ac47ade7b83958cf6f1da533ada36be86c71ebba4d4f2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69833
x-xss-protection: 0
pragma: public
x-fb-debug: WuTvJXJlxLj1tHnOrEgAAy9rX5eu9ddK2oqFflYmDcn//eZOWXfIgKQYD6BEOXDbh4qVzfTYBoxf3FI5xH5YDg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 14 Oct 2020 19:01:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/711607319/ 2 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/711607319/?random=1602702074939&cv=9&fst=1602702074939&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9u1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

092cd40856d8ee4f4ce908ea92d6f55bfa2ea6dccab7be97840cf1a841038003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Oct 2020 19:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1015
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:818::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-66351416-1&cid=485553519.1602702075&jid=2060966869&_u=YGBAgAABAAAAAE~&z=53110794

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Oct 2020 19:01:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 31ms
31ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-66351416-1&cid=485553519.1602702075&jid=2060966869&_u=YGBAgAABAAAAAE~&z=53110794

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Oct 2020 19:01:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 36ms
36ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=157977957983408&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=30cdefb21320272795bf3b3ffd539c50&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: GVhUSNiqv2bI/P+Vt14RRRnhYr9JkI9m4LGKSHgMA9sYjwQkWlaUqmjKQ6iwt1M3Vf2EM8Lln+9qKilfxOvyPg==
fb-s: unknown
status: 200
date: Wed, 14 Oct 2020 19:01:14 GMT
strict-transport-security: max-age=15552000; preload
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sickkidsfoundation.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1036497480/ 2 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036497480/?random=1602702074950&cv=9&fst=1602702074950&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9u1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8286249eb65609828dbe6bb568e37926d99744282afb8bded81c64a556275131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Oct 2020 19:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1017
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 38 B
555 B 303ms
258ms XHR
application/json 23.210.248.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612982544860&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1602702074959

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2424edb5.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.189 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-189.deploy.static.akamaitechnologies.com

Software

Resource Hash

a0774f290781320b1ee451e53e384381cfa827d5c94526856eb4f5f80b3e50e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:15 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
pragma: no-cache
status: 200
x-envoy-upstream-service-time: 2
x-pinterest-rid: 0376602260046387
pin-unauth: dWlkPU9UVTROVFJtWkRNdFl6SmhZeTAwTVRRNUxXSTNNbVF0T1daa09XRmxOR1JsWXpjMw
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sickkidsfoundation.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 64
x-akamai-path-stats: [3:88268:4294967028]
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
301 B 304ms
260ms Image
image/gif 23.210.248.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612982544860&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222424edb5%22%7D&cb=1602702074960

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.189 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-189.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Oct 2020 19:01:15 GMT
referrer-policy: origin
x-cdn: akamai
status: 200
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 6
content-length: 35
x-pinterest-rid: 5003894985903707
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1728472720702530 Show response
connect.facebook.net/signals/config/ 234 KB
68 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1728472720702530?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

efa1f086c42ba890af774ac6b40e62413aff4445b4a412eb3e41937caf8f240c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69842
x-xss-protection: 0
pragma: public
x-fb-debug: 48NnDHqMfZaq22EdhrE8dyyUXVW+ZhCS5aMMzphoZQ0zIPHRvgf03+1O+Jsa8Rx27fOi5HW2112Gf8nadl8vNA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 14 Oct 2020 19:01:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
234 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=250085185187976&ev=PageView&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&rl=&if=false&ts=1602702074983&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1602702074982.1712187758&it=1602702074907&coo=false&rqm=GET

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 14 Oct 2020 19:01:14 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/880455918/ 2 KB
2 KB 51ms
34ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/880455918/?random=1602702074993&cv=9&fst=1602702074993&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf346f415586eab27e5f62c521f0d171a710ef0966071e4ac9ea2fcb37e9a8a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Oct 2020 19:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1045
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
448 B 200ms
143ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nxw6l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 115
pragma: no-cache
last-modified: Wed, 14 Oct 2020 19:01:15 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: a7eee6109c61f989a7c27cc96d612eb0
x-transaction: 00976d3900733c69
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/711607319/ 42 B
108 B 34ms
22ms Image
image/gif 2a00:1450:4001:818::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/711607319/?random=1602702074939&cv=9&fst=1602702000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9u1&sendb=1&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&async=1&fmt=3&is_vtc=1&random=1603307292&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Oct 2020 19:01:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/711607319/ 42 B
538 B 52ms
35ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/711607319/?random=1602702074939&cv=9&fst=1602702000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9u1&sendb=1&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&async=1&fmt=3&is_vtc=1&random=1603307292&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Oct 2020 19:01:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1036497480/ 42 B
108 B 39ms
28ms Image
image/gif 2a00:1450:4001:818::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1036497480/?random=1602702074950&cv=9&fst=1602702000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9u1&sendb=1&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&async=1&fmt=3&is_vtc=1&random=1681828140&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Oct 2020 19:01:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1036497480/ 42 B
65 B 65ms
50ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1036497480/?random=1602702074950&cv=9&fst=1602702000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9u1&sendb=1&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&async=1&fmt=3&is_vtc=1&random=1681828140&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Oct 2020 19:01:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
c212.net/c/etag/ 384 B
678 B 197ms
104ms Script
text/html 54.229.6.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c212.net/c/etag/?clientId=y3q9pMjP&pixel=0&dmp=1
Requested by: Host: cdn.c212.net
URL: https://cdn.c212.net/c.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.6.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-6-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 52f1516c5e7df8681ab9252b4924948b03cd0b29d84d00a7152c65315d511899

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 14 Oct 2020 19:01:15 GMT
server-timing: intid;desc=c908a5ee1f7a25d5
content-type: text/html;charset=iso-8859-1
content-length: 384
content-language: en-US
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=1728472720702530&ev=PageView&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&rl=&if=false&ts=1602702075013...
https://cx.atdmt.com/?c=430752460205681891&f=AYxtmksuMeQe5q_njsKuYB1oUW90pVEzrf0gzAUDFSBhaf7v-rGmjBWCvr3jFHydgQlnXQxoTGwBsANgXRuJMmoB&id=1728472720702530&l=3&v=0

43 B
423 B

45ms
31ms

Image
image/gif

2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cx.atdmt.com/?c=430752460205681891&f=AYxtmksuMeQe5q_njsKuYB1oUW90pVEzrf0gzAUDFSBhaf7v-rGmjBWCvr3jFHydgQlnXQxoTGwBsANgXRuJMmoB&id=1728472720702530&l=3&v=0

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
x-fb-debug: TwrEFldyu1/jkZbW3SNWHVxxu4Hhcb+zJRabBCsrWpgy6GflIzTbexD/FahBYwnQ21avWEpvkos2xo5e9P/z2Q==
content-encoding: br
x-content-type-options: nosniff
x-frame-options: DENY
date: Wed, 14 Oct 2020 12:01:15 PDT
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=0
expires: Wed, 14 Oct 2020 12:01:15 PDT

Redirect headers

pragma: no-cache
date: Wed, 14 Oct 2020 19:01:15 GMT
server: proxygen-bolt
status: 302
content-type: text/plain
location: https://cx.atdmt.com/?c=430752460205681891&f=AYxtmksuMeQe5q_njsKuYB1oUW90pVEzrf0gzAUDFSBhaf7v-rGmjBWCvr3jFHydgQlnXQxoTGwBsANgXRuJMmoB&id=1728472720702530&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/880455918/ 42 B
538 B 39ms
38ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/880455918/?random=1602702074993&cv=9&fst=1602702000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&async=1&fmt=3&is_vtc=1&random=3255640171&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Oct 2020 19:01:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/880455918/ 42 B
65 B 26ms
25ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/880455918/?random=1602702074993&cv=9&fst=1602702000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&async=1&fmt=3&is_vtc=1&random=3255640171&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Oct 2020 19:01:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.0734134ae79697970353.js Show response
script.hotjar.com/ 356 KB
70 KB 126ms
43ms Script
application/javascript 99.86.243.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0734134ae79697970353.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-302599.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.243.108 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-243-108.vie50.r.cloudfront.net

Software

Resource Hash

c74711a6e6e88947e72e1c2f784eda87306fb357433f2e62baddccebaebe2ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 07:09:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42725
x-cache: Hit from cloudfront
status: 200
content-length: 71676
access-control-allow-origin: *
last-modified: Wed, 14 Oct 2020 07:05:37 GMT
etag: "b1cca6d49bf8bc8d90a12726e6e60651"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 3dca71b0fde541bcd2caf3756ffbc27a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: -SdvX7CvzXCEHkM3ECpM2UUK45m9QK7w_QAJBRnPXZB6c_M8nwr5gw==

GET
H2 200 i
tr.snapchat.com/cm/ Frame 1DEE 0
0 105ms
36ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=1da237a8-8122-4c02-9fcf-0aa6fde57222

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?pid=1da237a8-8122-4c02-9fcf-0aa6fde57222
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Response headers

status: 200
server: nginx/1.17.3
date: Wed, 14 Oct 2020 19:01:15 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 track-log.js Show response
sf19-scmcdn-va.ibytedtos.com/obj/goofy-va/track-log-international/ad/business/v3/ 21 KB
8 KB 154ms
64ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sf19-scmcdn-va.ibytedtos.com/obj/goofy-va/track-log-international/ad/business/v3/track-log.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTD7IIOQDRQCQF14MJL0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b753db3a8f1b9d5cb485a956aa39dc3a0ec06771c6a37539da2f0846ba1699fb

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:15 GMT
content-encoding: gzip
x-tt-trace-tag: id=00;cdn-cache=miss
content-md5: nsYR9dFHFPixw9WYtLQn9g==
age: 1847952
x-cache: HIT
status: 200
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=12
content-length: 7688
via: 1.1 varnish
x-tos-request-id: 7855776b186a99e4-abc24eb
x-tos-response-time: Wed, 23 Sep 2020 09:42:02 GMT
last-modified: Wed, 23 Sep 2020 09:37:07 GMT
server: nginx
x-timer: S1602702075.219379,VS0,VE0
x-served-by: cache-hhn4082-HHN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-tt-trace-host: 01996b1fda62eedffc95679e01bcbd752ab2eff2274c3de3d14f3285330f0555a71f3c8d8404534707a4d3e57c6dd991590d48cd014812af1dbd76d3687d77117522af646a4f9511ab7ad8298d7b063c6f
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1574681

POST
H2 200 p
tr.snapchat.com/ Frame DBE1 0
0 92ms
43ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 287
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.sickkidsfoundation.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.sickkidsfoundation.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Response headers

status: 200
server: nginx/1.17.3
date: Wed, 14 Oct 2020 19:01:15 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQkAMQgDwImEKFVxnJD+T+HwvZNU87FM7mlH00YoDUXGmbnJf9cL0Qh0Lh4e2LWzMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame AF44 0
0 50ms
49ms Document
text/html 99.86.243.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-302599.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-126.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Response headers

status: 200
content-type: text/html
content-length: 851
date: Mon, 05 Oct 2020 13:02:45 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 05 Oct 2020 11:02:22 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e6726d8c260dc6d0bdf74050840f4b1b.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: fnQA7yNFceqQEXdzAO0oCJSkkN7LqvbnMC7A1aXfvLtzbd0gnQrfvg==
age: 799110

GET
H2 200 track
t.teads.tv/ 23 B
143 B 199ms
84ms Image
image/gif 104.108.145.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&advertiser_id=31041&referer=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.75 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 14 Oct 2020 19:01:15 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/sync/ 597 B
1 KB 173ms
53ms Script
text/javascript 23.210.249.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/js?sync=auto&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DNL%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1
Requested by: Host: c212.net
URL: https://c212.net/c/etag/?clientId=y3q9pMjP&pixel=0&dmp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.113 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-113.deploy.static.akamaitechnologies.com
Software: MT3 3149 445eed0 master zrh-pixel-x14 /
Resource Hash: acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 14 Oct 2020 19:01:15 GMT
Server: MT3 3149 445eed0 master zrh-pixel-x14
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Wed, 14 Oct 2020 19:01:13 GMT

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
242 B 288ms
201ms XHR
text/plain 23.210.248.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/md/

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2424edb5.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.189 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-189.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Oct 2020 19:01:15 GMT
referrer-policy: origin
x-cdn: akamai
status: 204
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 4039711903402759
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/302599/ 178 B
321 B 104ms
38ms XHR
application/json 63.32.141.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/302599/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0734134ae79697970353.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.141.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-141-164.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 14 Oct 2020 19:01:15 GMT
content-encoding: br
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H2 204 302599 Show response
vc.hotjar.io/sessions/ 0
256 B 153ms
84ms XHR
text/plain 99.86.243.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/302599?s=0.25&r=0.18651786987144092
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0734134ae79697970353.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-96.vie50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:15 GMT
via: 1.1 7c17b3af9cda4d5f0ff45961b7be9fdc.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: VIE50-C1
x-cache: Miss from cloudfront
status: 204
cache-control: no-store
access-control-allow-origin: *
x-amz-cf-id: wb4nZhjND_s6Piio0G9vq9mJ_DHRtVgwt0rxjaqgIzqtMNCoMXo48A==

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/880455918/ 2 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/880455918/?random=1602702075424&cv=9&fst=1602702075424&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a60880862d3acd491291d5fd9194e1a46264f7a3ceea3199a0f2bb3350be5d0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Oct 2020 19:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1045
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/880455918/ 42 B
65 B 25ms
24ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/880455918/?random=1602702075424&cv=9&fst=1602702000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&async=1&fmt=3&is_vtc=1&random=507239455&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Oct 2020 19:01:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/880455918/ 42 B
65 B 43ms
42ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/880455918/?random=1602702075424&cv=9&fst=1602702000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&async=1&fmt=3&is_vtc=1&random=507239455&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Oct 2020 19:01:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
479 B 41ms
40ms Image
image/gif 23.210.249.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.113 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-113.deploy.static.akamaitechnologies.com
Software: MT3 3149 445eed0 master zrh-pixel-x7 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 14 Oct 2020 19:01:15 GMT
Server: MT3 3149 445eed0 master zrh-pixel-x7
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 14 Oct 2020 19:01:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=250085185187976&ev=Microdata&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&rl=&if=false&ts=1602702076486&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1602702074982.1712187758&it=1602702074907&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 14 Oct 2020 19:01:16 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1728472720702530&ev=Microdata&dl=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&rl=&if=false&ts=1602702076515&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1602702074982.1712187758&it=1602702074907&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 14 Oct 2020 19:01:16 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 72ms
72ms Image
image/gif 104.108.145.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=timeSpent&advertiser_id=31041&referer=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.75 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 14 Oct 2020 19:01:17 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
147 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25070334&Ver=2&mid=25a57fcf-7a51-4b37-a476-ac61da3e47f6&sid=a38b02600e4f11ebba4bf3721ae50506&vid=a38b35f00e4f11ebba5c9fa0fa2e4bed&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&r=&lt=2632&evt=pageLoad&msclkid=N&sv=1&rn=53253
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Wed, 14 Oct 2020 19:01:17 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 998209180E2A4C5288CA8B9E200F3A23 Ref B: FRAEDGE1220 Ref C: 2020-10-14T19:01:17Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25070334&Ver=2&mid=03a97cba-9b21-4584-a35a-c391dba564ea&sid=a38b02600e4f11ebba4bf3721ae50506&vid=a38b35f00e4f11ebba5c9fa0fa2e4bed&vids=0&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak&r=&lt=2632&evt=pageLoad&msclkid=N&sv=1&rn=751767
Requested by: Host: www.sickkidsfoundation.com
URL: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Wed, 14 Oct 2020 19:01:17 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 0D4DFDAD79274B78A9E8B8D88BFDD256 Ref B: FRAEDGE1220 Ref C: 2020-10-14T19:01:17Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
651 B 178ms
135ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nxw6l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 19:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Wed, 14 Oct 2020 19:01:17 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 8ebc6c16c19ebdf0fcc390d8263881f3
x-transaction: 00ad1ace0038a06a
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 72ms
72ms Image
image/gif 104.108.145.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=timeSpent&advertiser_id=31041&referer=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.75 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 14 Oct 2020 19:01:20 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 68ms
68ms Image
image/gif 104.108.145.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=timeSpent&advertiser_id=31041&referer=https%3A%2F%2Fwww.sickkidsfoundation.com%2Faboutus%2Fnewsandmedia%2FNews_October2020_Newsletter_DrMamak
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.75 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 14 Oct 2020 19:01:25 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
635 B 39ms
38ms Image
image/gif 23.210.249.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.113 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-113.deploy.static.akamaitechnologies.com
Software: MT3 3149 445eed0 master cdg-pixel-x29 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.sickkidsfoundation.com/aboutus/newsandmedia/News_October2020_Newsletter_DrMamak
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 14 Oct 2020 19:01:25 GMT
Server: MT3 3149 445eed0 master cdg-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 14 Oct 2020 19:05:36 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.sickkidsfoundation.com/	1970-01-19 13:11:42	Name: _hjIncludedInSessionSample Value: 1
www.sickkidsfoundation.com/	1970-01-19 13:11:42	Name: _hjIncludedInPageviewSample Value: 1
.sickkidsfoundation.com/	1970-01-19 21:57:18	Name: _pin_unauth Value: dWlkPU9UVTROVFJtWkRNdFl6SmhZeTAwTVRRNUxXSTNNbVF0T1daa09XRmxOR1JsWXpjMw
.sickkidsfoundation.com/	1970-01-19 22:41:28	Name: _scid Value: 5f0cacb1-c222-4650-8d6a-08af2dd83562
.sickkidsfoundation.com/	1970-01-19 21:57:18	Name: _hjid Value: 6d3df13a-8597-4459-90e8-b03613cab1ee
.sickkidsfoundation.com/	1970-01-19 15:21:18	Name: _fbp Value: fb.1.1602702074982.1712187758
.sickkidsfoundation.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.sickkidsfoundation.com/	1969-12-31 23:59:59	Name: incap_ses_534_901569 Value: F4DrAuemqmR7t8PxXiZpB/lKh18AAAAAlcIZZDpjiyc/nFrfV04FZQ==
.sickkidsfoundation.com/	1970-01-19 13:13:08	Name: _gid Value: GA1.2.1821044787.1602702075
.sickkidsfoundation.com/	1970-01-19 13:11:43	Name: _hjAbsoluteSessionInProgress Value: 1
.sickkidsfoundation.com/	1970-01-20 06:42:54	Name: _ga Value: GA1.2.485553519.1602702075
.sickkidsfoundation.com/	1970-01-19 21:56:35	Name: visid_incap_901569 Value: Xnb5n4XbTK6CqWVkFRNHzPhKh18AAAAAQUIPAAAAAACJ8DfGvNQiLDExlNSNC5Y7
.sickkidsfoundation.com/	1970-01-19 13:13:08	Name: _uetsid Value: a38b02600e4f11ebba4bf3721ae50506
.sickkidsfoundation.com/	1970-01-19 15:21:18	Name: _gcl_au Value: 1.1.1816533022.1602702074
.snapchat.com/	1970-01-19 22:33:18	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQkAMQgDwImEKFVxnJD+T+HwvZNU87FM7mlH00YoDUXGmbnJf9cL0Qh0Lh4e2LWzMgAAAA==
www.sickkidsfoundation.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 5002l15plmwgwralqhgl2h5s
www.sickkidsfoundation.com/	1970-01-19 13:11:42	Name: ___utmvc Value: UI8abdBYJd6vV6cf7zfhq4surfVLxmHT6YmeIpppIFRFoRmgniXF4GhuevaujHpfSVv1kQ7KC8+V2smJ95TSVLNKV1kLGHq1uF9wDemKsZRohrcmqVrMRmTE60FOdPXVpNXGuCvRaCaLjk+fsHxlm6XyuNWZ/omD1HHsrMGrebemeOvboxfPcD5sxHIM518zxb08Ty6vRqnieJzBpcsGY3+4njr0cmoeOcJTq4dhzO80F/8fBi7pIh5/I36AadlFx69mJWp7Ic7UOxkJVBMU+nnhV17d2JTE+qDk4sLhBPJbuHls8MO1M4yxXPLGAyYaVp+cEUu/edwHekFMNh5fqm4pPzBHxYNe73XLqk/8odX94MF+QtGcbFaXkoJ5gd/8jkYawHHKqzfyiP++qy9K1wnIDsyquaRL1+5GaoyQqjDCm7NNjEhRej5+S8dz1vXZsTG/NfShXJwC52lV8KQXkMkh31F370iM65wprgiTKpY6g2qLj7ahNVhJba+M7pV1R1FwIQbCRAQKcqY+tTrQMWF0uFpcsvKz6KoLS9S0dr9rT71J5YtcGPBqHcAE5ekALQhIsbN+tT+feKkZ9AzcF+L2obSyP0HdVOWlOynC40A40009rRuLygoaRmTswL5Rel2GwT4m/E1NOcHSxxjX6mC1VmeQ6xCRMwvl2aqGGf+7CO14S4D92YYgnFvucxdqzayHtQOmMcWtwTuI3My5O5oBDaeSj/cM/E9zytuuW68GWgnY2alMwPSoAASA8fF8IN6sLDYl5XycHc7T9x9sCbzAbFu7a/ds6ATaRC2Xs105wGK7Cl6gLL+yXNI7BkA4NwtpqjRzRnudfBIHAkL6sB3o1wVLNdhNRwlQ9NqJZPUlXXix22wr1iKj/f8wmaBPS3Op7KuUKOOzL6gaEU8vGBYcnoESijxkctVgTBNlzSBs2RyWQYpP3dAjxOgUP8IeUpD/Z06Xl6wZEUeQhj4BryXm+1UphOiCKMoOGnHLMRRSPzAKPOB191KUlPUsXmEWnmRa1M11Phjv3FjdbiVBERyv0Bk/IVvv472Fqcg6sQdnDG7fwjLKhd3ks+9Fq+BUHs3J8HEvyYMAugpfiaHp86Hw6Q5o1428IXv2Rm5sekTLTZfF8vJB3WZhMDHn/XvfwT/hYS1/OHDLIpnZHMXgsl4KG4doMZJ7iSSu6gRrbNgE/4/1E/suISEWsJwbgVJEfAS4eUvJgTQoYbBTpJ9gXREMsj+6cu36iZBIi6ZEHWFLps+uyfOQqpngDuPmVXXLFqwUXBkWdbX3dTfg+oSukujEjWomF7GtJwOhioJTVZ7uTcDCeeBTQWA7b+0aL+ZseH1OY1DnZJEy9oCea8ov4TUChpeAtFY7NjZGH8MotSGjPCCN0UnK62UmHTsmZYe8fk/6QVNjxVsFPOtLXfY8ICs5Pl0F4s3snNdGHFkUubNF25zJGRhlAjO5Xlsp1o4+ujBmJvGkGNHgMZsCQ2yIqGB4Z3zXCzEJxMS81Gdkz6wtMluaSeMhSjj7tmB3yczrKXRB9n1ZzUrkPtUPxF+TEdB4qefIMrRBZdrAOqKFXNNf69I9gpIskcfUu8o2xdGIchj4HrIyvFQt0GYSU99H+24zWeeSgHFCxBpxwxaKy8nntCaffIz0DFxrKa1crbBdQ/wo39pHiJb2WYqp69nhsfwg5o7jkciXCnzVNB4goP8aKWAJh2nF1W2kD5pvF7t3ouxwHzDAVI9jydAWX+dyDLGMM0u2YZfipQFhMhtqQmEb/9Yizv0FPjTyeqRmjQUnPdweKbWoA2sNFz3/8Dh0X7hwvbn/ZVPcUbSWHgKnGVLyVrJfq0qIAvU35DApzOnBtGsTyRfX0AeICoYsZGlnZXN0PTEyOTcxNyxzPTYwNjU4MTk5ODhhZGEyNzM3MDdhN2U3OGE5YTk4MTdiNzQ2NzgxOGJhZjg0N2U2OGE2YTZhODY3OTNhNWE1NjRhYjg2NzY5YTg4OTk3Njc0
.sickkidsfoundation.com/	1970-01-19 13:35:06	Name: _uetvid Value: a38b35f00e4f11ebba5c9fa0fa2e4bed
.sickkidsfoundation.com/	1970-01-19 13:11:42	Name: _dc_gtm_UA-66351416-1 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
analytics.twitter.com
bat.bing.com
c212.net
cdn.c212.net
connect.facebook.net
ct.pinterest.com
cx.atdmt.com
googleads.g.doubleclick.net
in.hotjar.com
insight.adsrvr.org
p.teads.tv
pixel.mathtag.com
platform.twitter.com
px.ads.linkedin.com
s.pinimg.com
sc-static.net
script.hotjar.com
sf19-scmcdn-va.ibytedtos.com
sickkidsfoundationnc.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
t.teads.tv
tr.snapchat.com
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.sickkidsfoundation.com
104.108.145.75
104.111.242.245
104.244.42.197
104.244.42.67
107.154.141.76
151.101.114.133
151.101.12.157
172.217.23.98
2.16.110.114
23.210.248.189
23.210.249.113
2600:9000:2057:a000:16:cfb1:a0c0:93a1
2606:2800:234:59:254c:406:2366:268c
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:818::2004
2a00:1450:400c:c00::9d
2a02:26f0:10c:58e::25ea
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:9::84
2a05:f500:11:101::b93f:9005
35.186.226.184
52.17.148.237
54.229.6.193
63.32.141.164
67.211.123.187
99.86.243.108
99.86.243.115
99.86.243.126
99.86.243.96
092cd40856d8ee4f4ce908ea92d6f55bfa2ea6dccab7be97840cf1a841038003
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10fdc76cd92396525cf18941196d2251aa4d0c05ba2a0a5421e3af99c01503ae
14e0e9e6ada3040dacca5c75fa38a833a2c07e07313f4c597da40c0a9d563d90
1ac1851e1d7f0afdbf8037a3cc9df67b12b7a67771545718f551b922ff73b6c4
1c0f5ab277787d1bf8f1d0b5880c15cc75f54af28e6b12f9a898483476de6a3f
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32f9bdc73ecf308a19c0e918b407e12da12b6cd9a667decdc2ddcb74f457839a
3439d28ca48770ab920298cd27a12c6620dc192b69a0e41167d105572041a753
34d899767134cd01e47e7197ce9a9b697bd86dacfaaace39fad4978b85874013
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3cb5162e19d9c6ecb634881fc079ab3aa8e9855a7bc164a830730a752a73e440
44cec66e8f45f1c1573be7ee656b280f475f07b608982b8e68c742363d202ee1
4548c412ce3bd15ddf652328dd58fad638a41fbd5c08473a1ab485e5a12076c9
52a8b689a73c228618294e3e544fac3e62507eabf2fe490dc77a00c16e34c452
52f1516c5e7df8681ab9252b4924948b03cd0b29d84d00a7152c65315d511899
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
5c8d58b27a60ee43399e469a217dddc3affb9625c546d6f2d65643d3f2d1be4a
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
61ed697adcb10f1530bf63fd24d054c4b349911eb7e32d73300ebec8b792af65
64b73fe1e719ef80662f1f2b2c2029c40bd222ae5177747b75f82907fa0a84c9
694bc35fc07d7091b82ee02e6b7cbcacc69edb23c9dfd515a18647d684456c51
7fa13c6657317c3d7263813877fbbbaa16fe1e3f01545d26a5247b2f4c8aa4c8
81c3710b706c74f2d5dadcfcddf694cbf8a6c900667344d98280411c8516c23a
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
8286249eb65609828dbe6bb568e37926d99744282afb8bded81c64a556275131
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87ba34a2dac0d833ec28f5da1f52fa5a2b8279152500e1b825e241e4a64ea488
8b273fe0ae11dfeb96f7a56f1b5ecd2d76500147927ad557356faa5227d17032
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92dae3fb3e2d8b1ccb4b5c60007308dbc568736f841598b1a45195f1c4e6df8a
95c36ec3c36d2c127d54ec244bd92e382a2d7d3bc3898ad064ee643de158f2f0
9cb7dc18ee6175ab86bea008eb7aff1992ea7b06933964d5e2e864090206c20a
a0774f290781320b1ee451e53e384381cfa827d5c94526856eb4f5f80b3e50e7
a60880862d3acd491291d5fd9194e1a46264f7a3ceea3199a0f2bb3350be5d0b
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
a9bae822288365e478a012a878f420a8d882140366921b778ee6f04883aaa96b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57
ae45007c10fb058099dce27a7af043e710c0065c0aa56ea608b06eb5bc9958f3
b11a80114a52e9fe554ac47ade7b83958cf6f1da533ada36be86c71ebba4d4f2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6cb09e57c1ed08553566bda474cf9681c03fc4ba091731c81c78a6a4226740b
b753db3a8f1b9d5cb485a956aa39dc3a0ec06771c6a37539da2f0846ba1699fb
b874fe0c79a8cc27a49b15bd4ddb072999dbd512105f51de530cc4f1337e1af6
bac55964d082a92f005805a689fda6fead6324c1c17e394115a05cc290b80d7a
c6d88f2b8060daf613247b4ff968aa8ae633f1bffd77ba730a895ec4e71af4c6
c74711a6e6e88947e72e1c2f784eda87306fb357433f2e62baddccebaebe2ff8
cce43fdf41f6092c71f3c1b14147e3571f3499eb85132aa6a11beb7e7316741e
cf346f415586eab27e5f62c521f0d171a710ef0966071e4ac9ea2fcb37e9a8a6
d6af43677b5ee5433fab178cd71cfe6e141078fb257c7a73bc320ec9766f3e02
d859a4dd217c69f291adef445e1c3a938ef7d850af3ba0f79f8ae081cda89e12
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e17280e9be73f1384b78765dfd78fe0be55de3737f9a6c507f4b11b5505503a5
e30ef2ff748480f8a9cc09721f299a00076f30b126eed909cd2150ec6fa985d3
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e504ef5834756b1288609d33084c7db8c7b860e70b936dbb6f62a035f8cf4975
edb66434567b603679a9fd45786ff3b3b2bf3903d0da2e1c5af626688540bcc4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa1f086c42ba890af774ac6b40e62413aff4445b4a412eb3e41937caf8f240c
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f70d6b776764d40f70d36c0d47cbf3cf94d8cfa967b5249d986c0dc5e6f8ab89
f76400cd1b7b29cc0fac47343ee8e98f3189f21c37f60e8bfce339642abfa76c
fddd19f5a6d8e9f5ccf42fa3cb4542db815b05ba14c0b1cd00f484e6c1c431a1

www.sickkidsfoundation.com Open in urlscan Pro 107.154.141.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

100 %HTTPS

46 %IPv6

29 Domains

37 Subdomains

35 IPs

7 Countries

3163 kBTransfer

5377 kBSize

19 Cookies

14 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sickkidsfoundation.com Open in urlscan Pro
107.154.141.76 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

100 %
HTTPS

46 %
IPv6

29
Domains

37
Subdomains

35
IPs

7
Countries

3163 kB
Transfer

5377 kB
Size

19
Cookies

94 HTTP transactions
0 data transactions