urlscan.io logo urlscan.io
SecurityTrails logo

give.nationwidechildrens.org Open in urlscan Pro
74.123.154.117  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://give.nationwidechildrens.org/site/R?i=GzZWo8MN1byWWb_lHII8OnNHW7VZAYCPgeZZI869Thd5v0P9sAPTBg
Effective URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Submission: On February 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 4 countries across 21 domains to perform 61 HTTP transactions. The main IP is 74.123.154.117, located in United States and belongs to BLACKBAUD-ASN, US. The main domain is give.nationwidechildrens.org.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 6th 2023. Valid for: a year.
This is the only time give.nationwidechildrens.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 74.123.154.117 15148 (BLACKBAUD...)
3 2a00:1450:400... 15169 (GOOGLE)
5 69.24.144.75 19600 (NCH-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 98.98.134.243 21859 (ZEN-ECN)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
1 151.101.64.65 54113 (FASTLY)
5 8 52.213.93.251 16509 (AMAZON-02)
1 104.244.42.195 13414 (TWITTER)
1 3.75.62.37 16509 (AMAZON-02)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 1 142.250.186.34 15169 (GOOGLE)
1 2 185.89.210.46 29990 (ASN-APPNEX)
61 24
12    74.123.154.117 (United States)

ASN15148 (BLACKBAUD-ASN, US)
PTR: cluster3.convio.net
give.nationwidechildrens.org
3    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    69.24.144.75 (Columbus, United States)

ASN19600 (NCH-AS, US)
PTR: www.nationwidechildrens.org
www.nationwidechildrens.org
3    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
5    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel.sitescout.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    151.101.64.65 (United States)

ASN54113 (FASTLY, US)
tag.marinsm.com
8    52.213.93.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-93-251.eu-west-1.compute.amazonaws.com
pixel-geo.prfct.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
2    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
Apex Domain
Subdomains		 Transfer
17 nationwidechildrens.org
give.nationwidechildrens.org
www.nationwidechildrens.org — Cisco Umbrella Rank: 175770
629 KB
8 prfct.co
pixel-geo.prfct.co — Cisco Umbrella Rank: 19611
3 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
6 KB
5 gstatic.com
fonts.gstatic.com
81 KB
5 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 570
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2029
39 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 6518
778 B
4 google.com
www.google.com — Cisco Umbrella Rank: 2
865 B
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369
fonts.googleapis.com — Cisco Umbrella Rank: 28
129 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 376
14 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
254 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 490
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
73 KB
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 524
264 B
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
125 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 789
395 B
1 marinsm.com
tag.marinsm.com — Cisco Umbrella Rank: 48826
5 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3086
267 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
2 KB
0 rubiconproject.com Failed
pixel.rubiconproject.com Failed
0 nch.bz Failed
nch.bz Failed
61 21
Domain Requested by
12 give.nationwidechildrens.org 1 redirects give.nationwidechildrens.org
8 pixel-geo.prfct.co 5 redirects give.nationwidechildrens.org
5 fonts.gstatic.com fonts.googleapis.com
5 www.nationwidechildrens.org give.nationwidechildrens.org
www.nationwidechildrens.org
4 www.google.de give.nationwidechildrens.org
4 www.google.com 1 redirects give.nationwidechildrens.org
3 bat.bing.com www.googletagmanager.com
bat.bing.com
give.nationwidechildrens.org
3 googleads.g.doubleclick.net www.googletagmanager.com
3 ajax.googleapis.com give.nationwidechildrens.org
3 www.googletagmanager.com give.nationwidechildrens.org
www.google-analytics.com
2 secure.adnxs.com 1 redirects give.nationwidechildrens.org
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 ssl.google-analytics.com 1 redirects give.nationwidechildrens.org
2 connect.facebook.net give.nationwidechildrens.org
connect.facebook.net
1 cm.g.doubleclick.net 1 redirects
1 us-u.openx.net give.nationwidechildrens.org
1 ups.analytics.yahoo.com give.nationwidechildrens.org
1 analytics.twitter.com give.nationwidechildrens.org
1 tag.marinsm.com give.nationwidechildrens.org
1 region1.google-analytics.com www.googletagmanager.com
1 www.facebook.com give.nationwidechildrens.org
1 pixel.sitescout.com give.nationwidechildrens.org
1 stats.g.doubleclick.net 1 redirects
1 fonts.googleapis.com www.nationwidechildrens.org
1 cdnjs.cloudflare.com give.nationwidechildrens.org
0 pixel.rubiconproject.com Failed give.nationwidechildrens.org
0 nch.bz Failed give.nationwidechildrens.org
61 27
Subject Issuer Validity Valid
give.nationwidechildrens.org
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-06 -
2024-06-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
www.nationwidechildrens.org
Entrust Certification Authority - L1K		 2023-05-13 -
2024-06-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-10 -
2024-02-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-01-21 -
2024-06-27		 5 months crt.sh
*.sitescout.com
GeoTrust TLS RSA CA G1		 2024-01-15 -
2025-02-01		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
tag.marinsm.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-07-01 -
2024-08-01		 a year crt.sh
*.prfct.co
GlobalSign RSA OV SSL CA 2018		 2023-10-31 -
2024-12-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Frame ID: 6CBEF1498EC39A3CCD252E34C72318B4
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nationwide Children's Hospital:: Butterfly Guild of Nationwide Children's Hospital hosts Beauty and the Beast - Giving :: Nationwide Children's Hospital

Page URL History Show full URLs

  1. https://give.nationwidechildrens.org/site/R?i=GzZWo8MN1byWWb_lHII8OnNHW7VZAYCPgeZZI869Thd5v0P9sAPTBg HTTP 302
    https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js/convio/modules\.js
Overall confidence: 100%
Detected patterns
  • <(?:iframe|img)[^>]+adnxs\.(?:net|com)
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • (?:/yui/|yui\.yahooapis\.com)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

61
Requests

84 %
HTTPS

60 %
IPv6

21
Domains

27
Subdomains

24
IPs

4
Countries

1232 kB
Transfer

3355 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://give.nationwidechildrens.org/site/R?i=GzZWo8MN1byWWb_lHII8OnNHW7VZAYCPgeZZI869Thd5v0P9sAPTBg HTTP 302
    https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=241426526&utmhn=give.nationwidechildrens.org&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Nationwide%20Children%27s%20Hospital%3A%3A%20Butterfly%20Guild%20of%20Nationwide%20Children%27s%20Hospital%20hosts%20Beauty%20and%20the%20Beast%20-%20Giving%20%3A%3A%20Nationwide%20Children%27s%20Hospital&utmhid=1629588778&utmr=-&utmp=%2Fsite%2FSPageNavigator%2FEvent%252520Pages%2FButterflyGuildPlay.html&utmht=1706808734458&utmac=UA-19440175-1&utmcc=__utma%3D1.584863952.1706808734.1706808734.1706808734.1%3B%2B__utmz%3D1.1706808734.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1073925141&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-19440175-1&cid=584863952.1706808734&jid=1073925141&_v=5.7.2&z=241426526 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-19440175-1&cid=584863952.1706808734&jid=1073925141&_v=5.7.2&z=241426526 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-19440175-1&cid=584863952.1706808734&jid=1073925141&_v=5.7.2&z=241426526&slf_rd=1&random=3492929356
Request Chain 51
  • https://pixel-geo.prfct.co/tagjs?a_id=74163&source=js_tag HTTP 302
  • https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=74163&source=js_tag
Request Chain 52
  • https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
  • https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_pnpYfOzD8a3VX7s4f
Request Chain 53
  • https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
  • https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_pnpYfOzD8a3VX7s4f&_origin=1
Request Chain 54
  • https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_pnpYfOzD8a3VX7s4f
Request Chain 55
  • https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_pnpYfOzD8a3VX7s4f
Request Chain 56
  • https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfcG5wWWZPekQ4YTNWWDdzNGY HTTP 302
  • https://pixel-geo.prfct.co/cb?partnerId=goo
Request Chain 58
  • https://secure.adnxs.com/seg?t=2&add=9030655 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D9030655

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ButterflyGuildPlay.html
give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/
Redirect Chain
  • https://give.nationwidechildrens.org/site/R?i=GzZWo8MN1byWWb_lHII8OnNHW7VZAYCPgeZZI869Thd5v0P9sAPTBg
  • https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
45 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.117 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
821d90393e13d4cd40a44837d967813a51e6c1803382197bc3aff647050af8a6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri https://give.nationwidechildrens.org/site/XFrameViolation
X-Content-Type-Options nosniff
X-Frame-Options allow-from 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri https://give.nationwidechildrens.org/site/XFrameViolation
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 01 Feb 2024 17:32:12 GMT
Keep-Alive
timeout=15, max=347
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
allow-from 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com

Redirect headers

Cache-Control
no-store
Connection
Keep-Alive
Content-Length
0
Content-Security-Policy
frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri https://give.nationwidechildrens.org/site/XFrameViolation
Content-Type
text/html
Date
Thu, 01 Feb 2024 17:32:12 GMT
Keep-Alive
timeout=15, max=89
Location
https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Pragma
no-cache
Server
Apache
X-Content-Type-Options
nosniff
X-Frame-Options
allow-from 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com
yui-min.js
give.nationwidechildrens.org/yui3/yui/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://give.nationwidechildrens.org/yui3/yui/yui-min.js
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.117 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
db4bb1e314a04c52d8ad52c3a66ce793a012910e88d90295767ec52d75a4d72f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 17:32:12 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 May 2010 16:44:29 GMT
Server
Apache
ETag
"3baa-487aa3880d540"
ntCoent-Length
15274
Content-Type
application/x-javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=463
Content-Length
6402
modules.js
give.nationwidechildrens.org/js/convio/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://give.nationwidechildrens.org/js/convio/modules.js?version=2.9.2
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.117 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
f4b02cd52e21d6760e6ba107a19603c3516bbb1e171e10cdf990d3b160b0305f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 17:32:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jan 2024 06:29:03 GMT
Server
Apache
ETag
"3d01-60fab2dda2009"
ntCoent-Length
15617
Content-Type
application/x-javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=467
Content-Length
2801
utils.js
give.nationwidechildrens.org/js/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://give.nationwidechildrens.org/js/utils.js
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.117 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
56fb1bf075613aa1e61d6cf81fe7ae08d45fe7a16689d118bfa06e17600ac4cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 17:32:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Nov 2016 06:50:28 GMT
Server
Apache
ETag
"7f46-540ecc9f1180e"
ntCoent-Length
32582
Content-Type
application/x-javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=466
Content-Length
9855
obs_comp_rollup.js
give.nationwidechildrens.org/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://give.nationwidechildrens.org/js/obs_comp_rollup.js
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.117 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
957f312f39ed8ba93485141af5af501f1d2b7b372433d8ac77b0923a5c584204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 17:32:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Feb 2012 18:21:34 GMT
Server
Apache
ETag
"2936-4b863d94fc780"
ntCoent-Length
10550
Content-Type
application/x-javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=294
Content-Length
2548
default.css
give.nationwidechildrens.org/css/themes/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://give.nationwidechildrens.org/css/themes/default.css
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.117 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
135ae3e7f5e9b6c501a48f208ab55f701c066f5543fc4d7d64ef766cc722fae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 17:32:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jul 2013 19:12:15 GMT
Server
Apache
ETag
"11df-4e246affca1c0"
ntCoent-Length
4575
Content-Type
text/css
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=375
Content-Length
1256
alphacube.css
give.nationwidechildrens.org/css/themes/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://give.nationwidechildrens.org/css/themes/alphacube.css
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.117 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
dddb90184d87f59b1a025fa9b460ef0b25fbaa3ea192a83d31535dbb20ec10ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Cteonnt-Length
2648
Date
Thu, 01 Feb 2024 17:32:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Dec 2009 21:55:41 GMT
Server
Apache
ETag
"a58-479c5ef879140"
Content-Type
text/css
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=405
Content-Length
748
UserGlobalStyle.css
give.nationwidechildrens.org/css/ 		51 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://give.nationwidechildrens.org/css/UserGlobalStyle.css
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.117 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
789ea3db44dd9c89c8283ed3693b61d5ee77486d451704e6aad5a0db0eab590f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 17:32:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Jan 2015 03:11:31 GMT
Server
Apache
ETag
"cb31-50d20e97dbec0"
ntCoent-Length
52017
Content-Type
text/css
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=430
Content-Length
12869
CustomStyle.css
give.nationwidechildrens.org/css/ 		1 KB
875 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://give.nationwidechildrens.org/css/CustomStyle.css
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.117 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
0233a065cf1412b2c99752f6a92c9fd185fd908468e7525a8d79dca5e983efef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Cteonnt-Length
1073
Date
Thu, 01 Feb 2024 17:32:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Jul 2020 14:08:48 GMT
Server
Apache
ETag
"431-5ab0847563d95"
Content-Type
text/css
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=500
Content-Length
536
CustomWysiwygStyle.css
give.nationwidechildrens.org/css/ 		239 B
490 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://give.nationwidechildrens.org/css/CustomWysiwygStyle.css
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.117 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
70c6153c446ec4fd067ed43a8544da1c3b5db57554f864c85d380cca95126730

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 17:32:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Dec 2009 21:55:00 GMT
Server
Apache
ETag
"ef-479c5ed15f500"
ntCoent-Length
239
Content-Type
text/css
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=381
Content-Length
153
js
www.googletagmanager.com/gtag/ 		211 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-747363037
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e6656a4ef2b3f92d3f35a31fdf3e8f378dd2a9035930104d5eec3146f00107d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:32:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76823
x-xss-protection
0
last-modified
Thu, 01 Feb 2024 17:05:32 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Feb 2024 17:32:14 GMT
app.css
www.nationwidechildrens.org/frontend/assets/css/ 		507 KB
84 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nationwidechildrens.org/frontend/assets/css/app.css
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
69.24.144.75 Columbus, United States, ASN19600 (NCH-AS, US),
Reverse DNS
www.nationwidechildrens.org
Software
Microsoft-IIS/10.0 /
Resource Hash
c851b71878d4550e5eb0c37d8fedf5871bd7e83e6608c82c3d16c284e76c787f
Security Headers
Name Value
Content-Security-Policy manifest-src 'self' prodcd1.columbuschildrens.net prodcd1.onoursleeves.org; report-uri https://cahg.nationwidechildrens.org/CAHubGateway/api/Hub/ContentSecurityPolicyReport
Strict-Transport-Security max-age=31536000;
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Cteonnt-Length
519650
Strict-Transport-Security
max-age=31536000;
Content-Security-Policy
manifest-src 'self' prodcd1.columbuschildrens.net prodcd1.onoursleeves.org; report-uri https://cahg.nationwidechildrens.org/CAHubGateway/api/Hub/ContentSecurityPolicyReport
Content-Encoding
gzip
Date
Thu, 01 Feb 2024 17:32:13 GMT
Last-Modified
Mon, 18 Dec 2023 13:21:50 GMT
Server
Microsoft-IIS/10.0
ETag
"0ab8c28b531da1:0"
X-Frame-Options
DENY
Transfer-Encoding
chunked
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
private
Accept-Ranges
bytes
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.0/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.0/jquery.min.js
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e80de36726582824df3f9a7eb6ecdfe9827fc5a7c69f597b1502ebc13950ecd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:43:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32964
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 21:43:55 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/ 		232 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/jquery-ui.min.js
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7846b5904b602bd64bea1eb4557c03b09dabc580b07f18b8d1567d1345f0a040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 07:00:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
556314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62563
x-xss-protection
0
last-modified
Fri, 27 Jan 2023 21:54:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 07:00:18 GMT
BATB_LOGO_FULL_WHITE_STACK_ALT_NOBG_4C__1_.png
give.nationwidechildrens.org/images/content/pagebuilder/ 		186 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.nationwidechildrens.org/images/content/pagebuilder/BATB_LOGO_FULL_WHITE_STACK_ALT_NOBG_4C__1_.png
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.117 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
110f88acbdd0454a4a2f8fc161fc1af29ecac8034a44a1ece0447dc455aba3a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 17:32:13 GMT
Last-Modified
Fri, 07 Jul 2023 19:39:14 GMT
Server
Apache
ETag
"2e6d0-5ffeac9b05597"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=184
Content-Length
190160
app.js
www.nationwidechildrens.org/frontend/assets/js/ 		441 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nationwidechildrens.org/frontend/assets/js/app.js
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
69.24.144.75 Columbus, United States, ASN19600 (NCH-AS, US),
Reverse DNS
www.nationwidechildrens.org
Software
Microsoft-IIS/10.0 /
Resource Hash
c6d1fb0e403783017cbbeb90a5928782979ab06ecc25a3a2868f776e7d169466
Security Headers
Name Value
Content-Security-Policy manifest-src 'self' prodcd1.columbuschildrens.net prodcd1.onoursleeves.org; report-uri https://cahg.nationwidechildrens.org/CAHubGateway/api/Hub/ContentSecurityPolicyReport
Strict-Transport-Security max-age=31536000;
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Cteonnt-Length
451155
Strict-Transport-Security
max-age=31536000;
Content-Security-Policy
manifest-src 'self' prodcd1.columbuschildrens.net prodcd1.onoursleeves.org; report-uri https://cahg.nationwidechildrens.org/CAHubGateway/api/Hub/ContentSecurityPolicyReport
Content-Encoding
gzip
Date
Thu, 01 Feb 2024 17:32:13 GMT
Last-Modified
Mon, 18 Dec 2023 13:21:50 GMT
Server
Microsoft-IIS/10.0
ETag
"0ab8c28b531da1:0"
X-Frame-Options
DENY
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
private
Accept-Ranges
bytes
jquery.fitvids.js
cdnjs.cloudflare.com/ajax/libs/fitvids/1.1.0/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fitvids/1.1.0/jquery.fitvids.js
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
437073b2978126abf01db7cd818d833597788d3fff011dbe2092719364b4354d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:32:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5485506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1004
last-modified
Mon, 04 May 2020 16:10:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5c-b5e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfHwZD0TCVdW5TTmUW%2FICDPqEBZWnWfJKqfR7EbHm7fx8IXqSgMeZlb8eN6ZPUdG%2BilcEOraREuFfyxe4Ice3wf9ISWYaJ1e0cCKsqJiUYwgiIpY6FDI7OiYb2728HRXNQWaOu5Y06d4ez22Uecdm0Oo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84ebeebc49866ae7-FRA
expires
Tue, 21 Jan 2025 17:32:14 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 19:00:36 GMT
gtm.js
www.googletagmanager.com/ 		286 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5HG9FR4
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4347953fcba55136998800057469f99b2029ca4a07e97c68f99db00fbed975b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:32:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97983
x-xss-protection
0
last-modified
Thu, 01 Feb 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Feb 2024 17:32:14 GMT
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,700,700i
Requested by
Host: www.nationwidechildrens.org
URL: https://www.nationwidechildrens.org/frontend/assets/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
68c774e01af7abe606003370ddd0924f5a7ce04d8a175a90abcd90867b12934a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 01 Feb 2024 17:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 01 Feb 2024 17:25:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Feb 2024 17:32:14 GMT
fbevents.js
connect.facebook.net/en_US/ 		213 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b0388a2387283b8457b08aadd7fdcca2702ba989863981b18e673a1394e74c4f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 01 Feb 2024 17:32:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57158
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
HO+GwbsESf05TJgAkF3rISZ3uOjICtv07Qxqqm7JIkOubZVDa8W5EbGRoyqYLN66S3/G6QWstUfl9jZg9A+xJQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 01 Feb 2024 15:49:54 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6140
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Thu, 01 Feb 2024 17:49:54 GMT
logo@2x.png
www.nationwidechildrens.org/frontend/assets/img/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nationwidechildrens.org/frontend/assets/img/logo@2x.png
Requested by
Host: www.nationwidechildrens.org
URL: https://www.nationwidechildrens.org/frontend/assets/css/app.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
69.24.144.75 Columbus, United States, ASN19600 (NCH-AS, US),
Reverse DNS
www.nationwidechildrens.org
Software
Microsoft-IIS/10.0 /
Resource Hash
b75a4073a4df0c263d06100fe7b255a50afd30324f383b35bd474ce794401615
Security Headers
Name Value
Content-Security-Policy manifest-src 'self' prodcd1.columbuschildrens.net prodcd1.onoursleeves.org; report-uri https://cahg.nationwidechildrens.org/CAHubGateway/api/Hub/ContentSecurityPolicyReport
Strict-Transport-Security max-age=31536000;
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nationwidechildrens.org/frontend/assets/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000;
Content-Security-Policy
manifest-src 'self' prodcd1.columbuschildrens.net prodcd1.onoursleeves.org; report-uri https://cahg.nationwidechildrens.org/CAHubGateway/api/Hub/ContentSecurityPolicyReport
Date
Thu, 01 Feb 2024 17:32:13 GMT
Last-Modified
Mon, 18 Dec 2023 13:21:50 GMT
Server
Microsoft-IIS/10.0
ETag
"0ab8c28b531da1:0"
X-Frame-Options
DENY
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
Content-Length
70038
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.nationwidechildrens.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:50:29 GMT
x-content-type-options
nosniff
age
168105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:50:29 GMT
footer-main-top.svg
www.nationwidechildrens.org/frontend/assets/img/ 		274 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nationwidechildrens.org/frontend/assets/img/footer-main-top.svg
Requested by
Host: www.nationwidechildrens.org
URL: https://www.nationwidechildrens.org/frontend/assets/css/app.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
69.24.144.75 Columbus, United States, ASN19600 (NCH-AS, US),
Reverse DNS
www.nationwidechildrens.org
Software
Microsoft-IIS/10.0 /
Resource Hash
72fd58d0e5d4eb4bc90ce27a788d270bc8eabb2e832a1fc939531a31707fccf5
Security Headers
Name Value
Content-Security-Policy manifest-src 'self' prodcd1.columbuschildrens.net prodcd1.onoursleeves.org; report-uri https://cahg.nationwidechildrens.org/CAHubGateway/api/Hub/ContentSecurityPolicyReport
Strict-Transport-Security max-age=31536000;
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nationwidechildrens.org/frontend/assets/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000;
Content-Security-Policy
manifest-src 'self' prodcd1.columbuschildrens.net prodcd1.onoursleeves.org; report-uri https://cahg.nationwidechildrens.org/CAHubGateway/api/Hub/ContentSecurityPolicyReport
Content-Encoding
gzip
Date
Thu, 01 Feb 2024 17:32:13 GMT
Last-Modified
Mon, 18 Dec 2023 13:21:50 GMT
Server
Microsoft-IIS/10.0
ETag
"0ab8c28b531da1:0"
ntCoent-Length
280782
X-Frame-Options
DENY
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
private
Accept-Ranges
bytes
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.nationwidechildrens.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:51:53 GMT
x-content-type-options
nosniff
age
168021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:51:53 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.nationwidechildrens.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 09:10:14 GMT
x-content-type-options
nosniff
age
202920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 09:10:14 GMT
nch.woff
www.nationwidechildrens.org/frontend/assets/fonts/nch/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nationwidechildrens.org/frontend/assets/fonts/nch/nch.woff
Requested by
Host: www.nationwidechildrens.org
URL: https://www.nationwidechildrens.org/frontend/assets/css/app.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
69.24.144.75 Columbus, United States, ASN19600 (NCH-AS, US),
Reverse DNS
www.nationwidechildrens.org
Software
Microsoft-IIS/10.0 /
Resource Hash
04cf068a304e2fe82086452c883645735d309992e899dabb39dbc446de633630
Security Headers
Name Value
Content-Security-Policy manifest-src 'self' prodcd1.columbuschildrens.net prodcd1.onoursleeves.org; report-uri https://cahg.nationwidechildrens.org/CAHubGateway/api/Hub/ContentSecurityPolicyReport
Strict-Transport-Security max-age=31536000;
X-Frame-Options DENY

Request headers

Referer
https://www.nationwidechildrens.org/frontend/assets/css/app.css
Origin
https://give.nationwidechildrens.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000;
Content-Security-Policy
manifest-src 'self' prodcd1.columbuschildrens.net prodcd1.onoursleeves.org; report-uri https://cahg.nationwidechildrens.org/CAHubGateway/api/Hub/ContentSecurityPolicyReport
Date
Thu, 01 Feb 2024 17:32:15 GMT
Last-Modified
Mon, 18 Dec 2023 13:21:50 GMT
Server
Microsoft-IIS/10.0
ETag
"0ab8c28b531da1:0"
X-Frame-Options
DENY
Content-Type
font/x-woff
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
Content-Length
13192
KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.nationwidechildrens.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 12:50:08 GMT
x-content-type-options
nosniff
age
276126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17336
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 12:50:08 GMT
KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.nationwidechildrens.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:52:31 GMT
x-content-type-options
nosniff
age
167983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17032
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:52:31 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/747363037/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/747363037/?random=1706808734424&cv=11&fst=1706808734424&bg=ffffff&guid=ON&async=1&gtm=45be41v0v872568935za200&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.nationwidechildrens.org%2Fsite%2FSPageNavigator%2FEvent%2520Pages%2FButterflyGuildPlay.html&hn=www.googleadservices.com&frm=0&tiba=Nationwide%20Children%27s%20Hospital%3A%3A%20Butterfly%20Guild%20of%20Nationwide%20Children%27s%20Hospital%20hosts%20Beauty%20and%20the%20Beast%20-%20Giving%20%3A%3A%20Nationwide%20Children%27s%20Hospital&npa=0&pscdl=noapi&auid=533375264.1706808734&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-747363037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03669fcb3a0c4266d242c31fc411b3fa98650e216e233b0aa88999e5c992b148
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:32:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1369
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=241426526&utmhn=give.nationwidechildrens.org&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-19440175-1&cid=584863952.1706808734&jid=1073925141&_v=5.7.2&z=241426526
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-19440175-1&cid=584863952.1706808734&jid=1073925141&_v=5.7.2&z=241426526
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-19440175-1&cid=584863952.1706808734&jid=1073925141&_v=5.7.2&z=241426526&slf_rd=1&random=3492929356
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-19440175-1&cid=584863952.1706808734&jid=1073925141&_v=5.7.2&z=241426526&slf_rd=1&random=3492929356
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:32:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:32:14 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-19440175-1&cid=584863952.1706808734&jid=1073925141&_v=5.7.2&z=241426526&slf_rd=1&random=3492929356
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
523442867834509
connect.facebook.net/signals/config/ 		65 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/523442867834509?v=2.9.143&r=stable&domain=give.nationwidechildrens.org&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
965949d6046e63d3bc492dbbb7ee8836ad2a3b05fa441d58143001ecd83a3da7
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 01 Feb 2024 17:32:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14909
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
0isndp4F8RygXZ/f8mHYV4wj8yg/90HhAlVufYQq/eR6xRdr9TrW5bzR8ItoVCGzRHMoIlBvT9uziEND6LdzcQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HG9FR4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 01 Feb 2024 17:30:43 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
91
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 01 Feb 2024 19:30:43 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/747363037/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/747363037/?random=1706808734483&cv=11&fst=1706808734483&bg=ffffff&guid=ON&async=1&gtm=45He41v0v810101835&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.nationwidechildrens.org%2Fsite%2FSPageNavigator%2FEvent%2520Pages%2FButterflyGuildPlay.html&hn=www.googleadservices.com&frm=0&tiba=Nationwide%20Children%27s%20Hospital%3A%3A%20Butterfly%20Guild%20of%20Nationwide%20Children%27s%20Hospital%20hosts%20Beauty%20and%20the%20Beast%20-%20Giving%20%3A%3A%20Nationwide%20Children%27s%20Hospital&npa=0&pscdl=noapi&auid=533375264.1706808734&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HG9FR4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7fab69602437bb53960cd5274ca787e8618eb3dce3f1ad9c2b5620d4967a7b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:32:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1351
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10854258106/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10854258106/?random=1706808734484&cv=11&fst=1706808734484&bg=ffffff&guid=ON&async=1&gtm=45He41v0v810101835&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.nationwidechildrens.org%2Fsite%2FSPageNavigator%2FEvent%2520Pages%2FButterflyGuildPlay.html&hn=www.googleadservices.com&frm=0&tiba=Nationwide%20Children%27s%20Hospital%3A%3A%20Butterfly%20Guild%20of%20Nationwide%20Children%27s%20Hospital%20hosts%20Beauty%20and%20the%20Beast%20-%20Giving%20%3A%3A%20Nationwide%20Children%27s%20Hospital&npa=0&pscdl=noapi&auid=533375264.1706808734&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HG9FR4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c2d6359864eb77f02139b1b9498129ba6d0e9dde159cb0fdad34ac823ba6a5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:32:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1352
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HG9FR4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9dc95a17dc4aa94da335f23eb1de77d051a38b47835aa8a04690fad7ed2278a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 01 Feb 2024 17:32:13 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ED15DCD5CD414907A84AC69FEE95D39F Ref B: FRA31EDGE0222 Ref C: 2024-02-01T17:32:14Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
58ed64c0fb23fffb
pixel.sitescout.com/up/ 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/up/58ed64c0fb23fffb
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:32:13 GMT
server
AC1.1
content-type
image/gif
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control
max-age=0,no-cache,no-store
content-length
43
expires
Tue, 11 Oct 1977 12:34:56 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=523442867834509&ev=PageView&dl=https%3A%2F%2Fgive.nationwidechildrens.org&rl=&if=false&ts=1706808734498&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4124&fbp=fb.1.1706808734496.567730089&cs_est=true&pm=1&hrl=6b12e8&ler=empty&cdl=API_unavailable&it=1706808734471&coo=false&cs_cc=1&cas=3938201796294959&exp=e1&rqm=GET
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 01 Feb 2024 17:32:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.com/pagead/1p-user-list/747363037/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/747363037/?random=1706808734424&cv=11&fst=1706806800000&bg=ffffff&guid=ON&async=1&gtm=45be41v0v872568935za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.nationwidechildrens.org%2Fsite%2FSPageNavigator%2FEvent%2520Pages%2FButterflyGuildPlay.html&frm=0&tiba=Nationwide%20Children%27s%20Hospital%3A%3A%20Butterfly%20Guild%20of%20Nationwide%20Children%27s%20Hospital%20hosts%20Beauty%20and%20the%20Beast%20-%20Giving%20%3A%3A%20Nationwide%20Children%27s%20Hospital&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_a_CRqqv1K9L437QnYL_wurBdauzAiQ&random=3464216232&rmt_tld=0&ipr=y
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:32:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/747363037/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/747363037/?random=1706808734424&cv=11&fst=1706806800000&bg=ffffff&guid=ON&async=1&gtm=45be41v0v872568935za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.nationwidechildrens.org%2Fsite%2FSPageNavigator%2FEvent%2520Pages%2FButterflyGuildPlay.html&frm=0&tiba=Nationwide%20Children%27s%20Hospital%3A%3A%20Butterfly%20Guild%20of%20Nationwide%20Children%27s%20Hospital%20hosts%20Beauty%20and%20the%20Beast%20-%20Giving%20%3A%3A%20Nationwide%20Children%27s%20Hospital&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_a_CRqqv1K9L437QnYL_wurBdauzAiQ&random=3464216232&rmt_tld=1&ipr=y
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:32:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1629588778&t=pageview&_s=1&dl=https%3A%2F%2Fgive.nationwidechildrens.org%2Fsite%2FSPageNavigator%2FEvent%2520Pages%2FButterflyGuildPlay.html&ul=en-us&de=windows-1252&dt=Nationwide%20Children%27s%20Hospital%3A%3A%20Butterfly%20Guild%20of%20Nationwide%20Children%27s%20Hospital%20hosts%20Beauty%20and%20the%20Beast%20-%20Giving%20%3A%3A%20Nationwide%20Children%27s%20Hospital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=1.584863952.1706808734.1706808734.1706808734.1&_utmz=1.1706808734.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1706808734522&_u=YSBCCEABBAAAACAAI~&jid=398110477&gjid=1062890544&cid=584863952.1706808734&tid=UA-117457367-1&_gid=1051430254.1706808735&_r=1&_slc=1&gtm=45He41v0n815HG9FR4v810101835&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=541418579
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f732f66153c43dba40af2d833375b0508608ca87abc212d589d3721596c0f42a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://give.nationwidechildrens.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:32:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.nationwidechildrens.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10854258106/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10854258106/?random=1706808734484&cv=11&fst=1706806800000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v810101835&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.nationwidechildrens.org%2Fsite%2FSPageNavigator%2FEvent%2520Pages%2FButterflyGuildPlay.html&frm=0&tiba=Nationwide%20Children%27s%20Hospital%3A%3A%20Butterfly%20Guild%20of%20Nationwide%20Children%27s%20Hospital%20hosts%20Beauty%20and%20the%20Beast%20-%20Giving%20%3A%3A%20Nationwide%20Children%27s%20Hospital&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_YN0ei7AC9fx1SkjFJ86IK58QmLBnyA&random=2245586244&rmt_tld=0&ipr=y
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:32:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10854258106/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10854258106/?random=1706808734484&cv=11&fst=1706806800000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v810101835&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.nationwidechildrens.org%2Fsite%2FSPageNavigator%2FEvent%2520Pages%2FButterflyGuildPlay.html&frm=0&tiba=Nationwide%20Children%27s%20Hospital%3A%3A%20Butterfly%20Guild%20of%20Nationwide%20Children%27s%20Hospital%20hosts%20Beauty%20and%20the%20Beast%20-%20Giving%20%3A%3A%20Nationwide%20Children%27s%20Hospital&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_YN0ei7AC9fx1SkjFJ86IK58QmLBnyA&random=2245586244&rmt_tld=1&ipr=y
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:32:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/747363037/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/747363037/?random=1706808734483&cv=11&fst=1706806800000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v810101835&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.nationwidechildrens.org%2Fsite%2FSPageNavigator%2FEvent%2520Pages%2FButterflyGuildPlay.html&frm=0&tiba=Nationwide%20Children%27s%20Hospital%3A%3A%20Butterfly%20Guild%20of%20Nationwide%20Children%27s%20Hospital%20hosts%20Beauty%20and%20the%20Beast%20-%20Giving%20%3A%3A%20Nationwide%20Children%27s%20Hospital&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_u2BbNWVmYMK9acr2E84k9TdxI4vo8g&random=2665730002&rmt_tld=0&ipr=y
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:32:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/747363037/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/747363037/?random=1706808734483&cv=11&fst=1706806800000&bg=ffffff&guid=ON&async=1&gtm=45He41v0v810101835&u_w=1600&u_h=1200&url=https%3A%2F%2Fgive.nationwidechildrens.org%2Fsite%2FSPageNavigator%2FEvent%2520Pages%2FButterflyGuildPlay.html&frm=0&tiba=Nationwide%20Children%27s%20Hospital%3A%3A%20Butterfly%20Guild%20of%20Nationwide%20Children%27s%20Hospital%20hosts%20Beauty%20and%20the%20Beast%20-%20Giving%20%3A%3A%20Nationwide%20Children%27s%20Hospital&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_u2BbNWVmYMK9acr2E84k9TdxI4vo8g&random=2665730002&rmt_tld=1&ipr=y
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:32:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		235 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HV3KE4QCYW&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1d0e3b9aa7ed6a043adbde5cd10f8af7545a857e3cc36be7bb92e55a322dd3c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:32:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84814
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Feb 2024 17:32:14 GMT
259001207.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/259001207.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 01 Feb 2024 17:32:13 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 69AF3F1B0BAA46D6A7B3ECD6CB3AF33C Ref B: FRA31EDGE0222 Ref C: 2024-02-01T17:32:14Z
x-cache
CONFIG_NOCACHE
collect
region1.google-analytics.com/g/ 		0
263 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HV3KE4QCYW&gtm=45je41v0v9126176160&_p=1706808734177&gcd=11l1l1l1l2&npa=0&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=584863952.1706808734&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fgive.nationwidechildrens.org%2Fsite%2FSPageNavigator%2FEvent%2520Pages%2FButterflyGuildPlay.html&dt=Nationwide%20Children%27s%20Hospital%3A%3A%20Butterfly%20Guild%20of%20Nationwide%20Children%27s%20Hospital%20hosts%20Beauty%20and%20the%20Beast%20-%20Giving%20%3A%3A%20Nationwide%20Children%27s%20Hospital&sid=1706808734&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2604
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HV3KE4QCYW&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:32:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.nationwidechildrens.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
595f9e3fde51c08832000044.js
tag.marinsm.com/serve/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.marinsm.com/serve/595f9e3fde51c08832000044.js
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.65 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
69a25fc257e074239ef2d0633d9d7960d4bc0e360234c8ac4b985b63ef917744
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 17:32:14 GMT
Via
1.1 vegur, 1.1 varnish
X-Content-Type-Options
nosniff
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Content-Encoding
gzip
Age
857
X-Cache
HIT
Connection
keep-alive
Content-Length
3906
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706807877&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=Oksj%2BzYBe6ZP1cZggrlXBo020mEe0oNnxkTrUK9E4Vc%3D
X-Served-By
cache-fra-etou8220077-FRA
Server
Cowboy
X-Timer
S1706808735.729003,VS0,VE1
Vary
Accept-Encoding
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706807877&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=Oksj%2BzYBe6ZP1cZggrlXBo020mEe0oNnxkTrUK9E4Vc%3D"}]}
Content-Type
text/javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
X-Cache-Hits
1
nch.woff
nch.bz/fonts/ 		0
0
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=259001207&tm=gtm002&Ver=2&mid=ea4219a5-cfe6-427d-9853-463485d9b802&sid=d6d1ec00c12711ee897c9fffd9245d1c&vid=d6d21b70c12711eeac63b7483f051066&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Nationwide%20Children%27s%20Hospital%3A%3A%20Butterfly%20Guild%20of%20Nationwide%20Children%27s%20Hospital%20hosts%20Beauty%20and%20the%20Beast%20-%20Giving%20%3A%3A%20Nationwide%20Children%27s%20Hospital&p=https%3A%2F%2Fgive.nationwidechildrens.org%2Fsite%2FSPageNavigator%2FEvent%2520Pages%2FButterflyGuildPlay.html&r=&lt=2701&evt=pageLoad&sv=1&rn=790829
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 01 Feb 2024 17:32:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 05A53748C0FE441CAE904243A4C8E2A9 Ref B: FRA31EDGE0222 Ref C: 2024-02-01T17:32:14Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
tagjs
pixel-geo.prfct.co/
Redirect Chain
  • https://pixel-geo.prfct.co/tagjs?a_id=74163&source=js_tag
  • https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=74163&source=js_tag
125 B
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=74163&source=js_tag
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
HTTP/1.1
Server
52.213.93.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-93-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
79f2332a2d85a4a78f791140b721868d0510868e3b18cb0cc7372465d4ba0363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
125
Content-Type
text/javascript

Redirect headers

Location
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=74163&source=js_tag
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
adsct
analytics.twitter.com/i/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=twtr
  • https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_pnpYfOzD8a3VX7s4f
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_pnpYfOzD8a3VX7s4f
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-response-time
168
date
Thu, 01 Feb 2024 17:32:14 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
41c4c22ad1ef972c
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
8802a06953427dc43b1319d3c666b8dd4368cad6aa4556ada06f183e1726fb8b
content-length
43

Redirect headers

Location
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_pnpYfOzD8a3VX7s4f
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58288/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=yah
  • https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_pnpYfOzD8a3VX7s4f&_origin=1
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_pnpYfOzD8a3VX7s4f&_origin=1
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 17:32:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_pnpYfOzD8a3VX7s4f&_origin=1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=opx
  • https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_pnpYfOzD8a3VX7s4f
43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_pnpYfOzD8a3VX7s4f
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:32:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_pnpYfOzD8a3VX7s4f
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=rbcn
  • https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_pnpYfOzD8a3VX7s4f
0
0
cb
pixel-geo.prfct.co/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=goo
  • https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfcG5wWWZPekQ4YTNWWDdzNGY
  • https://pixel-geo.prfct.co/cb?partnerId=goo
43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-geo.prfct.co/cb?partnerId=goo
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
HTTP/1.1
Server
52.213.93.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-93-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:32:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel-geo.prfct.co/cb?partnerId=goo
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
240
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pixel-geo.prfct.co/seg/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-geo.prfct.co/seg/?add=9030655&source=js_tag&a_id=74163
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.93.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-93-251.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?t=2&add=9030655
  • https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D9030655
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D9030655
Requested by
Host: give.nationwidechildrens.org
URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Protocol
H2
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.nationwidechildrens.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:32:14 GMT
an-x-request-uuid
c6a9a7a9-d787-486f-a57a-0e79ce8b5562
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.44; 81.95.5.44; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Feb 2024 17:32:14 GMT
an-x-request-uuid
5f9f2017-b5d6-4f8f-8263-7284dc49f1d6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D9030655
x-proxy-origin
81.95.5.44; 81.95.5.44; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
nch.ttf
nch.bz/fonts/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nch.bz
URL
https://nch.bz/fonts/nch.woff
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_pnpYfOzD8a3VX7s4f
Domain
nch.bz
URL
https://nch.bz/fonts/nch.ttf

Verdicts & Comments Add Verdict or Comment

241 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| YUI function| getModules object| Y function| emptyFunction function| toFunction function| remapConsoleFunctions object| Utils object| UtilsConstants function| addOnLoadHandler function| getObj function| MM_swapImgRestore function| MM_preloadImages function| MM_findObj function| MM_swapImage function| MM_openBrWindow function| appendToUrl function| addHiddenInput function| CurrencyContext object| utils_currencyContext function| setCurrencyContext function| parseCurrency function| formatCurrency function| getCurrencyScalingFactor string| utils_digits function| parseIntStrict function| getSelOptionObject function| getOptionSelection function| addOptionToSelect function| deselectOption function| changeLinksToStayInPopup function| link_submit_redirect function| findContainingLink function| DlgMgr object| DialogManager function| openModelessDialog function| reloadWindow function| isNS function| isIE function| closeWin function| set_display function| disable_edit function| removeChildren function| getElementText function| setElementText function| set_visible function| show_block_element function| show_element function| hide_element function| parse_boolean function| disable_element function| reset_element function| get_input_default_value function| get_input_value function| get_option_value function| is_text_field function| set_input_value function| get_which_radio function| subclass function| getAncestor function| getAncestorByClass function| findAllOfClass function| isOfClass function| filterByClass function| cv_show_help function| cv_new_win_from_link function| cv_new_win function| cv_win_focus function| cv_should_handle function| cv_popup_from_link_handler function| cv_new_win_from_link_handler function| cv_new_win_handler function| cv_help_link_handler function| enable_help_links function| cv_show_preview function| cv_preview_link_handler function| cv_launch_window_on_load function| enable_preview_links function| URLEncode function| URLEncodeParamValue function| decToHex function| reversal function| isUrlOK function| SetChecked function| limitArea number| WCAGState function| keepAlive function| forceKeepAlive function| formatTime undefined| keepAliveDialog undefined| keepAliveTimer function| initKeepAliveDialog function| showTimingOutDialog function| showTimedOutDialog function| showKeepAliveDialog function| keepAlivePoll function| keepAlive2 function| forceKeepAlive2 boolean| _submitOnce function| submitOnce function| submitEnter function| copy_to_clip function| choiceSelected function| ds_merge_field function| ds_merge_direct_field function| ds_merge_date_field function| MergeCompositeObserver function| trim function| isArray function| showLightbox function| hideLightbox function| resizeBgDiv function| preEnhance function| postEnhance function| toTitleCase function| enhanceDomToPostLatin1EncodedData function| CList function| CCallWrapper function| CSimpleObservable object| oc_components function| ObservableComponent function| ObservableRadioComponent function| ObservableGridComponent function| get_observable_component function| fire_obs_comp_event function| observe_component function| filter_values_equal function| ComponentEnabler function| ComponentDisabler function| ComponentDisplayer function| ObservableComponentEvent object| dataLayer function| gtag function| $ function| jQuery function| DP_jQuery_1706808734386 function| fbq function| _fbq object| _gaq object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| _gat object| gaGlobal string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData function| UET function| UET_init function| UET_push object| ueto_1d09de0979 object| TSM function| checkDateInput object| $flickitys object| $flickityRelated object| std_resize object| greetingCard object| cardCarousel object| $list object| $listToggle object| $listToggleText object| $listToggleHiddenItems object| $listToggleItems string| $oldText string| $newText object| $scrollToLinks object| $jumpToLinks object| $autotabs object| $typeaheads function| substringMatcher undefined| originalSrc undefined| animatedSrc undefined| isButterflyStill object| $navMobile object| $navMain object| $navBreadcrumbs string| dropdownBreakpoint object| $navMobileAnchor object| $navAnchor object| $butterfly function| isButterflyInView string| inViewClass function| isInViewport object| $tiles function| resizeTiles function| resizeCarouselTiles function| toggleFooterAccordion object| $footerAccordion undefined| Locations undefined| LocationsDetail undefined| captionHeight undefined| orbitHeight undefined| $text undefined| pageTitle undefined| pageDescription undefined| pageUrl undefined| pageImage object| $orbit object| $caption boolean| $initialLoad object| previous object| next object| facebook object| twitter object| linkedin object| pinterest object| email function| shorten undefined| showFormErrors object| $viewMore object| $viewMoreToggle object| $viewMoreStories function| typeaheadFilter function| mobileScroll function| getPosition function| sendTest function| isAllowedDomain object| whatInput function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded function| Outlayer function| Isotope function| Masonry object| plyr object| Foundation function| LazyLoad function| jq1_12_4 object| _pa function| getUrlParameter undefined| nch_hero_amt undefined| nch_hero_rd function| facebookEventsHelper function| googleAdsEventsHelper object| _pq

34 Cookies

Domain/Path Name / Value
give.nationwidechildrens.org/site/AnonymousLogin Name: JSESSIONID
Value: E2DA758C2D57C944E23B90E365E4FC77.app30040b
give.nationwidechildrens.org/site/CRDonationAPI Name: JSESSIONID
Value: E2DA758C2D57C944E23B90E365E4FC77.app30040b
give.nationwidechildrens.org/site/CRConsAPI Name: JSESSIONID
Value: E2DA758C2D57C944E23B90E365E4FC77.app30040b
give.nationwidechildrens.org/site/CrmRest Name: JSESSIONID
Value: E2DA758C2D57C944E23B90E365E4FC77.app30040b
give.nationwidechildrens.org/site/ Name: JSESSIONID
Value: E2DA758C2D57C944E23B90E365E4FC77.app30040b
give.nationwidechildrens.org/ Name: JSESSIONID
Value: E2DA758C2D57C944E23B90E365E4FC77.app30040b
give.nationwidechildrens.org/ Name: redirector_cookie
Value: 42840436644:
www.nationwidechildrens.org/ Name: NSC_JOm5pty2ewvx0ntd3lmt1hblo2swgc3
Value: ffffffff46108e9a45525d5f4f58455e445a4a42378b
.nationwidechildrens.org/ Name: _gcl_au
Value: 1.1.533375264.1706808734
give.nationwidechildrens.org/ Name: __utma
Value: 1.584863952.1706808734.1706808734.1706808734.1
give.nationwidechildrens.org/ Name: __utmc
Value: 1
give.nationwidechildrens.org/ Name: __utmz
Value: 1.1706808734.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
give.nationwidechildrens.org/ Name: __utmt
Value: 1
give.nationwidechildrens.org/ Name: __utmb
Value: 1.1.10.1706808734
.nationwidechildrens.org/ Name: _fbp
Value: fb.1.1706808734496.567730089
.nationwidechildrens.org/ Name: _ga
Value: GA1.2.584863952.1706808734
.nationwidechildrens.org/ Name: _gid
Value: GA1.2.1051430254.1706808735
.nationwidechildrens.org/ Name: _gat_UA-117457367-1
Value: 1
.nationwidechildrens.org/ Name: _ga_HV3KE4QCYW
Value: GS1.2.1706808734.1.0.1706808734.0.0.0
.nationwidechildrens.org/ Name: _uetsid
Value: d6d1ec00c12711ee897c9fffd9245d1c
.nationwidechildrens.org/ Name: _uetvid
Value: d6d21b70c12711eeac63b7483f051066
.bing.com/ Name: MUID
Value: 0CA17969D79F62011BB36D71D614634B
.prfct.co/ Name: pa_uid
Value: pa_pnpYfOzD8a3VX7s4f
.prfct.co/ Name: pa_twitter_ts
Value: 1706808734919
.adnxs.com/ Name: XANDR_PANID
Value: elN3NTZfrV__ezePg0NX6pXMi6zYUcoyXI9rKLVFvdd55Nk1VxDF4FcmKkdf7xOrChelZTyVpmkRCUGyln91Sdu-BuEzPZtjmcTGgaU2_uc.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 8691229478367756494
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2GVNl>h9)!]tbP6j2F-XstGt!@Dzi%!rX6
.prfct.co/ Name: pa_yahoo_ts
Value: 1706808734976
.prfct.co/ Name: pa_openx_ts
Value: 1706808734977
.prfct.co/ Name: pa_rubicon_ts
Value: 1706808734977
.prfct.co/ Name: pa_google_ts
Value: 1706808734981
.doubleclick.net/ Name: IDE
Value: AHWqTUlPpWYnzVorCIKz-4MPiOuUKXIXPXXCcILWvZIqlR3-JFKYOs_EKnirIRXvEds
.twitter.com/ Name: personalization_id
Value: "v1_TpNZX0PxbytVcnNYw6YzIg=="

39 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/523442867834509?v=2.9.143&r=stable&domain=give.nationwidechildrens.org&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 92)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.nationwidechildrens.org/site/SPageNavigator/Event%20Pages/ButterflyGuildPlay.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://nch.bz/fonts/nch.woff
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://nch.bz/fonts/nch.ttf
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri https://give.nationwidechildrens.org/site/XFrameViolation
X-Content-Type-Options nosniff
X-Frame-Options allow-from 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.twitter.com
bat.bing.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
give.nationwidechildrens.org
googleads.g.doubleclick.net
nch.bz
pixel-geo.prfct.co
pixel.rubiconproject.com
pixel.sitescout.com
region1.google-analytics.com
secure.adnxs.com
ssl.google-analytics.com
stats.g.doubleclick.net
tag.marinsm.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.nationwidechildrens.org
nch.bz
pixel.rubiconproject.com
104.244.42.195
142.250.186.34
151.101.64.65
185.89.210.46
2001:4860:4802:32::36
2606:4700::6811:180e
2620:1ec:c11::200
2a00:1450:4001:803::2004
2a00:1450:4001:810::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.75.62.37
34.98.64.218
52.213.93.251
69.24.144.75
74.123.154.117
98.98.134.243
0233a065cf1412b2c99752f6a92c9fd185fd908468e7525a8d79dca5e983efef
03669fcb3a0c4266d242c31fc411b3fa98650e216e233b0aa88999e5c992b148
04cf068a304e2fe82086452c883645735d309992e899dabb39dbc446de633630
110f88acbdd0454a4a2f8fc161fc1af29ecac8034a44a1ece0447dc455aba3a8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
135ae3e7f5e9b6c501a48f208ab55f701c066f5543fc4d7d64ef766cc722fae9
1d0e3b9aa7ed6a043adbde5cd10f8af7545a857e3cc36be7bb92e55a322dd3c0
1e80de36726582824df3f9a7eb6ecdfe9827fc5a7c69f597b1502ebc13950ecd
4347953fcba55136998800057469f99b2029ca4a07e97c68f99db00fbed975b2
437073b2978126abf01db7cd818d833597788d3fff011dbe2092719364b4354d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
56fb1bf075613aa1e61d6cf81fe7ae08d45fe7a16689d118bfa06e17600ac4cc
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68c774e01af7abe606003370ddd0924f5a7ce04d8a175a90abcd90867b12934a
69a25fc257e074239ef2d0633d9d7960d4bc0e360234c8ac4b985b63ef917744
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
70c6153c446ec4fd067ed43a8544da1c3b5db57554f864c85d380cca95126730
72fd58d0e5d4eb4bc90ce27a788d270bc8eabb2e832a1fc939531a31707fccf5
7846b5904b602bd64bea1eb4557c03b09dabc580b07f18b8d1567d1345f0a040
789ea3db44dd9c89c8283ed3693b61d5ee77486d451704e6aad5a0db0eab590f
79f2332a2d85a4a78f791140b721868d0510868e3b18cb0cc7372465d4ba0363
7c2d6359864eb77f02139b1b9498129ba6d0e9dde159cb0fdad34ac823ba6a5f
821d90393e13d4cd40a44837d967813a51e6c1803382197bc3aff647050af8a6
957f312f39ed8ba93485141af5af501f1d2b7b372433d8ac77b0923a5c584204
965949d6046e63d3bc492dbbb7ee8836ad2a3b05fa441d58143001ecd83a3da7
9dc95a17dc4aa94da335f23eb1de77d051a38b47835aa8a04690fad7ed2278a3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0388a2387283b8457b08aadd7fdcca2702ba989863981b18e673a1394e74c4f
b75a4073a4df0c263d06100fe7b255a50afd30324f383b35bd474ce794401615
b7fab69602437bb53960cd5274ca787e8618eb3dce3f1ad9c2b5620d4967a7b8
c6d1fb0e403783017cbbeb90a5928782979ab06ecc25a3a2868f776e7d169466
c851b71878d4550e5eb0c37d8fedf5871bd7e83e6608c82c3d16c284e76c787f
db4bb1e314a04c52d8ad52c3a66ce793a012910e88d90295767ec52d75a4d72f
dddb90184d87f59b1a025fa9b460ef0b25fbaa3ea192a83d31535dbb20ec10ad
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6656a4ef2b3f92d3f35a31fdf3e8f378dd2a9035930104d5eec3146f00107d3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4b02cd52e21d6760e6ba107a19603c3516bbb1e171e10cdf990d3b160b0305f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f732f66153c43dba40af2d833375b0508608ca87abc212d589d3721596c0f42a