sickkidslottery.ca Open in urlscan Pro
35.182.67.179 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sickkidslottery.ca/
Effective URL:
https://sickkidslottery.ca/
Submission: On February 18 via manual (February 18th 2020, 4:00:51 pm UTC) from CA

Summary HTTP 70 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 27 IPs in 7 countries across 21 domains to perform 70 HTTP transactions. The main IP is 35.182.67.179, located in Montreal, Canada and belongs to AMAZON-02, US. The main domain is sickkidslottery.ca.
TLS certificate: Issued by Amazon on May 18th 2019. Valid for: a year.

This is the only time sickkidslottery.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	35.182.67.179 35.182.67.179	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
3	52.95.147.33 52.95.147.33	16509 (AMAZON-02) (AMAZON-02)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
5	95.100.67.47 95.100.67.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a00:1450:400... 2a00:1450:4001:81b::2008	15169 (GOOGLE) (GOOGLE)
1	147.75.84.39 147.75.84.39	54825 (PACKET) (PACKET)
2	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
7	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2 3	2001:4860:480... 2001:4860:4802:32::75	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
8	52.95.145.84 52.95.145.84	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	46.51.196.250 46.51.196.250	16509 (AMAZON-02) (AMAZON-02)
1	147.75.100.245 147.75.100.245	54825 (PACKET) (PACKET)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	2a02:26f0:64:... 2a02:26f0:64:4bb::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	147.75.102.239 147.75.102.239	54825 (PACKET) (PACKET)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
70	27

15 35.182.67.179 (Montreal, Canada) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-182-67-179.ca-central-1.compute.amazonaws.com

sickkidslottery.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.147.33 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-w.ca-central-1.amazonaws.com

skl-media.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.100.67.47 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-67-47.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.39 (Parsippany, United States)

ASN54825 (PACKET, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::75 (United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.95.145.84 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3.ca-central-1.amazonaws.com

s3-ca-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.51.196.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-196-250.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.100.245 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress15

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64:4bb::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.239 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress2

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	sickkidslottery.ca 1 redirects sickkidslottery.ca	88 KB
11	amazonaws.com skl-media.s3.amazonaws.com s3-ca-central-1.amazonaws.com	4 MB
7	facebook.com www.facebook.com	834 B
6	typekit.net use.typekit.net p.typekit.net	142 KB
4	facebook.net connect.facebook.net	367 KB
4	google-analytics.com 1 redirects ssl.google-analytics.com www.google-analytics.com	35 KB
3	google.de www.google.de	328 B
3	google.com 2 redirects www.google.com	474 B
3	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
3	gstatic.com fonts.gstatic.com	38 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	72 KB
2	bing.com bat.bing.com	8 KB
2	googletagmanager.com www.googletagmanager.com	86 KB
2	fontawesome.com use.fontawesome.com	87 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	twitter.com analytics.twitter.com	283 B
1	googleadservices.com www.googleadservices.com	10 KB
1	t.co t.co	171 B
1	adsrvr.org insight.adsrvr.org	260 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	crazyegg.com script.crazyegg.com
70	21

	Domain	Requested by
15	sickkidslottery.ca	1 redirects sickkidslottery.ca
8	s3-ca-central-1.amazonaws.com	sickkidslottery.ca
7	www.facebook.com	sickkidslottery.ca
5	use.typekit.net	sickkidslottery.ca use.typekit.net
4	connect.facebook.net	sickkidslottery.ca connect.facebook.net
3	www.google.de	sickkidslottery.ca
3	www.google.com	2 redirects sickkidslottery.ca
3	fonts.gstatic.com	sickkidslottery.ca
3	skl-media.s3.amazonaws.com	sickkidslottery.ca
2	www.google-analytics.com	www.googletagmanager.com sickkidslottery.ca
2	bat.bing.com	www.googletagmanager.com sickkidslottery.ca
2	stats.g.doubleclick.net	2 redirects
2	www.googletagmanager.com	sickkidslottery.ca www.googletagmanager.com
2	ssl.google-analytics.com	1 redirects sickkidslottery.ca
2	use.fontawesome.com	sickkidslottery.ca
2	fonts.googleapis.com	sickkidslottery.ca
1	analytics.twitter.com	static.ads-twitter.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	p.typekit.net	sickkidslottery.ca
1	t.co	sickkidslottery.ca
1	script.hotjar.com	static.hotjar.com
1	insight.adsrvr.org	sickkidslottery.ca
1	static.ads-twitter.com	www.googletagmanager.com
1	script.crazyegg.com	sickkidslottery.ca
1	static.hotjar.com	sickkidslottery.ca
70	27

This site contains links to these domains. Also see Links.

Domain
order.sickkidslottery.ca
www.sickkidsfoundation.com

Subject Issuer	Validity	Valid
sickkidslottery.ca Amazon	`2019-05-18` - `2020-06-18`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2021-03-12`	a year	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
ssl945600.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-28` - `2020-08-05`	6 months	crt.sh
www.google.de GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.s3.ca-central-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-13` - `2020-07-10`	8 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://sickkidslottery.ca/
Frame ID: 13871FBF734EA910E1FB075CFBE8E068
Requests: 70 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fsickkidslottery&width=63&layout=button&action=like&size=large&show_faces=false&share=false&height=65&appId=594039681119388
Frame ID: DA60ECC8F32B46D7538ACD89D3AF57C0
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 5B4CFF875D2889D9E77F4BDF3AFF4284
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://sickkidslottery.ca/ HTTP 301
https://sickkidslottery.ca/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

70
Requests

100 %
HTTPS

52 %
IPv6

21
Domains

27
Subdomains

27
IPs

7
Countries

5167 kB
Transfer

7264 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://order.sickkidslottery.ca/
Title: ORDER NOW!

Search URL Search Domain Scan URL

URL: http://www.sickkidsfoundation.com/
Title: SickKids Foundation

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sickkidslottery.ca/ HTTP 301
https://sickkidslottery.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1268094104&utmhn=sickkidslottery.ca&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=SickKids%20Lottery%20Home&utmhid=1383160066&utmr=-&utmp=%2F&utmht=1582041632726&utmac=UA-38634201-2&utmcc=__utma%3D125677448.1604849680.1582041633.1582041633.1582041633.1%3B%2B__utmz%3D125677448.1582041633.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1438348448&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-38634201-2&cid=1604849680.1582041633&jid=1438348448&_v=5.7.2&z=1268094104 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38634201-2&cid=1604849680.1582041633&jid=1438348448&_v=5.7.2&z=1268094104 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38634201-2&cid=1604849680.1582041633&jid=1438348448&_v=5.7.2&z=1268094104&slf_rd=1&random=3007484779

Request Chain 52

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-66351416-1&cid=1604849680.1582041633&jid=1534176278&gjid=1298161955&_gid=193959019.1582041633&_u=YSBCgEAB~&z=379088129 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66351416-1&cid=1604849680.1582041633&jid=1534176278&_v=j81&z=379088129 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66351416-1&cid=1604849680.1582041633&jid=1534176278&_v=j81&z=379088129&slf_rd=1&random=3466598652

70 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sickkidslottery.ca/
Redirect Chain

http://sickkidslottery.ca/
https://sickkidslottery.ca/

21 KB
7 KB

511ms
229ms

Document
text/html

35.182.67.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sickkidslottery.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.182.67.179 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-182-67-179.ca-central-1.compute.amazonaws.com

Software

nginx/1.14.0 / PHP/7.1.20

Resource Hash

a3bdd93912d72c41506b0f6d266a5e66c7cd8959680dea0e6516757637559c24

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

:method: GET
:authority: sickkidslottery.ca
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 18 Feb 2020 16:00:31 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.0
vary: Accept-Encoding
x-powered-by: PHP/7.1.20
x-frame-options: SAMEORIGIN SAMEORIGIN
set-cookie: PHPSESSID=0te69bqn77mal1kge39rko5ktq; path=/; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://sickkidslottery.ca/wp-json/>; rel="https://api.w.org/" <https://sickkidslottery.ca/>; rel=shortlink
content-encoding: gzip

Redirect headers

Date: Tue, 18 Feb 2020 16:00:30 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Server: nginx/1.14.0
Location: https://sickkidslottery.ca/
X-Frame-Options: SAMEORIGIN

GET
H2 200 css
fonts.googleapis.com/ 4 KB
690 B 25ms
23ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00838395cd8b377d7164786319e394a09e9002e048ecb8651c1d7ba94b2d65a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Feb 2020 16:00:31 GMT
server: ESF
date: Tue, 18 Feb 2020 16:00:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Feb 2020 16:00:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
637 B 25ms
22ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d93e854f26f6c8c4a855ff7ceaebf7c5d28d483d16db587a06577f50eb832e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Feb 2020 16:00:31 GMT
server: ESF
date: Tue, 18 Feb 2020 16:00:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Feb 2020 16:00:31 GMT

GET
H/1.1 200
OK colorbox.css
skl-media.s3.amazonaws.com/theme/css/ 2 KB
2 KB 711ms
125ms Stylesheet
text/css 52.95.147.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://skl-media.s3.amazonaws.com/theme/css/colorbox.css
Requested by: Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.147.33 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f7b2ec41b874e3aee52f8bb0511b74ba9484b7147e777586372b7cd881cd3b26

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 18 Feb 2020 16:00:33 GMT
Last-Modified: Sun, 19 Jan 2020 22:23:31 GMT
Server: AmazonS3
x-amz-request-id: C1237C4787588A78
ETag: "6200abb1c514f94fed62daca3a7f78f6"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2167
x-amz-id-2: 9BDfkn4Bu1N4a8wS1MPuC8dSQxR+DoYjO0JgpG59Bzb9YaKvOqfusQ+Zj28UFTM4VgunqWQM0ao=

GET
H/1.1 200
OK style.min.css
skl-media.s3.amazonaws.com/theme/build/css/ 92 KB
92 KB 830ms
118ms Stylesheet
text/css 52.95.147.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://skl-media.s3.amazonaws.com/theme/build/css/style.min.css?v=1122
Requested by: Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.147.33 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cb164053905c239a5ce3ed64be6ad236fc8162b018d086dcb394265a2b19e04f

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 18 Feb 2020 16:00:33 GMT
Last-Modified: Sun, 19 Jan 2020 22:23:33 GMT
Server: AmazonS3
x-amz-request-id: 384F264FE0F5043C
ETag: "9b09403b079805a6c8b72b6a94f476a8"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 93731
x-amz-id-2: GxRY+iqruZ/sPj+l5jXdaXR7n5b19fH3AM+WHsq3UTAFG0dNgNpcOJr1MR2SfIB1geKRmywLojA=

GET
H/1.1 200
OK style-hoffman.min.css
skl-media.s3.amazonaws.com/theme/build/css/ 20 KB
20 KB 1148ms
115ms Stylesheet
text/css 52.95.147.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://skl-media.s3.amazonaws.com/theme/build/css/style-hoffman.min.css
Requested by: Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.147.33 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 87d901eb13df0f5f129d8ef8ddc133c6b8d16145a34ccd908ee766cad16c3d4c

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 18 Feb 2020 16:00:33 GMT
Last-Modified: Sun, 19 Jan 2020 22:23:33 GMT
Server: AmazonS3
x-amz-request-id: A7E7874D257FF669
ETag: "48e94e1d24a06f9b8e691683c1536b6d"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 20391
x-amz-id-2: t60/kj0342tVcZ49HrtgdSpqEpEa58OkOfMqaPpqDMQ+9JDGMqDcaE+cexVYcYMzP5TkizC2ecY=

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.2/css/ 54 KB
14 KB 75ms
23ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.2/css/all.css
Requested by: Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f

Request headers

Referer: https://sickkidslottery.ca/
Origin: https://sickkidslottery.ca
Sec-Fetch-Dest: style
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Feb 2020 16:00:31 GMT
content-encoding: gzip
last-modified: Tue, 07 May 2019 16:50:11 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"77cbad34e5ce95e70847b074e05faeab"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 style.min.css
sickkidslottery.ca/wp-includes/css/dist/block-library/ 40 KB
7 KB 212ms
210ms Stylesheet
text/css 35.182.67.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sickkidslottery.ca/wp-includes/css/dist/block-library/style.min.css?ver=5.3

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.182.67.179 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-182-67-179.ca-central-1.compute.amazonaws.com

Software

nginx/1.14.0 /

Resource Hash

d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 18 Feb 2020 16:00:31 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sun, 16 Feb 2020 21:44:54 GMT
server: nginx/1.14.0
etag: W/"5e49b7d6-a1fb"
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style-2018.css
sickkidslottery.ca/wp-content/themes/skl/build/css/ 4 KB
2 KB 114ms
112ms Stylesheet
text/css 35.182.67.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sickkidslottery.ca/wp-content/themes/skl/build/css/style-2018.css?ver=5.3

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.182.67.179 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-182-67-179.ca-central-1.compute.amazonaws.com

Software

nginx/1.14.0 /

Resource Hash

973494a60f2bb02a940398fc5d4208f3832322f3550611b32cbbb3f9a303b6d9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 18 Feb 2020 16:00:31 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sun, 16 Feb 2020 21:46:10 GMT
server: nginx/1.14.0
etag: W/"5e49b822-106e"
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.js Show response
sickkidslottery.ca/wp-includes/js/jquery/ 95 KB
37 KB 218ms
215ms Script
application/javascript 35.182.67.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sickkidslottery.ca/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.182.67.179 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-182-67-179.ca-central-1.compute.amazonaws.com

Software

nginx/1.14.0 /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:31 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sun, 16 Feb 2020 21:44:55 GMT
server: nginx/1.14.0
etag: W/"5e49b7d7-17a69"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
sickkidslottery.ca/wp-includes/js/jquery/ 10 KB
4 KB 115ms
113ms Script
application/javascript 35.182.67.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sickkidslottery.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.182.67.179 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-182-67-179.ca-central-1.compute.amazonaws.com

Software

nginx/1.14.0 /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:31 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sun, 16 Feb 2020 21:46:12 GMT
server: nginx/1.14.0
etag: W/"5e49b824-2748"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.easing.1.3.js Show response
sickkidslottery.ca/wp-content/themes/skl/js/ 8 KB
2 KB 116ms
114ms Script
application/javascript 35.182.67.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sickkidslottery.ca/wp-content/themes/skl/js/jquery.easing.1.3.js?ver=5.3

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.182.67.179 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-182-67-179.ca-central-1.compute.amazonaws.com

Software

nginx/1.14.0 /

Resource Hash

e4273399cc0bc22e58b35f9f79fdf2705a39ddf4ad918ce852f2624e271d8248

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:31 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sun, 16 Feb 2020 21:44:53 GMT
server: nginx/1.14.0
etag: W/"5e49b7d5-206d"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.cycle.all.latest.min.js Show response
sickkidslottery.ca/wp-content/themes/skl/js/ 30 KB
9 KB 215ms
212ms Script
application/javascript 35.182.67.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sickkidslottery.ca/wp-content/themes/skl/js/jquery.cycle.all.latest.min.js?ver=5.3

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.182.67.179 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-182-67-179.ca-central-1.compute.amazonaws.com

Software

nginx/1.14.0 /

Resource Hash

d57d9870855ff948571078cb4b3ad57c3b9eab02c928586f69715f85fe0a889e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:31 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sun, 16 Feb 2020 21:46:10 GMT
server: nginx/1.14.0
etag: W/"5e49b822-794c"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.countdown.min.js Show response
sickkidslottery.ca/wp-content/themes/skl/js/ 14 KB
5 KB 217ms
214ms Script
application/javascript 35.182.67.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sickkidslottery.ca/wp-content/themes/skl/js/jquery.countdown.min.js?ver=5.3

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.182.67.179 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-182-67-179.ca-central-1.compute.amazonaws.com

Software

nginx/1.14.0 /

Resource Hash

dfe2da91bfd22c00bf44cd598594832f5937b92bd91c53677d16f892f41f474c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:31 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sun, 16 Feb 2020 21:44:53 GMT
server: nginx/1.14.0
etag: W/"5e49b7d5-36b6"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.collapse.js Show response
sickkidslottery.ca/wp-content/themes/skl/js/ 5 KB
2 KB 117ms
115ms Script
application/javascript 35.182.67.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sickkidslottery.ca/wp-content/themes/skl/js/jquery.collapse.js?ver=5.3

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.182.67.179 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-182-67-179.ca-central-1.compute.amazonaws.com

Software

nginx/1.14.0 /

Resource Hash

2ca5463e7d264f8134b9a53498a2ba27bc51a620aff1922be0864084bb741ccc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:31 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sun, 16 Feb 2020 21:46:10 GMT
server: nginx/1.14.0
etag: W/"5e49b822-1277"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 global.min.js Show response
sickkidslottery.ca/wp-content/themes/skl/build/js/ 3 KB
1 KB 217ms
215ms Script
application/javascript 35.182.67.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sickkidslottery.ca/wp-content/themes/skl/build/js/global.min.js?ver=5.3

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.182.67.179 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-182-67-179.ca-central-1.compute.amazonaws.com

Software

nginx/1.14.0 /

Resource Hash

0668bc4d07ba50856d7a517a9fa476ab97f792057b388e2f58c9563bb5e38f64

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:31 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sun, 16 Feb 2020 21:44:53 GMT
server: nginx/1.14.0
etag: W/"5e49b7d5-ac1"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 xnn6ikc.js Show response
use.typekit.net/ 19 KB
8 KB 487ms
190ms Script
text/javascript 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/xnn6ikc.js

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-67-47.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

fac9b80bcb964e36709b935b792b34362199467fa97d112569630cae3ca3136b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
access-control-allow-origin: *
date: Tue, 18 Feb 2020 16:00:31 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
status: 200
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 7487

GET
H2 200 comment-reply.min.js Show response
sickkidslottery.ca/wp-includes/js/ 2 KB
1 KB 117ms
115ms Script
application/javascript 35.182.67.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sickkidslottery.ca/wp-includes/js/comment-reply.min.js?ver=5.3

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.182.67.179 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-182-67-179.ca-central-1.compute.amazonaws.com

Software

nginx/1.14.0 /

Resource Hash

73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:31 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sun, 16 Feb 2020 21:46:12 GMT
server: nginx/1.14.0
etag: W/"5e49b824-951"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
sickkidslottery.ca/wp-includes/js/ 1 KB
1006 B 309ms
307ms Script
application/javascript 35.182.67.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sickkidslottery.ca/wp-includes/js/wp-embed.min.js?ver=5.3

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.182.67.179 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-182-67-179.ca-central-1.compute.amazonaws.com

Software

nginx/1.14.0 /

Resource Hash

0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:31 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sun, 16 Feb 2020 21:44:55 GMT
server: nginx/1.14.0
etag: W/"5e49b7d7-577"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lazyload.min.js Show response
sickkidslottery.ca/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/ 5 KB
2 KB 310ms
308ms Script
application/javascript 35.182.67.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sickkidslottery.ca/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/lazyload.min.js

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.182.67.179 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-182-67-179.ca-central-1.compute.amazonaws.com

Software

nginx/1.14.0 /

Resource Hash

1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:31 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sun, 16 Feb 2020 21:46:10 GMT
server: nginx/1.14.0
etag: W/"5e49b822-15d1"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-emoji-release.min.js Show response
sickkidslottery.ca/wp-includes/js/ 14 KB
5 KB 111ms
111ms Script
application/javascript 35.182.67.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sickkidslottery.ca/wp-includes/js/wp-emoji-release.min.js?ver=5.3

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.182.67.179 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-182-67-179.ca-central-1.compute.amazonaws.com

Software

nginx/1.14.0 /

Resource Hash

1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:32 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sun, 16 Feb 2020 21:44:55 GMT
server: nginx/1.14.0
etag: W/"5e49b7d7-362a"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5158
date: Tue, 18 Feb 2020 14:34:34 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17168
expires: Tue, 18 Feb 2020 16:34:34 GMT

GET
H2 200 hotjar-1570142.js Show response
static.hotjar.com/c/ 4 KB
2 KB 110ms
110ms Script
application/javascript 147.75.84.39
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1570142.js?sv=6

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.84.39 Parsippany, United States, ASN54825 (PACKET, US),

Reverse DNS

Software

Resource Hash

4e2293467d8fe409f93be59058b821f4c4bfc047c96a45b7b1c3af8d1269b86e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 0
status: 200
access-control-max-age: 600
section-io-cache: Miss
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/aa0b4dbbabd1d94ff42a0ebd3a767e9b
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.090
accept-ranges: bytes
section-io-id: 7d1fd9c0f49458a70cf3f74de580e3fe
section-origin-responded: true

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 373 KB
58 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8fa6f5773f9e5e191c8494ba3a040044776d05530e7134686f1ea9335dde92f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:32 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59450
x-xss-protection: 0
last-modified: Tue, 18 Feb 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 Feb 2020 16:00:32 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame DA60 0
0 61ms
60ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fsickkidslottery&width=63&layout=button&action=like&size=large&show_faces=false&share=false&height=65&appId=594039681119388

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fsickkidslottery&width=63&layout=button&action=like&size=large&show_faces=false&share=false&height=65&appId=594039681119388
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://sickkidslottery.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://sickkidslottery.ca/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
vary: Accept-Encoding
x-content-type-options: nosniff
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: 8YOmVWfhdIo13o6KY3nkhShH94BrqLJkjp4E+gz0M1RpCVP8JWmUnqZPX2US3z3GHefTMBdqLpTifvAw0VLCYg==
date: Tue, 18 Feb 2020 16:00:32 GMT Tue, 18 Feb 2020 16:00:32 GMT
alt-svc: h3-24=":443"; ma=3600

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfcf01fbe2dd759fcac2cda335bc022fe616353fc2b3a1c6aab3d103910538de

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700
Origin: https://sickkidslottery.ca
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 10:26:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 2266470
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13612
x-xss-protection: 0
expires: Fri, 22 Jan 2021 10:26:02 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.8.2/webfonts/ 73 KB
73 KB 27ms
27ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.2/webfonts/fa-brands-400.woff2
Requested by: Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169

Request headers

Referer: https://use.fontawesome.com/releases/v5.8.2/css/all.css
Origin: https://sickkidslottery.ca
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Feb 2020 16:00:32 GMT
last-modified: Tue, 07 May 2019 16:50:49 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "9f4ce3dc689981a1b87faab0f5484f9e"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 74656

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700
Origin: https://sickkidslottery.ca
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 10:08:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
server: sffe
age: 2267531
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13708
x-xss-protection: 0
expires: Fri, 22 Jan 2021 10:08:21 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WdhyyTh89ZNpQ.woff2
fonts.gstatic.com/s/montserrat/v14/ 11 KB
12 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WdhyyTh89ZNpQ.woff2

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eb48c413427765058e001d0c562f2cf4d9341a663e155db8b63e864e9372997

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700
Origin: https://sickkidslottery.ca
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 21:29:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:43 GMT
server: sffe
age: 1535449
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11712
x-xss-protection: 0
expires: Sat, 30 Jan 2021 21:29:43 GMT

GET
H2 200 l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 33 KB
33 KB 74ms
30ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/xnn6ikc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c

Request headers

Referer: https://sickkidslottery.ca/
Origin: https://sickkidslottery.ca
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Feb 2020 16:00:32 GMT
server: nginx
access-control-allow-origin: *
etag: "a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 33656

GET
H2 200 l
use.typekit.net/af/86b539/00000000000000003b9b093a/27/ 34 KB
35 KB 94ms
51ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/86b539/00000000000000003b9b093a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/xnn6ikc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9191236609651784e259092183314fe28193d10e100e8a736cab8b84fbda8665

Request headers

Referer: https://sickkidslottery.ca/
Origin: https://sickkidslottery.ca
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Feb 2020 16:00:32 GMT
server: nginx
access-control-allow-origin: *
etag: "7419d3e31dff61919238b7104d975fb9f66eb724"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 35128

GET
H2 200 l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 32 KB
32 KB 110ms
67ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/xnn6ikc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9

Request headers

Referer: https://sickkidslottery.ca/
Origin: https://sickkidslottery.ca
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Feb 2020 16:00:32 GMT
server: nginx
access-control-allow-origin: *
etag: "852dacc5cd2685c187708b882b28635465e17bd0"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 32688

GET
H2 200 l
use.typekit.net/af/6aec08/00000000000000003b9b0935/27/ 34 KB
34 KB 103ms
61ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6aec08/00000000000000003b9b0935/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/xnn6ikc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9911551bfac483efeaad5d4f502eaf6796e61f1776eaeac37e937104e47ec84f

Request headers

Referer: https://sickkidslottery.ca/
Origin: https://sickkidslottery.ca
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Feb 2020 16:00:32 GMT
server: nginx
access-control-allow-origin: *
etag: "98ea2e3888e90196090ca6bc7ddc5345e1871a7a"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 34376

GET
H2 410 6832.js
script.crazyegg.com/pages/scripts/0022/ 0
0 11ms
11ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0022/6832.js?439456
Requested by: Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:32 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Feb 2020 21:15:00 GMT
server: cloudflare
age: 67532
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 410
cache-control: max-age=86400
cf-ray: 567136ec6f580ebb-FRA
content-length: 0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1268094104&utmhn=sickkidslottery.ca&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=S...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-38634201-2&cid=1604849680.1582041633&jid=1438348448&_v=5.7.2&z=1268094104
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38634201-2&cid=1604849680.1582041633&jid=1438348448&_v=5.7.2&z=1268094104
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38634201-2&cid=1604849680.1582041633&jid=1438348448&_v=5.7.2&z=1268094104&slf_rd=1&random=3007484779

42 B
109 B

17ms
16ms

Image
image/gif

2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38634201-2&cid=1604849680.1582041633&jid=1438348448&_v=5.7.2&z=1268094104&slf_rd=1&random=3007484779

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Feb 2020 16:00:32 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Feb 2020 16:00:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38634201-2&cid=1604849680.1582041633&jid=1438348448&_v=5.7.2&z=1268094104&slf_rd=1&random=3007484779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK skl_logo_vip.png
s3-ca-central-1.amazonaws.com/skl-media/19/ 18 KB
18 KB 485ms
127ms Image
image/png 52.95.145.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ca-central-1.amazonaws.com/skl-media/19/skl_logo_vip.png
Requested by: Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.145.84 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 69e2b02738f0eb869d79d462ef6a78011a96475183fd560a00f24b11ac20e2f9

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 18 Feb 2020 16:00:34 GMT
Last-Modified: Sat, 11 May 2019 15:17:24 GMT
Server: AmazonS3
x-amz-request-id: C30D27A4514DC077
ETag: "2c02379f4d55e596c153c6d839e7cb68"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 17939
x-amz-id-2: 66535e0gLlpieI+SDp6IOcMjbuX7zM/5InttqEK/nQljJPGd5bB3GQ2h/g1KQAqqYulME39QyW4=

GET
H/1.1 200
OK skl_header_1in2.png
s3-ca-central-1.amazonaws.com/skl-media/19/ 86 KB
86 KB 700ms
118ms Image
image/png 52.95.145.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ca-central-1.amazonaws.com/skl-media/19/skl_header_1in2.png
Requested by: Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.145.84 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 41f2b9887955a0d5d4c18272d9b4f9b733dd5910cb5cbf998b2f9b90871cb8dc

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 18 Feb 2020 16:00:34 GMT
Last-Modified: Sat, 11 May 2019 19:03:04 GMT
Server: AmazonS3
x-amz-request-id: D0A56F52DB8F11E1
ETag: "594c73a0c771584aff399ef9a2f27cc0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 88168
x-amz-id-2: DEUcM+ehUA1jA6OUT4jEaaL1Q3evJk6R9VddHqoP2jkPDuWs0IkwVK+QdOgE1kS77/CAg25jfWw=

GET
H/1.1 200
OK hero_eliza.jpg
s3-ca-central-1.amazonaws.com/skl-media/19-2/ 116 KB
116 KB 927ms
117ms Image
image/jpeg 52.95.145.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ca-central-1.amazonaws.com/skl-media/19-2/hero_eliza.jpg
Requested by: Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.145.84 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8558c2dd51aee3660f875d4a183fd1670118370b8f6a2fd48d0ebec783262f16

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 18 Feb 2020 16:00:34 GMT
Last-Modified: Thu, 21 Nov 2019 02:27:06 GMT
Server: AmazonS3
x-amz-request-id: 77F9259A5C8E33D5
ETag: "2fc2b02ae53a1d3799fa0944387bd7c3"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 118468
x-amz-id-2: KZdpsEYMFTsvBi/9i0ApwDpuZqg343/yZUW3kLsiKOqgLEVCmal12O/u5Uga6a6Tcn5EvGNs6TE=

GET
H/1.1 200
OK home_1000000_1140p.jpg
s3-ca-central-1.amazonaws.com/skl-media/19-2/ 1 MB
1 MB 1141ms
116ms Image
image/jpeg 52.95.145.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ca-central-1.amazonaws.com/skl-media/19-2/home_1000000_1140p.jpg
Requested by: Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.145.84 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 69da38bee70c5477fae020bfd3cd770a622182d0206ea38cc54057b98fbdf2b0

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 18 Feb 2020 16:00:34 GMT
Last-Modified: Sat, 16 Nov 2019 18:58:10 GMT
Server: AmazonS3
x-amz-request-id: 2AA2BF0542DC33C5
ETag: "1d86f9f392190ee03e6cf6f100fa49bb"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 1055935
x-amz-id-2: 1uOReSiF8BDaPm0a3urQLd+eVRkmfBZBMv8aKuaAs66PKRwg12Jt1ACIEmcTbLRTHGXQdVS1fzw=

GET
H/1.1 200
OK 5050_MAIN_1140p_900.jpg
s3-ca-central-1.amazonaws.com/skl-media/19-2/ 575 KB
575 KB 1457ms
116ms Image
image/jpeg 52.95.145.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ca-central-1.amazonaws.com/skl-media/19-2/5050_MAIN_1140p_900.jpg
Requested by: Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.145.84 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2e466a678be2f1c341ae97c5538dcd92d2d93499c203257d8c6408b61fa08309

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 18 Feb 2020 16:00:35 GMT
Last-Modified: Fri, 14 Feb 2020 19:06:07 GMT
Server: AmazonS3
x-amz-request-id: 47AB8999C6E89B38
ETag: "e8f178489ae7d03f51b152278062facc"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 588552
x-amz-id-2: zn+DZPPrfoyPunZT0TZ/Vtsl/BcaAHuxw3NjkS1wOmTY+1FuNq3PHgWE6ypn7TdKeRK9GgPeJBY=

GET
H/1.1 200
OK calendar_main_1140p.jpg
s3-ca-central-1.amazonaws.com/skl-media/19-2/ 994 KB
994 KB 1505ms
124ms Image
image/jpeg 52.95.145.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ca-central-1.amazonaws.com/skl-media/19-2/calendar_main_1140p.jpg
Requested by: Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.145.84 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 54c83eb771b231259656c8bbc60ddcfd208ac678d84f004707a75b780fb7199a

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 18 Feb 2020 16:00:35 GMT
Last-Modified: Sat, 16 Nov 2019 18:27:11 GMT
Server: AmazonS3
x-amz-request-id: 589D87E60E41D0AB
ETag: "9a193fc057b11c8c348c1b29127f51a2"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 1017530
x-amz-id-2: GICEjgxtv+o2U/VAaE5r/9rxthuT0U9nOP5nbUsWeQB+YU4DPL+7MV5aos0n4imtYIBrbDvUxXE=

GET
H/1.1 200
OK home_video_rep_tile_family.jpg
s3-ca-central-1.amazonaws.com/skl-media/19-2/ 762 KB
763 KB 1001ms
117ms Image
image/jpeg 52.95.145.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ca-central-1.amazonaws.com/skl-media/19-2/home_video_rep_tile_family.jpg
Requested by: Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.145.84 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d348dce29d01b3425e46b2a92f42a13189cb9c4cf4a7b94eb9726cb8fd564026

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 18 Feb 2020 16:00:35 GMT
Last-Modified: Thu, 21 Nov 2019 18:17:02 GMT
Server: AmazonS3
x-amz-request-id: 97944D756F24BABC
ETag: "70251ee00431b361680cad55d81ce2cf"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 780569
x-amz-id-2: ktubrm+cDd1kz34/Z7g+jN72RinSIB0Ps9rvGGNZ50gz0XsCZ9tvkWcwR0zsh3+d22ufbBNjLJ0=

GET
H/1.1 200
OK home_causestats_570.jpg
s3-ca-central-1.amazonaws.com/skl-media/19-2/ 530 KB
530 KB 901ms
117ms Image
image/jpeg 52.95.145.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ca-central-1.amazonaws.com/skl-media/19-2/home_causestats_570.jpg
Requested by: Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.145.84 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.ca-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 34da87e86be5ff63a31b82df9b9a06fbcf5bdf700ac0fbde03181de794f004ea

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 18 Feb 2020 16:00:35 GMT
Last-Modified: Sat, 16 Nov 2019 18:27:16 GMT
Server: AmazonS3
x-amz-request-id: CFDE14F2D7AABC43
ETag: "a7dbe36fc3a49f33d8d2f3ff28571fc9"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 542562
x-amz-id-2: UEjvRq+cs4VN5qNe3obk2Jn32RTbVts6mdMwXtGZhwFGSha9SO3jKz2k5UjREWO5hKVSip9Domo=

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 32ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:32 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 21:01:31 GMT
x-msedge-ref: Ref A: 0329771158864FDAB354ABF99C800669 Ref B: FRAEDGE1114 Ref C: 2020-02-18T16:00:32Z
access-control-allow-origin: *
etag: "8087c39c79d8d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7295

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 20ms
20ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:32 GMT
content-encoding: gzip
age: 28010
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-hhn4058-HHN
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1582041633.774423,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5220
date: Tue, 18 Feb 2020 14:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Tue, 18 Feb 2020 16:33:32 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: uPjW9xuhCICaT1u9777VRf6mkKMG4HPTU2nm5ZG7QivJdII+N5VEccNtQyo+UwH0oglIuHiDxZmUxo8G8Q7svA==
x-fb-trip-id: 1850256238
date: Tue, 18 Feb 2020 16:00:32 GMT, Tue, 18 Feb 2020 16:00:32 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-880455918

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4bab788d344c558d493a9fa9f6671a71e74eaf73ff2ce05a01d19223544614f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:32 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28494
x-xss-protection: 0
last-modified: Tue, 18 Feb 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 Feb 2020 16:00:32 GMT

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
260 B 361ms
36ms Image
image/gif 46.51.196.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=tkox4xf&ct=0:h5zomvk&fmt=3
Requested by: Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.196.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-196-250.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
pragma: no-cache
date: Tue, 18 Feb 2020 16:00:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type: image/gif

GET
H2 200 modules.596dab810ace883b4ea8.js Show response
script.hotjar.com/ 401 KB
70 KB 19ms
19ms Script
application/javascript 147.75.100.245
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.596dab810ace883b4ea8.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1570142.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.100.245 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress15
Software: /
Resource Hash: ae78faf57ed6ec829302f07f0d08dc098753be9301aadd1abf3223004e29a9d1

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:32 GMT
content-encoding: br
content-type: application/javascript
age: 100831
status: 200
section-io-cache: Hit
content-length: 71359
last-modified: Mon, 17 Feb 2020 11:56:54 GMT
etag: "c47baa1d075e1a122279fdf4b866c845"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.027
accept-ranges: bytes
section-io-id: cb564bf7a4e5f22760723e18cb4538cf
section-origin-responded: true

GET
H2 200 collect
www.google-analytics.com/ 35 B
108 B 6ms
5ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1383160066&t=pageview&_s=1&dl=https%3A%2F%2Fsickkidslottery.ca%2F&ul=en-us&de=UTF-8&dt=SickKids%20Lottery%20Home&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_utma=125677448.1604849680.1582041633.1582041633.1582041633.1&_utmz=125677448.1582041633.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1582041632807&_u=YSBCgEAB~&jid=1534176278&gjid=1298161955&cid=1604849680.1582041633&tid=UA-66351416-1&_gid=193959019.1582041633&gtm=2wg250NJ4P25&z=630657456

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 20:27:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1193595
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-66351416-1&cid=1604849680.1582041633&jid=1534176278&gjid=1298161955&_gid=193959019.1582041633&_u=YSBCgEAB~&z=379088129
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66351416-1&cid=1604849680.1582041633&jid=1534176278&_v=j81&z=379088129
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66351416-1&cid=1604849680.1582041633&jid=1534176278&_v=j81&z=379088129&slf_rd=1&random=3466598652

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66351416-1&cid=1604849680.1582041633&jid=1534176278&_v=j81&z=379088129&slf_rd=1&random=3466598652

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Feb 2020 16:00:32 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Feb 2020 16:00:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-66351416-1&cid=1604849680.1582041633&jid=1534176278&_v=j81&z=379088129&slf_rd=1&random=3466598652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 250085185187976 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 77ms
77ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/250085185187976?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90e738f78c044882cdada0f6f22e33b4e9e7502bf5a01044b9bcd0a5f1b81867

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: O01GbL7QP94EHOShI59l46d8XLjrhNoooZfP1elJw6IQZSVcGquIbB74XxShnsWpv7w8IsJwnZswwFesZB2gEg==
x-fb-trip-id: 1850256238
date: Tue, 18 Feb 2020 16:00:32 GMT, Tue, 18 Feb 2020 16:00:32 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
171 B 132ms
131ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxw6l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 18 Feb 2020 16:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 0
x-response-time: 110
pragma: no-cache
last-modified: Tue, 18 Feb 2020 16:00:32 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c28c9d5bcdd173bda52920fac2066baf
x-transaction: 00fd4d3e004588d4
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK p.gif
p.typekit.net/ 35 B
367 B 6ms
6ms Image
image/gif 2a02:26f0:64:4bb::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=xnn6ikc&ht=tk&h=sickkidslottery.ca&f=139.140.175.176&a=2043803&js=1.19.2&app=typekit&e=js&_=1582041632830
Requested by: Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64:4bb::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 18 Feb 2020 16:00:32 GMT
Last-Modified: Mon, 04 Feb 2019 21:29:14 GMT
Server: nginx
ETag: "5c58aeaa-23"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
Expires: Tue, 17 Sep 2019 11:40:18 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 5B4C 0
0 19ms
19ms Document
text/html 147.75.102.239
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1570142.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.239 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress2
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://sickkidslottery.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://sickkidslottery.ca/

Response headers

status: 200
date: Tue, 18 Feb 2020 16:00:32 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 29 Jan 2020 12:33:12 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.025
section-origin-responded: true
age: 1740254
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 7c047c95e03eb307b96d21e984a8f674

GET
H2 204 0
bat.bing.com/action/ 0
93 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5435606&Ver=2&mid=8ef47f36-703e-25a8-823b-24f91377eda0&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=SickKids%20Lottery%20Home&p=https%3A%2F%2Fsickkidslottery.ca%2F&r=&lt=2193&evt=pageLoad&msclkid=N&rn=278271
Requested by: Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Tue, 18 Feb 2020 16:00:32 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: CF31DB9899B74D5DBC0BB6C267A4397A Ref B: FRAEDGE1114 Ref C: 2020-02-18T16:00:32Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 32ms
32ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-880455918

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9931
x-xss-protection: 0
server: cafe
etag: 8273558640064030436
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Feb 2020 16:00:32 GMT

GET
H2 200 1728472720702530 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1728472720702530?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

db4d64c9a89cf4b87016794f3681ec9a13d11254b8442e1e9b45757583af2404

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 114963
x-xss-protection: 0
pragma: public
x-fb-debug: Z+CK05Oh1Q55YzG1ubturnddyJgxPAs/IB5t/rplsqarfYUj9vd81M5qHuF1xs3dm7u8EQ5+NW2OmwWASekyig==
x-fb-trip-id: 1850256238
date: Tue, 18 Feb 2020 16:00:32 GMT, Tue, 18 Feb 2020 16:00:32 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
233 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=250085185187976&ev=PageView&dl=https%3A%2F%2Fsickkidslottery.ca%2F&rl=&if=false&ts=1582041632931&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1582041632930.2133554735&it=1582041632826&coo=false&rqm=GET

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 18 Feb 2020 16:00:32 GMT, Tue, 18 Feb 2020 16:00:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 18 Feb 2020 16:00:32 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/880455918/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/880455918/?random=1582041632945&cv=9&fst=1582041632945&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa250&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsickkidslottery.ca%2F&tiba=SickKids%20Lottery%20Home&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61f369d2c31bf8330fa70fc5da62a265f2961cfa256d0c04bb830ceec33c9664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Tue, 18 Feb 2020 16:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1021
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2221960961415648 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 68ms
66ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2221960961415648?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9fc6931fa5e1086cf60236cb829c3499ed776361d254cced4a09b8e7e18c565f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: eoil0BTRTWWNepA7J3bDXKuNtDX/fjG1rJLnYdFiAwAtig9kgLXDEmXzBitJIOu1Bss7KPsO7jC1rHBVj2Pzxw==
x-fb-trip-id: 1850256238
date: Tue, 18 Feb 2020 16:00:33 GMT, Tue, 18 Feb 2020 16:00:33 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
111 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1728472720702530&ev=PageView&dl=https%3A%2F%2Fsickkidslottery.ca%2F&rl=&if=false&ts=1582041632963&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1582041632930.2133554735&it=1582041632826&coo=false&rqm=GET

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 18 Feb 2020 16:00:32 GMT, Tue, 18 Feb 2020 16:00:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 18 Feb 2020 16:00:32 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/880455918/ 42 B
110 B 23ms
23ms Image
image/gif 2001:4860:4802:32::75
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/880455918/?random=1582041632945&cv=9&fst=1582041600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa250&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsickkidslottery.ca%2F&tiba=SickKids%20Lottery%20Home&async=1&fmt=3&is_vtc=1&random=1148168336&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::75 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 18 Feb 2020 16:00:32 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/880455918/ 42 B
110 B 20ms
19ms Image
image/gif 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/880455918/?random=1582041632945&cv=9&fst=1582041600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa250&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsickkidslottery.ca%2F&tiba=SickKids%20Lottery%20Home&async=1&fmt=3&is_vtc=1&random=1148168336&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 18 Feb 2020 16:00:32 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
157 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2221960961415648&ev=PageView&dl=https%3A%2F%2Fsickkidslottery.ca%2F&rl=&if=false&ts=1582041633051&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1582041632930.2133554735&it=1582041632826&coo=false&rqm=GET

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 18 Feb 2020 16:00:33 GMT, Tue, 18 Feb 2020 16:00:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 18 Feb 2020 16:00:33 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
111 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=250085185187976&ev=Microdata&dl=https%3A%2F%2Fsickkidslottery.ca%2F&rl=&if=false&ts=1582041633433&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SickKids%20Lottery%20Home%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fsickkidslottery.ca%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22SickKids%20Lottery%20%22%2C%22og%3Adescription%22%3A%22Order%20SickKids%20Lottery%20tickets%20to%20support%20kids%20like%20Eliza.%20It%27s%20your%20chance%20to%20win%20%241M!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fskl-media.s3.amazonaws.com%2F19-2%2Fsickkids_lottery_eliza_02.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1582041632930.2133554735&it=1582041632826&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 18 Feb 2020 16:00:33 GMT, Tue, 18 Feb 2020 16:00:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 18 Feb 2020 16:00:33 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
111 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1728472720702530&ev=Microdata&dl=https%3A%2F%2Fsickkidslottery.ca%2F&rl=&if=false&ts=1582041633464&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SickKids%20Lottery%20Home%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fsickkidslottery.ca%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22SickKids%20Lottery%20%22%2C%22og%3Adescription%22%3A%22Order%20SickKids%20Lottery%20tickets%20to%20support%20kids%20like%20Eliza.%20It%27s%20your%20chance%20to%20win%20%241M!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fskl-media.s3.amazonaws.com%2F19-2%2Fsickkids_lottery_eliza_02.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1582041632930.2133554735&it=1582041632826&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 18 Feb 2020 16:00:33 GMT, Tue, 18 Feb 2020 16:00:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 18 Feb 2020 16:00:33 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
111 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2221960961415648&ev=Microdata&dl=https%3A%2F%2Fsickkidslottery.ca%2F&rl=&if=false&ts=1582041633552&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SickKids%20Lottery%20Home%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fsickkidslottery.ca%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22SickKids%20Lottery%20%22%2C%22og%3Adescription%22%3A%22Order%20SickKids%20Lottery%20tickets%20to%20support%20kids%20like%20Eliza.%20It%27s%20your%20chance%20to%20win%20%241M!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fskl-media.s3.amazonaws.com%2F19-2%2Fsickkids_lottery_eliza_02.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1582041632930.2133554735&it=1582041632826&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: sickkidslottery.ca
URL: https://sickkidslottery.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 18 Feb 2020 16:00:33 GMT, Tue, 18 Feb 2020 16:00:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 18 Feb 2020 16:00:33 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
283 B 139ms
135ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxw6l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fsickkidslottery.ca%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sickkidslottery.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 16:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Tue, 18 Feb 2020 16:00:34 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 52bfdfa1b41a92be6f7d3371578f9466
x-transaction: 003223cb000a1a72
expires: Tue, 31 Mar 1981 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://sickkidslottery.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
bat.bing.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
p.typekit.net
s3-ca-central-1.amazonaws.com
script.crazyegg.com
script.hotjar.com
sickkidslottery.ca
skl-media.s3.amazonaws.com
ssl.google-analytics.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
use.fontawesome.com
use.typekit.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.244.42.131
104.244.42.69
147.75.100.245
147.75.102.239
147.75.84.39
151.101.112.157
172.217.18.2
2001:4860:4802:32::75
23.111.9.35
2606:4700::6813:9308
2620:1ec:c11::200
2a00:1450:4001:80b::200e
2a00:1450:4001:817::2008
2a00:1450:4001:819::2003
2a00:1450:4001:81b::2002
2a00:1450:4001:81b::2008
2a00:1450:4001:81e::200a
2a00:1450:4001:820::2003
2a00:1450:400c:c00::9d
2a02:26f0:64:4bb::19fd
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.182.67.179
46.51.196.250
52.95.145.84
52.95.147.33
95.100.67.47
00838395cd8b377d7164786319e394a09e9002e048ecb8651c1d7ba94b2d65a0
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
0668bc4d07ba50856d7a517a9fa476ab97f792057b388e2f58c9563bb5e38f64
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c
2ca5463e7d264f8134b9a53498a2ba27bc51a620aff1922be0864084bb741ccc
2e466a678be2f1c341ae97c5538dcd92d2d93499c203257d8c6408b61fa08309
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
34da87e86be5ff63a31b82df9b9a06fbcf5bdf700ac0fbde03181de794f004ea
41f2b9887955a0d5d4c18272d9b4f9b733dd5910cb5cbf998b2f9b90871cb8dc
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4bab788d344c558d493a9fa9f6671a71e74eaf73ff2ce05a01d19223544614f2
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4e2293467d8fe409f93be59058b821f4c4bfc047c96a45b7b1c3af8d1269b86e
54c83eb771b231259656c8bbc60ddcfd208ac678d84f004707a75b780fb7199a
57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5eb48c413427765058e001d0c562f2cf4d9341a663e155db8b63e864e9372997
61f369d2c31bf8330fa70fc5da62a265f2961cfa256d0c04bb830ceec33c9664
69da38bee70c5477fae020bfd3cd770a622182d0206ea38cc54057b98fbdf2b0
69e2b02738f0eb869d79d462ef6a78011a96475183fd560a00f24b11ac20e2f9
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8558c2dd51aee3660f875d4a183fd1670118370b8f6a2fd48d0ebec783262f16
87d901eb13df0f5f129d8ef8ddc133c6b8d16145a34ccd908ee766cad16c3d4c
89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90e738f78c044882cdada0f6f22e33b4e9e7502bf5a01044b9bcd0a5f1b81867
9191236609651784e259092183314fe28193d10e100e8a736cab8b84fbda8665
973494a60f2bb02a940398fc5d4208f3832322f3550611b32cbbb3f9a303b6d9
9911551bfac483efeaad5d4f502eaf6796e61f1776eaeac37e937104e47ec84f
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9fc6931fa5e1086cf60236cb829c3499ed776361d254cced4a09b8e7e18c565f
a3bdd93912d72c41506b0f6d266a5e66c7cd8959680dea0e6516757637559c24
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae78faf57ed6ec829302f07f0d08dc098753be9301aadd1abf3223004e29a9d1
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
cb164053905c239a5ce3ed64be6ad236fc8162b018d086dcb394265a2b19e04f
ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9
cfcf01fbe2dd759fcac2cda335bc022fe616353fc2b3a1c6aab3d103910538de
d348dce29d01b3425e46b2a92f42a13189cb9c4cf4a7b94eb9726cb8fd564026
d57d9870855ff948571078cb4b3ad57c3b9eab02c928586f69715f85fe0a889e
d8fa6f5773f9e5e191c8494ba3a040044776d05530e7134686f1ea9335dde92f
d93e854f26f6c8c4a855ff7ceaebf7c5d28d483d16db587a06577f50eb832e44
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
db4d64c9a89cf4b87016794f3681ec9a13d11254b8442e1e9b45757583af2404
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfe2da91bfd22c00bf44cd598594832f5937b92bd91c53677d16f892f41f474c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4273399cc0bc22e58b35f9f79fdf2705a39ddf4ad918ce852f2624e271d8248
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7b2ec41b874e3aee52f8bb0511b74ba9484b7147e777586372b7cd881cd3b26
fac9b80bcb964e36709b935b792b34362199467fa97d112569630cae3ca3136b

sickkidslottery.ca Open in urlscan Pro 35.182.67.179 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

100 %HTTPS

52 %IPv6

21 Domains

27 Subdomains

27 IPs

7 Countries

5167 kBTransfer

7264 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sickkidslottery.ca Open in urlscan Pro
35.182.67.179 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

100 %
HTTPS

52 %
IPv6

21
Domains

27
Subdomains

27
IPs

7
Countries

5167 kB
Transfer

7264 kB
Size

0
Cookies

70 HTTP transactions
2 data transactions