donate.sickkidsfoundation.com Open in urlscan Pro
107.154.140.65 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://donate.sickkidsfoundation.com/ndf
Submission: On December 13 via manual (December 13th 2023, 8:01:26 pm UTC) from US — Scanned from DE

Summary HTTP 152 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 61 IPs in 11 countries across 71 domains to perform 152 HTTP transactions. The main IP is 107.154.140.65, located in United States and belongs to INCAPSULA, US. The main domain is donate.sickkidsfoundation.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q4 on December 1st 2023. Valid for: 6 months.

This is the only time donate.sickkidsfoundation.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	107.154.140.65 107.154.140.65	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	2a04:4e42:e00... 2a04:4e42:e00::282	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.192.125 18.66.192.125	16509 (AMAZON-02) (AMAZON-02)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
2 4	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1490	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	18.173.161.79 18.173.161.79	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:795::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.40.243 108.138.40.243	16509 (AMAZON-02) (AMAZON-02)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
1 1	204.2.226.28 204.2.226.28	2914 (NTT-LTD-2914) (NTT-LTD-2914)
4 4	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2 2	38.68.201.140 38.68.201.140	174 (COGENT-174) (COGENT-174)
3 3	52.212.56.60 52.212.56.60	16509 (AMAZON-02) (AMAZON-02)
1 4	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	54.194.188.15 54.194.188.15	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	135.84.189.37 135.84.189.37	54527 (ASTUTEHOS...) (ASTUTEHOSTING)
1	99.84.88.2 99.84.88.2	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	18.66.192.58 18.66.192.58	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:8e00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.10.76.194 52.10.76.194	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:679... 2600:1f18:6791:a007:ff33:52f8:797e:54a9	14618 (AMAZON-AES) (AMAZON-AES)
1 28	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 4	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
2	54.72.153.232 54.72.153.232	16509 (AMAZON-02) (AMAZON-02)
1	81.17.55.173 81.17.55.173	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3 3	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.41.104 104.18.41.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:1f18:612... 2600:1f18:612b:4264:4b11:4b0e:f335:7576	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.173.188.94 18.173.188.94	16509 (AMAZON-02) (AMAZON-02)
1	18.158.243.75 18.158.243.75	16509 (AMAZON-02) (AMAZON-02)
1 1	34.197.233.111 34.197.233.111	14618 (AMAZON-AES) (AMAZON-AES)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
2 2	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1 1	3.64.21.223 3.64.21.223	16509 (AMAZON-02) (AMAZON-02)
1 1	18.153.39.189 18.153.39.189	16509 (AMAZON-02) (AMAZON-02)
4 4	54.36.150.187 54.36.150.187	16276 (OVH) (OVH)
1	18.196.74.146 18.196.74.146	16509 (AMAZON-02) (AMAZON-02)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 1	3.218.221.252 3.218.221.252	14618 (AMAZON-AES) (AMAZON-AES)
1	34.248.234.146 34.248.234.146	16509 (AMAZON-02) (AMAZON-02)
2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 1	52.214.242.160 52.214.242.160	16509 (AMAZON-02) (AMAZON-02)
2 2	54.93.159.119 54.93.159.119	16509 (AMAZON-02) (AMAZON-02)
1 1	2.19.217.66 2.19.217.66	16625 (AKAMAI-AS) (AKAMAI-AS)
1	188.65.124.66 188.65.124.66	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
2 2	2607:ae80:192... 2607:ae80:192:1::173	26558 (FREEWHEEL) (FREEWHEEL)
1	35.186.196.148 35.186.196.148	15169 (GOOGLE) (GOOGLE)
1	18.203.91.219 18.203.91.219	16509 (AMAZON-02) (AMAZON-02)
1	18.193.96.13 18.193.96.13	16509 (AMAZON-02) (AMAZON-02)
1	34.199.164.108 34.199.164.108	14618 (AMAZON-AES) (AMAZON-AES)
2 2	99.84.88.4 99.84.88.4	16509 (AMAZON-02) (AMAZON-02)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
1 1	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
152	61

16 107.154.140.65 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.140.65.ip.incapdns.net

donate.sickkidsfoundation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:e00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-125.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.38 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net

5627812.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
11336053.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1490 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.161.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-161-79.muc50.r.cloudfront.net

d3htn85c6cao65.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:795::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.40.243 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-40-243.muc50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.2.226.28 (Springfield, United States) 1 redirects

ASN2914 (NTT-LTD-2914, US)

mpp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.68.201.140 (Ashburn, United States) 2 redirects

ASN174 (COGENT-174, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.212.56.60 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-56-60.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.188.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-188-15.eu-west-1.compute.amazonaws.com

px.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.84.189.37 (Toronto, Canada)

ASN54527 (ASTUTEHOSTING, CA)

ads.connectedinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-2.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-58.muc50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:8e00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.10.76.194 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-76-194.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:6791:a007:ff33:52f8:797e:54a9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

capi.annalect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 52.46.151.131 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.101 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.153.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-153-232.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.173 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:4b11:4b0e:f335:7576 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.188.94 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-173-188-94.muc50.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.243.75 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-243-75.eu-central-1.compute.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.233.111 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-233-111.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.21.223 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-21-223.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.153.39.189 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-153-39-189.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.36.150.187 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ip187.ip-54-36-150.eu

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.74.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-74-146.eu-central-1.compute.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.218.221.252 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-221-252.compute-1.amazonaws.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.234.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-234-146.eu-west-1.compute.amazonaws.com

sync-amazon.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.242.160 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-242-160.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.159.119 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-159-119.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.217.66 (Prague, Czech Republic) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-66.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:ae80:192:1::173 (United States) 2 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.196.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 148.196.186.35.bc.googleusercontent.com

sync.rfp.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.91.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-91-219.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.96.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-96-13.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.164.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-164-108.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.88.4 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-4.muc50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.121 (Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 285	23 KB
16	sickkidsfoundation.com donate.sickkidsfoundation.com	628 KB
15	doubleclick.net 8 redirects 5627812.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 11336053.fls.doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 219 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 ad.doubleclick.net — Cisco Umbrella Rank: 139	9 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2693 adservice.google.com — Cisco Umbrella Rank: 93	1 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1282 q.stripe.com — Cisco Umbrella Rank: 7730 m.stripe.com — Cisco Umbrella Rank: 1245	164 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6419	5 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 758 tr6.snapchat.com — Cisco Umbrella Rank: 88800	803 B
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 715	2 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6765	885 B
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	374 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	463 KB
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 3494	1 KB
4	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	3 KB
4	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 307 cms.analytics.yahoo.com — Cisco Umbrella Rank: 1240	443 B
3	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480	2 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	234 B
3	demdex.net 3 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	2 KB
3	mxptint.net 3 redirects mpp.mxptint.net — Cisco Umbrella Rank: 24566 aep.mxptint.net — Cisco Umbrella Rank: 4966	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 329	14 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1234	1 KB
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	615 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 699 usermatch.krxd.net — Cisco Umbrella Rank: 1751	358 B
2	stickyadstv.com 2 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 526	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 336	881 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 491	343 B
2	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 859 image6.pubmatic.com — Cisco Umbrella Rank: 793	391 B
2	serving-sys.com 2 redirects bs.serving-sys.com — Cisco Umbrella Rank: 1487 lm.serving-sys.com — Cisco Umbrella Rank: 2628	777 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 339 token.rubiconproject.com — Cisco Umbrella Rank: 461	674 B
2	360yield.com match.360yield.com — Cisco Umbrella Rank: 1765	397 B
2	annalect.com capi.annalect.com	342 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1361	16 KB
2	connectedinteractive.com ads.connectedinteractive.com — Cisco Umbrella Rank: 223242	1 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1355 insight.adsrvr.org — Cisco Umbrella Rank: 557	3 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 745	21 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	69 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	59 KB
2	gstatic.com fonts.gstatic.com	86 KB
1	ispot.tv 1 redirects pi.ispot.tv — Cisco Umbrella Rank: 2457	343 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 372	140 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	35 B
1	fout.jp sync.rfp.fout.jp — Cisco Umbrella Rank: 4212	275 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 2318	122 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 638	472 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 499	487 B
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 1293	169 B
1	yieldmo.com sync-amazon.ads.yieldmo.com — Cisco Umbrella Rank: 5368	38 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com — Cisco Umbrella Rank: 3191	492 B
1	exelator.com loadus.exelator.com — Cisco Umbrella Rank: 1408	324 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 910	374 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1226	204 B
1	samba.tv 1 redirects ads.samba.tv — Cisco Umbrella Rank: 5086	657 B
1	samplicio.us usersync.samplicio.us — Cisco Umbrella Rank: 2700	186 B
1	imdb.com 1 redirects www.imdb.com — Cisco Umbrella Rank: 3770	880 B
1	tremorhub.com 1 redirects amazon.partners.tremorhub.com — Cisco Umbrella Rank: 5264	388 B
1	connatix.com capi.connatix.com — Cisco Umbrella Rank: 1010	82 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622	163 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2580	258 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 713	394 B
1	t.co t.co — Cisco Umbrella Rank: 589	376 B
1	gumgum.com px.gumgum.com — Cisco Umbrella Rank: 15504	182 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 945	18 KB
1	cloudfront.net d3htn85c6cao65.cloudfront.net	25 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 763	15 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 678	15 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1345	611 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	22 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
0	spotxchange.com Failed sync.search.spotxchange.com Failed
0	myvisualiq.net Failed t.myvisualiq.net Failed
152	71

	Domain	Requested by
28	s.amazon-adsystem.com	1 redirects donate.sickkidsfoundation.com s.amazon-adsystem.com
16	donate.sickkidsfoundation.com	donate.sickkidsfoundation.com
5	ct.pinterest.com	s.pinimg.com donate.sickkidsfoundation.com
5	www.google.de	donate.sickkidsfoundation.com
5	connect.facebook.net	donate.sickkidsfoundation.com connect.facebook.net 5627812.fls.doubleclick.net
5	www.googletagmanager.com	donate.sickkidsfoundation.com www.googletagmanager.com www.google-analytics.com
4	cookie-matching.mediarithmics.com	4 redirects
4	ib.adnxs.com	4 redirects
4	tr.snapchat.com	sc-static.net
4	px.ads.linkedin.com	3 redirects snap.licdn.com
4	www.google.com	donate.sickkidsfoundation.com
4	cm.g.doubleclick.net	4 redirects
3	q.stripe.com	donate.sickkidsfoundation.com
3	www.facebook.com	donate.sickkidsfoundation.com 5627812.fls.doubleclick.net
3	adservice.google.com	11336053.fls.doubleclick.net 5627812.fls.doubleclick.net donate.sickkidsfoundation.com
3	ups.analytics.yahoo.com	donate.sickkidsfoundation.com s.amazon-adsystem.com
3	dpm.demdex.net	3 redirects
3	bat.bing.com	www.googletagmanager.com bat.bing.com donate.sickkidsfoundation.com
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	js.stripe.com	donate.sickkidsfoundation.com js.stripe.com
2	uipglob.semasio.net	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	ads.stickyadstv.com	2 redirects
2	x.bidswitch.net	2 redirects
2	us-u.openx.net	s.amazon-adsystem.com
2	c1.adform.net	2 redirects
2	dsum-sec.casalemedia.com	2 redirects
2	match.360yield.com	s.amazon-adsystem.com
2	capi.annalect.com	connect.facebook.net
2	ad.doubleclick.net	2 redirects
2	m.stripe.network	js.stripe.com m.stripe.network
2	ads.connectedinteractive.com	d3htn85c6cao65.cloudfront.net
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	aep.mxptint.net	2 redirects
2	s.pinimg.com	donate.sickkidsfoundation.com s.pinimg.com
2	www.youtube.com	donate.sickkidsfoundation.com www.youtube.com
2	11336053.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	5627812.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
1	image6.pubmatic.com	s.amazon-adsystem.com
1	pi.ispot.tv	1 redirects
1	eb2.3lift.com	s.amazon-adsystem.com
1	usermatch.krxd.net	s.amazon-adsystem.com
1	match.sharethrough.com	s.amazon-adsystem.com
1	beacon.krxd.net	s.amazon-adsystem.com
1	sync.rfp.fout.jp	s.amazon-adsystem.com
1	cms.analytics.yahoo.com	1 redirects
1	public-prod-dspcookiematching.dmxleo.com	s.amazon-adsystem.com
1	tags.bluekai.com	1 redirects
1	aa.agkn.com	1 redirects
1	sync.taboola.com	1 redirects
1	sync-amazon.ads.yieldmo.com	s.amazon-adsystem.com
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	token.rubiconproject.com	1 redirects
1	image2.pubmatic.com	s.amazon-adsystem.com
1	crb.kargo.com	s.amazon-adsystem.com
1	ssum-sec.casalemedia.com	1 redirects
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	s.amazon-adsystem.com
1	pixel.rubiconproject.com	1 redirects
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	amazon.partners.tremorhub.com	1 redirects
1	capi.connatix.com	s.amazon-adsystem.com
1	rtb-csync.smartadserver.com	s.amazon-adsystem.com
1	insight.adsrvr.org	js.adsrvr.org
1	tr6.snapchat.com	sc-static.net
1	m.stripe.com	m.stripe.network
1	vc.hotjar.io	script.hotjar.com
1	region1.analytics.google.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	donate.sickkidsfoundation.com
1	www.linkedin.com	1 redirects
1	analytics.twitter.com	donate.sickkidsfoundation.com
1	t.co	donate.sickkidsfoundation.com
1	region1.google-analytics.com	www.googletagmanager.com
1	px.gumgum.com	donate.sickkidsfoundation.com
1	mpp.mxptint.net	1 redirects
1	js.adsrvr.org	www.googletagmanager.com
1	sc-static.net	donate.sickkidsfoundation.com
1	d3htn85c6cao65.cloudfront.net	donate.sickkidsfoundation.com
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	polyfill.io	donate.sickkidsfoundation.com
1	cdnjs.cloudflare.com	donate.sickkidsfoundation.com
1	fonts.googleapis.com	donate.sickkidsfoundation.com
0	sync.search.spotxchange.com Failed	s.amazon-adsystem.com
0	t.myvisualiq.net Failed	s.amazon-adsystem.com
152	93

This site contains links to these domains. Also see Links.

Domain
www.sickkidsfoundation.com
www.sickkids.ca

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-01` - `2024-05-29`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
polyfill.io Certainly Intermediate R1	`2023-12-02` - `2024-01-01`	a month	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-22` - `2023-12-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh
*.connectedinteractive.com Go Daddy Secure Certificate Authority - G2	`2023-03-27` - `2024-04-27`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh
capi.annalect.com R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.samplicio.us Amazon RSA 2048 M01	`2023-04-14` - `2024-05-12`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.prod.euc1.green.ops.kargo.com Amazon RSA 2048 M03	`2023-12-12` - `2025-01-10`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
public-prod-dspcookiematching.dmxleo.com ZeroSSL RSA Domain Secure Site CA	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.rfp.fout.jp RapidSSL TLS RSA CA G1	`2023-08-03` - `2024-09-02`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
usermatch.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-02-20`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://donate.sickkidsfoundation.com/ndf
Frame ID: 49A88484AF541AE0EE924287AD7C5691
Requests: 83 HTTP requests in this frame

Frame: https://5627812.fls.doubleclick.net/activityi;dc_pre=CIOYjYyajYMDFWRUkQUdHeoM2w;src=5627812;type=sickk0;cat=skf-d0;ord=1342611691598;auiddc=728784906.1702497681;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf
Frame ID: A84E0D908E65A78659B7CDA9A2086C65
Requests: 6 HTTP requests in this frame

Frame: https://11336053.fls.doubleclick.net/activityi;dc_pre=CPTJjYyajYMDFTdLkQUdjFsHCA;src=11336053;type=invmedia;cat=sickk000;ord=2723302195271;auiddc=728784906.1702497681;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf
Frame ID: 5ED5AFD067E52515D88A9A0EEDC7E4DA
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 823DDD6510147EE673D20B5E6228486D
Requests: 4 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=1da237a8-8122-4c02-9fcf-0aa6fde57222&u_scsid=098e5a7c-8272-402f-bab9-effb8530169c&u_sclid=5d7e50f1-e77e-41b1-a1fe-487c5309c531
Frame ID: 6A04C5481017FED494E4891834A973F4
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: DC972DA70F1E80F5ACABCADF9B6B5765
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D64c440ec-0d27-a288-46eb-b5e5780ddfaa%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.sickkidsfoundation.com/&ex-hargs=v%3D1.0%3Bc%3D1480596890801%3Bp%3D64C440EC-0D27-A288-46EB-B5E5780DDFAA&cb=968790934565535900&dcc=t
Frame ID: 50DC87995FE5DE5F9EBFA52633299927
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=gwmjca0&ref=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&upid=frd07f7&upv=1.1.0
Frame ID: 37B7950753207630D8DADD1167964BAC
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: D16A50CF88DB7BD9C12C36173BD54C1A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U
Frame ID: 09D6E00ED1522E19C2F1DDB35677A265
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DonateSecure Lock Icon

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

152
Requests

80 %
HTTPS

27 %
IPv6

71
Domains

93
Subdomains

61
IPs

11
Countries

2057 kB
Transfer

5589 kB
Size

77
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sickkidsfoundation.com/
Title: SickKids Foundation

Search URL Search Domain Scan URL

URL: https://www.sickkidsfoundation.com/termsofuse
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.sickkidsfoundation.com/privacypolicy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.sickkidsfoundation.com/aboutus/ouraccountability/designatedgiving
Title: Designated Giving

Search URL Search Domain Scan URL

URL: https://www.sickkids.ca/
Title: The Hospital for Sick Children

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://5627812.fls.doubleclick.net/activityi;src=5627812;type=sickk0;cat=skf-d0;ord=1342611691598;auiddc=728784906.1702497681;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf HTTP 302
https://5627812.fls.doubleclick.net/activityi;dc_pre=CIOYjYyajYMDFWRUkQUdHeoM2w;src=5627812;type=sickk0;cat=skf-d0;ord=1342611691598;auiddc=728784906.1702497681;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf

Request Chain 30

https://11336053.fls.doubleclick.net/activityi;src=11336053;type=invmedia;cat=sickk000;ord=2723302195271;auiddc=728784906.1702497681;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf HTTP 302
https://11336053.fls.doubleclick.net/activityi;dc_pre=CPTJjYyajYMDFTdLkQUdjFsHCA;src=11336053;type=invmedia;cat=sickk000;ord=2723302195271;auiddc=728784906.1702497681;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf

Request Chain 39

https://mpp.mxptint.net/2/27792/?rnd=%n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_hm=UjMzNjQ3XzEwREE0Q0QwNV8yRDg4RkMy HTTP 302
https://aep.mxptint.net/sn.ashx HTTP 302
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R33647_10DA4CD05_2D88FC2&redir=https://aep.mxptint.net/sn.ashx?ak=1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=75557&dpuuid=R33647_10DA4CD05_2D88FC2&redir=https://aep.mxptint.net/sn.ashx HTTP 302
https://aep.mxptint.net/sn.ashx HTTP 302
https://ups.analytics.yahoo.com/ups/56550/sync?uid=R33647_10DA4CD05_2D88FC2&_origin=1

Request Chain 50

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1702497681156&url=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1702497681156&url=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2274266%26time%3D1702497681156%26url%3Dhttps%253A%252F%252Fdonate.sickkidsfoundation.com%252Fndf%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1702497681156&url=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1702497681156&url=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&cookiesTest=true&liSync=true&e_ipv6=AQKkZ724Ijq_1gAAAYxkxQFlhInHNsfhaOqQAQdM8m-6Niy95SmFSMG5CRcBNoxVepGWCifwDCPkL5gfugoBMPd-R13Q

Request Chain 91

https://ad.doubleclick.net/ddm/activity/src=8353444;type=invmedia;cat=cybopq6b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8353444;dc_pre=COSjsoyajYMDFR0NogMd8-IEcQ;type=invmedia;cat=cybopq6b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8353444;dc_pre=COSjsoyajYMDFR0NogMd8-IEcQ;type=invmedia;cat=cybopq6b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 99

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D64c440ec-0d27-a288-46eb-b5e5780ddfaa%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.sickkidsfoundation.com/&ex-hargs=v%3D1.0%3Bc%3D1480596890801%3Bp%3D64C440EC-0D27-A288-46EB-B5E5780DDFAA&cb=968790934565535900 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D64c440ec-0d27-a288-46eb-b5e5780ddfaa%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.sickkidsfoundation.com/&ex-hargs=v%3D1.0%3Bc%3D1480596890801%3Bp%3D64C440EC-0D27-A288-46EB-B5E5780DDFAA&cb=968790934565535900&dcc=t

Request Chain 103

https://ib.adnxs.com/setuid/a9?entity=188&code=SXGjAoZ_QqugR7_oji1SRQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DSXGjAoZ_QqugR7_oji1SRQ%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=SXGjAoZ_QqugR7_oji1SRQ

Request Chain 106

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=zR5dJ8ycQe2mgWGLc6ISrg&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=zR5dJ8ycQe2mgWGLc6ISrg&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZXoNknMLU5ErbBmeMbyBHwAA

Request Chain 109

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=fa686c93bffe4253a784603bee6e5ae3

Request Chain 110

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 113

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=12466ae0878f5be84

Request Chain 114

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=35BQuIuvQbeEFu6LpjsbHA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=35BQuIuvQbeEFu6LpjsbHA

Request Chain 115

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=3Zjk9B4lS6CQW_Qa40WHgg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=65945473761081610271038628595960236268

Request Chain 117

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=2267508667466472261

Request Chain 118

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2235ee9a10-dc72-40f4-a3e7-252486478c3e%22,%22Time%22:%2220231213T200122.932091%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=35ee9a10-dc72-40f4-a3e7-252486478c3e

Request Chain 119

https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=amazon-na-23&gdpr=0 HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr=0&domid=1109 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx&google_gid=CAESEKdQZnZqgd0bQff-PjN_Ydw&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEKdQZnZqgd0bQff-PjN_Ydw&gdpr=0&action=GET_ID&etid=&domid=1109 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3287944669099993142&opid=apx&ops=&utidl=tech:goo:CAESEKdQZnZqgd0bQff-PjN_Ydw&gdpr=0&action=GET_ID&etid=&domid=1109 HTTP 303
https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-60498489467&gdpr=0

Request Chain 120

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=LCg6oiM_GelbPlqqSNnvKjc4fB04ZgIC

Request Chain 122

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=3287944669099993142&ex=appnexus.com

Request Chain 124

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=1g44lhspAeAjAV5Rxat1M8WWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Request Chain 126

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=EE681E0A930D7A6526008AC2021EE6B3

Request Chain 129

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=14cb9311-87b0-4df2-936b-df4a4cd5d828-tuctc739313

Request Chain 130

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=219573204729004379744&ex=neustar.biz

Request Chain 131

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=782b3b29b17374164efffe050c084e78

Request Chain 132

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 135

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini

Request Chain 136

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=f7d949f8138ed23b6fc6c774f7b1bedf&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 140

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=YcKAdr1EQ1G8PI8E_YUe3g&redirectId=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=fcbc58404832aa5a7993a9faac2c988&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=YcKAdr1EQ1G8PI8E_YUe3g

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEJBFivMqQADNVjzvK7eKIIQ&google_cver=1

Request Chain 144

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=76aab1b33d683dbbbcb750f96e5c5090

Request Chain 147

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=C8A92B746CC444B8

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=NkT8XfqyROubX_gGwUU7cg& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 149

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=be0db8ac7b9e8009277325fba0f6032a78529f6e9a584398ac99d89064de6948

152 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ndf Show response
donate.sickkidsfoundation.com/ 64 KB
14 KB 927ms
494ms Document
text/html 107.154.140.65
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.140.65 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.140.65.ip.incapdns.net

Software

Resource Hash

cc00ce4e9c1acb92bb520d7f57cff3386e045c20d5a7ca92e08b9be6e70306fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, no-store, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 13 Dec 2023 20:01:20 GMT
expires: Wed, 13 Dec 2023 20:01:20 GMT
last-modified: Wed, 13 Dec 2023 20:01:20 GMT
vary: *
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 13-51317911-51317913 NNNN CT(111 241 0) RT(1702497679255 9) q(0 0 4 1) r(5 5) U24
x-liveupgrade: 0

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 45ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Anek+Malayalam:wdth,wght@100,500;125,500&family=Anton&family=Caveat+Brush&family=Inter:wght@400;500;600&display=swap

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62cca83ad6173090b97f077785c4fbd7c538aa0e8777950ab9f2827a9fe2dab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 20:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 20:01:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Dec 2023 20:01:20 GMT

GET
H2 200 css
donate.sickkidsfoundation.com/NDF/Content/ 235 KB
52 KB 534ms
533ms Stylesheet
text/css 107.154.140.65
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://donate.sickkidsfoundation.com/NDF/Content/css?v=NkB0mvTDmNjidBP6V-2PPSDyq7IOESyudmmfFgsOFbo1
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.140.65 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.140.65.ip.incapdns.net
Software: /
Resource Hash: 05e82e160e777ed45062a66007e1e5c9b76884aeb16ccf36d545637e48132548

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/ndf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:20 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 20:01:20 GMT
x-cdn: Imperva
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
x-liveupgrade: 0
x-iinfo: 13-51317911-51317999 NNNN CT(121 115 0) RT(1702497679255 516) q(0 0 3 -1) r(4 5) U24
cache-control: public
content-length: 53031
expires: Thu, 12 Dec 2024 20:01:20 GMT

GET
H2 200 modernizr Show response
donate.sickkidsfoundation.com/NDF/bundles/ 52 KB
20 KB 539ms
538ms Script
text/javascript 107.154.140.65
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://donate.sickkidsfoundation.com/NDF/bundles/modernizr?v=2twPtszsTL39hTiKwvPlVlNga_BJ8EIzShIX0ej7LAo1
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.140.65 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.140.65.ip.incapdns.net
Software: /
Resource Hash: 45329efb6cbf7446dc239f76a7546ffb0f4c51afd40b1e703b6c67d10674d72c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/ndf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:20 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 20:01:20 GMT
x-cdn: Imperva
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
x-liveupgrade: 0
x-iinfo: 13-51317911-51318002 NNNN CT(115 115 0) RT(1702497679255 526) q(0 0 3 -1) r(4 5) U24
cache-control: public
content-length: 19874
expires: Thu, 12 Dec 2024 20:01:20 GMT

GET
H2 200 glow-logo.png
donate.sickkidsfoundation.com/NDF/images/ 509 KB
510 KB 533ms
532ms Image
image/png 107.154.140.65
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donate.sickkidsfoundation.com/NDF/images/glow-logo.png
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.140.65 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.140.65.ip.incapdns.net
Software: /
Resource Hash: dad13c6e2c16b9f2159217a6924c38cdb06f2c0a334beff2c50d99d0c621b3db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/ndf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:20 GMT
last-modified: Thu, 14 Sep 2023 14:59:04 GMT
x-cdn: Imperva
etag: "cd16cd01ce7d91:0"
x-liveupgrade: 0
content-type: image/png
x-iinfo: 13-51317911-51318004 NNNN CT(110 113 0) RT(1702497679255 533) q(0 0 3 -1) r(4 5) U24
accept-ranges: bytes
content-length: 521582

GET
H2 200 donation-card-icon.png
donate.sickkidsfoundation.com/NDF/images/ 2 KB
3 KB 411ms
411ms Image
image/png 107.154.140.65
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donate.sickkidsfoundation.com/NDF/images/donation-card-icon.png
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.140.65 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.140.65.ip.incapdns.net
Software: /
Resource Hash: 86617d567e853c5cc9cd035ae582ada964eef8fdb70529de3b2786e667eea484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/ndf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:20 GMT
last-modified: Tue, 07 Feb 2023 18:56:02 GMT
x-cdn: Imperva
etag: "426559d3253bd91:0"
x-liveupgrade: 0
content-type: image/png
x-iinfo: 13-51317911-51318006 NNNN CT(113 112 0) RT(1702497679255 542) q(0 1 3 -1) r(4 4) U24
accept-ranges: bytes
content-length: 2461

GET
H2 200 outline-logo.png
donate.sickkidsfoundation.com/NDF/images/ 939 B
939 B 12ms
12ms Image
text/html 107.154.140.65
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donate.sickkidsfoundation.com/NDF/images/outline-logo.png
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.140.65 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.140.65.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/ndf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-iinfo: 13-51317911-0 0NNN RT(1702497679255 922) q(0 -1 -1 -1) r(0 -1) B12(11,2387122,0) U24
cache-control: no-cache, no-store
content-length: 939
content-type: text/html

GET
H2 200 jquery Show response
donate.sickkidsfoundation.com/NDF/bundles/ 939 B
1 KB 10ms
9ms Script
text/html 107.154.140.65
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://donate.sickkidsfoundation.com/NDF/bundles/jquery?v=36i52qMiogXassLYdxEHh891H15iLCGxHydKE8YP4d41
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.140.65 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.140.65.ip.incapdns.net
Software: /
Resource Hash: 8d4e6d22c2920fc8ced60af772db5d9f6fbbbc7581d0347982ac02ff07b5e802

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/ndf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-iinfo: 13-51317911-0 0NNN RT(1702497679255 932) q(0 -1 -1 -1) r(0 -1) B12(11,2387122,0) U24
cache-control: no-cache, no-store
content-length: 939
content-type: text/html

GET
H2 200 bootstrap Show response
donate.sickkidsfoundation.com/NDF/bundles/ 943 B
1 KB 10ms
10ms Script
text/html 107.154.140.65
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://donate.sickkidsfoundation.com/NDF/bundles/bootstrap?v=LyD8I-J1fLlrJpkPqvf15AON-HDEKaM0xXvbnvL1q8A1
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.140.65 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.140.65.ip.incapdns.net
Software: /
Resource Hash: e30961a70de9127492565588c69e50a898082c94048d7702a9df249572981dd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/ndf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-iinfo: 13-51317911-0 0NNN RT(1702497679255 943) q(0 -1 -1 -1) r(1 -1) B12(11,2387122,0) U24
cache-control: no-cache, no-store
content-length: 943
content-type: text/html

GET
H2 200 jquery.inputmask.bundle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.2.6/ 104 KB
22 KB 31ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/3.2.6/jquery.inputmask.bundle.min.js

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a54c0f0abc017f802b8a68c2233d679d4a302a322b196116b4d03b015e66fec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1177934
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21791
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-1a19e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXOhS0XPA8XuIML5taOi8nQArIoR1xSfJq7jQqNdZcxzWtWLnmpthp6F6613cdv%2BYiSlZuVferVxtsitRry23RRI%2BKcG104o%2FkS7R2SrULvNZ8RzjQjPxLv%2B2nQk1cUHDn7nk%2B70sLI1IN4v778o0wlW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8350cc681a079be8-FRA
expires: Mon, 02 Dec 2024 20:01:20 GMT

GET
H2 200 contentDisplayV1.js Show response
donate.sickkidsfoundation.com/NDF/js/ 944 B
1 KB 57ms
57ms Script
text/html 107.154.140.65
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://donate.sickkidsfoundation.com/NDF/js/contentDisplayV1.js
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.140.65 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.140.65.ip.incapdns.net
Software: /
Resource Hash: 7be4e81e47d10f994fe3ef4a926d38c555b719e06f8ce070ed1964d6198a4db2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/ndf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-iinfo: 13-51317911-0 0NNN RT(1702497679255 1036) q(0 -1 -1 -1) r(0 -1) B12(11,2387122,0) U24
cache-control: no-cache, no-store
content-length: 944
content-type: text/html

GET
H2 200 / Show response
js.stripe.com/v3/ 577 KB
160 KB 43ms
19ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

31d65b141bbeeae253df4e293fd31152429f89eade3c2e0eb7f6c665e1d34310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Dec 2023 20:01:20 GMT
via: 1.1 varnish
age: 11
x-cache: HIT
content-length: 163901
x-request-id: eddd9094-7175-4dd7-bbf6-2e5b2333e06c
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Wed, 13 Dec 2023 18:41:38 GMT
server: Fastly
etag: "553622da36036766e181bc3f4fa24e24"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 100 B
611 B 360ms
118ms Script
text/javascript 2a04:4e42:e00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?version=3.52.1&features=fetch

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5e8245f74bb3b5a6a427cb68b028830456233ea1e669bf9582a84dd9ca9ab255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 13 Dec 2023 20:01:21 GMT
age: 438254
detected-user-agent: Chrome/120.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 120
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/120.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wallet.js Show response
donate.sickkidsfoundation.com/NDF/js/ 940 B
1 KB 15ms
13ms Script
text/html 107.154.140.65
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://donate.sickkidsfoundation.com/NDF/js/wallet.js
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.140.65 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.140.65.ip.incapdns.net
Software: /
Resource Hash: d58e83a2e1a2f25c00b2998f2c146b620a881e495a49850c15c620f980d5b1bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/ndf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-iinfo: 13-51317911-0 0NNN RT(1702497679255 1144) q(0 -1 -1 -1) r(1 -1) B12(11,2387122,0) U24
cache-control: no-cache, no-store
content-length: 940
content-type: text/html

GET
H2 200 donationValidation.js Show response
donate.sickkidsfoundation.com/NDF/js/ 940 B
1 KB 21ms
20ms Script
text/html 107.154.140.65
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://donate.sickkidsfoundation.com/NDF/js/donationValidation.js
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.140.65 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.140.65.ip.incapdns.net
Software: /
Resource Hash: fc8ad0445a2711a3062525b11316152e739dc01f73fa26e46d851cf43db2ae7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/ndf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-iinfo: 13-51317911-0 0NNN RT(1702497679255 1150) q(0 -1 -1 -1) r(0 -1) B12(11,2387122,0) U24
cache-control: no-cache, no-store
content-length: 940
content-type: text/html

GET
H2 200 jqueryval Show response
donate.sickkidsfoundation.com/NDF/bundles/ 938 B
1 KB 31ms
30ms Script
text/html 107.154.140.65
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://donate.sickkidsfoundation.com/NDF/bundles/jqueryval?v=Q18CkjEfkcnRHmTjPVoAyzMRYhwk16QdYtMEgeiVbuE1
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.140.65 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.140.65.ip.incapdns.net
Software: /
Resource Hash: 56f2d01b138f8c4f155627570f5f8ca611aad6b9077f31ed71cb4d621735073c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/ndf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-iinfo: 13-51317911-0 0NNN RT(1702497679255 1157) q(0 -1 -1 -1) r(0 -1) B12(11,2387122,0) U24
cache-control: no-cache, no-store
content-length: 938
content-type: text/html

GET
H2 200 AdditionalMethods Show response
donate.sickkidsfoundation.com/NDF/bundles/ 942 B
1 KB 32ms
31ms Script
text/html 107.154.140.65
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://donate.sickkidsfoundation.com/NDF/bundles/AdditionalMethods?v=h0-Zb6lSOc9rQ0yWmnHgsbbMYEiukI4UhGyqFQhqSYA1
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.140.65 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.140.65.ip.incapdns.net
Software: /
Resource Hash: 56a8d9fc61a7b9778856986772477f668375ded84572ddcc7b60e266480c8f8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/ndf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-iinfo: 13-51317911-0 0NNN RT(1702497679255 1160) q(0 -1 -1 -1) r(0 -1) B12(11,2387122,0) U24
cache-control: no-cache, no-store
content-length: 942
content-type: text/html

GET
H2 200 _Incapsula_Resource Show response
donate.sickkidsfoundation.com/ 154 KB
22 KB 39ms
38ms Script
application/javascript 107.154.140.65
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://donate.sickkidsfoundation.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1794946606
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.140.65 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.140.65.ip.incapdns.net
Software: /
Resource Hash: cd3a316f9e24473d9722aa61ee28fcc95d0ab9ecf1f3e24da2d3da7f723eb36b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/ndf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 22009
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 600 KB
144 KB 143ms
115ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f13e78b41d11df22721b7f1a0949c93f69dbf909022472b2d49f2b9d44a06bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146480
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Dec 2023 20:01:20 GMT

GET
H2 200 df-hero-bg.jpg
donate.sickkidsfoundation.com/images/website/ 946 B
946 B 14ms
13ms Image
text/html 107.154.140.65
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donate.sickkidsfoundation.com/images/website/df-hero-bg.jpg
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.140.65 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.140.65.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/ndf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-iinfo: 13-51317911-0 0NNN RT(1702497679255 1171) q(0 -1 -1 -1) r(0 -1) B12(11,2387122,0) U24
cache-control: no-cache, no-store
content-length: 946
content-type: text/html

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 292ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anek+Malayalam:wdth,wght@100,500;125,500&family=Anton&family=Caveat+Brush&family=Inter:wght@400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.sickkidsfoundation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:57:12 GMT
x-content-type-options: nosniff
age: 126249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:57:12 GMT

GET
H2 200 6qLUKZActRTs_mZAJUZWWkhke0nYa-f6__Azq3-gDVW7db9_.woff2
fonts.gstatic.com/s/anekmalayalam/v6/ 40 KB
40 KB 317ms
32ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/anekmalayalam/v6/6qLUKZActRTs_mZAJUZWWkhke0nYa-f6__Azq3-gDVW7db9_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anek+Malayalam:wdth,wght@100,500;125,500&family=Anton&family=Caveat+Brush&family=Inter:wght@400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a08a3ddcc4e278b52211ff04ad956858b750d0e4840d236b5cac88450f7769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.sickkidsfoundation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40960
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Dec 2024 20:01:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
91 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1N3ZYKZ49X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d53feddb0cce9f638d733984b3c36715c17860ca6537e608f41d4f09a7dab54b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93516
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Dec 2023 20:01:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 13 Dec 2023 19:22:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2336
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 13 Dec 2023 21:22:25 GMT

GET
H2 200 hotjar-302599.js Show response
static.hotjar.com/c/ 9 KB
4 KB 127ms
62ms Script
application/javascript 18.66.192.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-302599.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-125.muc50.r.cloudfront.net

Software

Resource Hash

8685aec0f6d77f9e32fbbee5153d339ea406f340a4439c2e32e77ae1094f0830

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 89efe3a7854e47cf7f1fe47e28e39348.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
etag: W/46487230bbf2588b39ca8f90f7f50e00
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: gypaRsWZ1_AKmmb4lszi35j5a9OdpQ9_5cbjNjpY_yjwiS3EtpXCag==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 51ms
13ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230055-FRA

GET
H2

200

activityi;dc_pre=CIOYjYyajYMDFWRUkQUdHeoM2w;src=5627812;type=sickk0;cat=skf-d0;ord=1342611691598;auiddc=728784906.1702497681;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafv... Show response
5627812.fls.doubleclick.net/ Frame A84E
Redirect Chain

https://5627812.fls.doubleclick.net/activityi;src=5627812;type=sickk0;cat=skf-d0;ord=1342611691598;auiddc=728784906.1702497681;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;ua...
https://5627812.fls.doubleclick.net/activityi;dc_pre=CIOYjYyajYMDFWRUkQUdHeoM2w;src=5627812;type=sickk0;cat=skf-d0;ord=1342611691598;auiddc=728784906.1702497681;gtm=45He3bt0v71468454;gcd=11l1l1l1l1...

1 KB
990 B

60ms
58ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5627812.fls.doubleclick.net/activityi;dc_pre=CIOYjYyajYMDFWRUkQUdHeoM2w;src=5627812;type=sickk0;cat=skf-d0;ord=1342611691598;auiddc=728784906.1702497681;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

79461a2356dfc7179b5ad9c3725050028645f29f491cfc99d567018a4fc20891

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://donate.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 652
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 20:01:21 GMT
expires: Wed, 13 Dec 2023 20:01:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 20:01:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5627812.fls.doubleclick.net/activityi;dc_pre=CIOYjYyajYMDFWRUkQUdHeoM2w;src=5627812;type=sickk0;cat=skf-d0;ord=1342611691598;auiddc=728784906.1702497681;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1036497480/ 3 KB
2 KB 72ms
46ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036497480/?random=1702497681023&cv=11&fst=1702497681023&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v71468454&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&hn=www.googleadservices.com&frm=0&tiba=Donate&auid=728784906.1702497681&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db248e718106b48bfffe3917ec0bc3085c9a5d87fe6a4b697dd9a1055240c400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 54ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 13 Dec 2023 20:01:20 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7B2E7F034B844EDD823E7F293A5766D5 Ref B: FRAEDGE1908 Ref C: 2023-12-13T20:01:21Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/711607319/ 3 KB
1 KB 71ms
46ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/711607319/?random=1702497681025&cv=11&fst=1702497681025&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v71468454&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&hn=www.googleadservices.com&frm=0&tiba=Donate&auid=728784906.1702497681&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0a160e5609ebc9bc7356f9ba5cc23a403f7663e2abfa099e7c0bc7d56d27a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1234
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 42 KB
15 KB 51ms
15ms Script
application/javascript 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 13:09:33 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=61739
accept-ranges: bytes
content-length: 15541

GET
H2

200

activityi;dc_pre=CPTJjYyajYMDFTdLkQUdjFsHCA;src=11336053;type=invmedia;cat=sickk000;ord=2723302195271;auiddc=728784906.1702497681;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=... Show response
11336053.fls.doubleclick.net/ Frame 5ED5
Redirect Chain

https://11336053.fls.doubleclick.net/activityi;src=11336053;type=invmedia;cat=sickk000;ord=2723302195271;auiddc=728784906.1702497681;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;u...
https://11336053.fls.doubleclick.net/activityi;dc_pre=CPTJjYyajYMDFTdLkQUdjFsHCA;src=11336053;type=invmedia;cat=sickk000;ord=2723302195271;auiddc=728784906.1702497681;gtm=45He3bt0v71468454;gcd=11l1...

514 B
640 B

56ms
56ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11336053.fls.doubleclick.net/activityi;dc_pre=CPTJjYyajYMDFTdLkQUdjFsHCA;src=11336053;type=invmedia;cat=sickk000;ord=2723302195271;auiddc=728784906.1702497681;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

61635401ee13198fc2df0a82d7273cdd5270ffb006831359031f3b1834e0083e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://donate.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 302
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 20:01:21 GMT
expires: Wed, 13 Dec 2023 20:01:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 20:01:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11336053.fls.doubleclick.net/activityi;dc_pre=CPTJjYyajYMDFTdLkQUdjFsHCA;src=11336053;type=invmedia;cat=sickk000;ord=2723302195271;auiddc=728784906.1702497681;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 47ms
27ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 13 Dec 2023 20:01:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: cULopwzTmwsfkAf2w9MmPXDkjlfSrLqmt1Y7UkL3X7j8SrAOcgDxxoqjWk/kz5uod9LBXtXBfeby9jLXokAZjQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 85ms
30ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8493cdda94c825474c03c4d0c70d4a9d33ad28a203f35179226e1600c4179c12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 13 Dec 2023 20:01:21 GMT

GET
H/1.1 200
OK ci_events.js Show response
d3htn85c6cao65.cloudfront.net/libraries/ 25 KB
25 KB 81ms
32ms Script
application/javascript 18.173.161.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3htn85c6cao65.cloudfront.net/libraries/ci_events.js
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.161.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-161-79.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93417276accf894049920c795869ca4a6c3c02415f7f949fd9e6a7cb3426918c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 09:20:30 GMT
x-amz-meta-server-side-encryption: AES256
Via: 1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
Last-Modified: Wed, 08 Mar 2023 13:51:15 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P3
Age: 38452
x-amz-server-side-encryption: AES256
ETag: "3119b3be2666ad0fe71797272edb6509"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25307
X-Amz-Cf-Id: 53755QLK3SKcwQ58W91xarTMIlSvfWciheIll0dqaQXMm3w-AGyOAA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-880455918

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c758e1219fce44244bd475b915647e455c31c02dad57d5b1f61c89f7fcf0440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72450
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Dec 2023 20:01:21 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 4 KB
2 KB 63ms
15ms Script
application/javascript 2a02:26f0:3500:795::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:795::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "8d7d8ce32aa2a45d64e9f04a9a5cb1c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1793

GET
H2 200 scevent.min.js Show response
sc-static.net/ 41 KB
18 KB 109ms
59ms Script
application/javascript 108.138.40.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.40.243 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-40-243.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 167ee4702e76b96cfe396221bef5630f2182e4148a3406c303992ab2f44c357a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
content-encoding: gzip
via: 1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17610
x-amz-cf-id: f1IGkAaWIziivDzC9sfZwPpKs_fDF80MQmoOgRiVO31jOCpfOURvLg==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 34ms
7ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NJ4P25
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 06:08:18 GMT
Content-Encoding: gzip
Via: 1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Nov 2023 03:37:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 49984
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 8OFy3-bn5M8hjNbIAEh7vGWMANMSKmZgzlt-3Vy7kxbNJhXiVlB1lA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 305 KB
75 KB 53ms
51ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M37RLKB

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a0cd0f1dd7bdee1b172775acc6fa5463dd680646b1a6c9f43fcd3fd27c50ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76841
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Dec 2023 20:01:21 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/56550/
Redirect Chain

https://mpp.mxptint.net/2/27792/?rnd=%n
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_hm=UjMzNjQ3XzEwREE0Q0QwNV8yRDg4RkMy
https://aep.mxptint.net/sn.ashx
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R33647_10DA4CD05_2D88FC2&redir=https://aep.mxptint.net/sn.ashx?ak=1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=75557&dpuuid=R33647_10DA4CD05_2D88FC2&redir=https://aep.mxptint.net/sn.ashx
https://aep.mxptint.net/sn.ashx
https://ups.analytics.yahoo.com/ups/56550/sync?uid=R33647_10DA4CD05_2D88FC2&_origin=1

0
125 B

59ms
10ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56550/sync?uid=R33647_10DA4CD05_2D88FC2&_origin=1

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:22 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location: https://ups.analytics.yahoo.com/ups/56550/sync?uid=R33647_10DA4CD05_2D88FC2&_origin=1
Date: Wed, 13 Dec 2023 20:01:21 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-385502481; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 206
Content-Type: text/html; charset=utf-8

GET
H2 200 conversion
px.gumgum.com/ad/ 0
182 B 116ms
38ms Image
text/plain 54.194.188.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.gumgum.com/ad/conversion?cmp=11469&num=1&rnd=756741
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.188.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-188-15.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
server: nginx
timing-allow-origin: *
etag: "0d41d8cd98f00b204e9800998ecf8427e"
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
230 B 17ms
16ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=206716178&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&ul=en-us&de=UTF-8&dt=Donate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiAABBAAAACAAI~&jid=934791967&gjid=1817744245&cid=137034511.1702497681&tid=UA-66351416-1&_gid=222295617.1702497681&_slc=1&gtm=45He3bt0n71NJ4P25v71468454&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1604504459

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

c6e5c039a5419a555da7a580f6b25584c3fcaa3bba577f3154d0690e13e21002

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.sickkidsfoundation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.sickkidsfoundation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
358 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-66351416-1&cid=137034511.1702497681&jid=934791967&gjid=1817744245&_gid=222295617.1702497681&_u=YGBAiAABBAAAAGAAI~&z=542320887

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.sickkidsfoundation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 13 Dec 2023 20:01:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.sickkidsfoundation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
263 B 54ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1N3ZYKZ49X&gtm=45je3bt0v9119577223z871468454&_p=1702497680822&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=137034511.1702497681&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702497681&sct=1&seg=0&dl=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&dt=Donate&en=page_view&_fv=1&_ss=1&tfd=1824
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1N3ZYKZ49X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.sickkidsfoundation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
82 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N87CSHY5ZB&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4eb91cfba09c92e3b6a92ae9c51418224ae9fc015e9a45376549d5447ddd75bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84362
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Dec 2023 20:01:21 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/880455918/ 3 KB
2 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/880455918/?random=1702497681095&cv=11&fst=1702497681095&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&hn=www.googleadservices.com&frm=0&tiba=Donate&auid=728784906.1702497681&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-880455918

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d940850e2a211d5455d10ac1fe2d4c40b2f5a309798d573aa97f29af2f1a832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1257
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 58ms
33ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-66351416-1&cid=137034511.1702497681&jid=934791967&_u=YGBAiAABBAAAAGAAI~&z=2018339432

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 60ms
33ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-66351416-1&cid=137034511.1702497681&jid=934791967&_u=YGBAiAABBAAAAGAAI~&z=2018339432

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 151ms
117ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=5d3ed072-02d6-4d22-b70d-afd5c9369fbf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=392112c4-c810-4c40-aba8-996b4498fc49&tw_document_href=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxw6l&type=javascript&version=2.3.29

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 105
date: Wed, 13 Dec 2023 20:01:20 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 42ad5e807edab85d
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 15d54b328f7fd21b62690d13b14fd19eebcc89968b68908bdfb4de7fef1cedc6
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 175ms
121ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=5d3ed072-02d6-4d22-b70d-afd5c9369fbf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=392112c4-c810-4c40-aba8-996b4498fc49&tw_document_href=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxw6l&type=javascript&version=2.3.29

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 104
date: Wed, 13 Dec 2023 20:01:21 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: a1d4a1ed84bb88d3
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: a36509ff7ddd210c7019bce229934cca016ca29854988e423cf115bcf7e1f007
content-length: 43

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1702497681156&url=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1702497681156&url=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2274266%26time%3D1702497681156%26url%3Dhttps%253A%252F%252Fdonate.sickkidsfoundat...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1702497681156&url=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1702497681156&url=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&cookiesTest=true&liSync=true&e_ipv6=AQKkZ724Ijq_1gAAAYxkxQFlhInH...

0
264 B

199ms
162ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1702497681156&url=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&cookiesTest=true&liSync=true&e_ipv6=AQKkZ724Ijq_1gAAAYxkxQFlhInHNsfhaOqQAQdM8m-6Niy95SmFSMG5CRcBNoxVepGWCifwDCPkL5gfugoBMPd-R13Q
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 3CEEC38613C54934854940E881267F69 Ref B: FRAEDGE2012 Ref C: 2023-12-13T20:01:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYMaaGQXjj46O9tIrUyvA==

Redirect headers

date: Wed, 13 Dec 2023 20:01:21 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: E6DC49E6F27E4F7B994D625163932B92 Ref B: FRAEDGE2007 Ref C: 2023-12-13T20:01:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2274266&time=1702497681156&url=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&cookiesTest=true&liSync=true&e_ipv6=AQKkZ724Ijq_1gAAAYxkxQFlhInHNsfhaOqQAQdM8m-6Niy95SmFSMG5CRcBNoxVepGWCifwDCPkL5gfugoBMPd-R13Q
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYMaaGNVhsCXUqvgZ7oaw==

GET
H2 204 25070334.js Show response
bat.bing.com/p/action/ 0
116 B 38ms
38ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25070334.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 13 Dec 2023 20:01:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1B1B8DA2CB0A48A6807B2A1E3977B6EB Ref B: FRAEDGE1908 Ref C: 2023-12-13T20:01:21Z
x-cache: CONFIG_NOCACHE

GET
H2 200 /
www.google.com/pagead/1p-user-list/1036497480/ 42 B
455 B 43ms
26ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1036497480/?random=1702497681023&cv=11&fst=1702497600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v71468454&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&frm=0&tiba=Donate&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_EWV3bM-YHdPwd-p7LdMsckWYVTLfxw&random=4078868620&rmt_tld=0&ipr=y

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1036497480/ 42 B
108 B 42ms
22ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1036497480/?random=1702497681023&cv=11&fst=1702497600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v71468454&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&frm=0&tiba=Donate&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_EWV3bM-YHdPwd-p7LdMsckWYVTLfxw&random=4078868620&rmt_tld=1&ipr=y

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/711607319/ 42 B
108 B 24ms
24ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/711607319/?random=1702497681025&cv=11&fst=1702497600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v71468454&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&frm=0&tiba=Donate&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_s57kCuSjgbqdFm3ZzLt0P7MRwdYU6A&random=1593724160&rmt_tld=0&ipr=y

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/711607319/ 42 B
455 B 20ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/711607319/?random=1702497681025&cv=11&fst=1702497600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v71468454&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&frm=0&tiba=Donate&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_s57kCuSjgbqdFm3ZzLt0P7MRwdYU6A&random=1593724160&rmt_tld=1&ipr=y

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.74d80534.js Show response
s.pinimg.com/ct/lib/ 65 KB
19 KB 17ms
16ms Script
application/javascript 2a02:26f0:3500:795::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:795::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "cb251578b1e91b3cc440fd1521770cc5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18895

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/0d02ada0/www-widgetapi.vflset/ 216 KB
67 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d02ada0/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca767e8a29ac41afbf8ed2c0702af321b3e819427479c8e63aa12982023aa0ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 16:22:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13134
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68461
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 02:45:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 12 Dec 2024 16:22:27 GMT

GET
H/1.1 200
OK app_open Show response
ads.connectedinteractive.com/api/web/100/8092782a3475b91c78e512ffafa20c56/ 2 B
568 B 437ms
161ms XHR
application/json 135.84.189.37
ASTUTEHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.connectedinteractive.com/api/web/100/8092782a3475b91c78e512ffafa20c56/app_open?pool_uuid=-1&pool_region=-1&ci_js_uuid=9e1593d6-b376-4a96-bfdb-50d7fa3e541f&cb=1702497681160
Requested by: Host: d3htn85c6cao65.cloudfront.net
URL: https://d3htn85c6cao65.cloudfront.net/libraries/ci_events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.189.37 Toronto, Canada, ASN54527 (ASTUTEHOSTING, CA),
Reverse DNS
Software: nginx/1.16.0 / PHP/8.1.24
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 20:01:12 GMT
PMM-Response: DS
Server: nginx/1.16.0
X-Powered-By: PHP/8.1.24
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://donate.sickkidsfoundation.com
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 10784monthlystep1 Show response
ads.connectedinteractive.com/api/web/100/8092782a3475b91c78e512ffafa20c56/ 145 B
533 B 471ms
177ms XHR
application/json 135.84.189.37
ASTUTEHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.connectedinteractive.com/api/web/100/8092782a3475b91c78e512ffafa20c56/10784monthlystep1?pool_uuid=-1&pool_region=-1&ci_js_uuid=9e1593d6-b376-4a96-bfdb-50d7fa3e541f&cb=1702497681160
Requested by: Host: d3htn85c6cao65.cloudfront.net
URL: https://d3htn85c6cao65.cloudfront.net/libraries/ci_events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.84.189.37 Toronto, Canada, ASN54527 (ASTUTEHOSTING, CA),
Reverse DNS
Software: nginx/1.16.0 / PHP/8.1.24
Resource Hash: e253b5fd8682ec36a015b562051a3e703c8154379885cf0e6e0cb8c475ef40dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 20:01:12 GMT
PMM-Response: DS
Server: nginx/1.16.0
X-Powered-By: PHP/8.1.24
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://donate.sickkidsfoundation.com
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 modules.3a21fc8f657f3b8e388d.js Show response
script.hotjar.com/ 219 KB
55 KB 80ms
22ms Script
application/javascript 99.84.88.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.3a21fc8f657f3b8e388d.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-302599.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-2.muc50.r.cloudfront.net

Software

Resource Hash

6ada98a3a91822b5e0f1a0523c302abcb41a512142e6cf92f61e598db9095961

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 b90884acab23625db851d03bcf681a26.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 121335
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55538
last-modified: Tue, 12 Dec 2023 10:18:14 GMT
etag: "17ef78973b50641a4ae2770942cf511c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: OfVbLm1n4_updQ52z8OS6jjvZbZDpw1s4nhvmO3W0p4EDOAssN1cnw==

GET
H2 200 250085185187976 Show response
connect.facebook.net/signals/config/ 141 KB
36 KB 194ms
193ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/250085185187976?v=2.9.138&r=stable&domain=donate.sickkidsfoundation.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e62906e2e50011b64e339f6fc5989d088ce29b8f380d721ad61e7d62172163e3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 13 Dec 2023 20:01:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: R5KE7cRyurDuFzmZi32fba0T+bH+l+/L7cewwxPtlFenNUzuDwXRjaGzu61pXfUhTbo799o6vFDUlw9rkqESJQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 16ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N87CSHY5ZB&gtm=45je3bt0v9167702062&_p=1702497680822&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=137034511.1702497681&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&dt=Donate&sid=1702497681&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1968
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N87CSHY5ZB&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.sickkidsfoundation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 19ms
19ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N87CSHY5ZB&cid=137034511.1702497681&gtm=45je3bt0v9167702062&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N87CSHY5ZB&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.sickkidsfoundation.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 38ms
37ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N87CSHY5ZB&cid=137034511.1702497681&gtm=45je3bt0v9167702062&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=1190569536

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/880455918/ 42 B
108 B 20ms
20ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/880455918/?random=1702497681095&cv=11&fst=1702497600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&frm=0&tiba=Donate&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_6jePId2K3Fjhc6cM5yymtpxL2kMaTMQ9gKHl-EyVcezvdkcU&random=2194361029&rmt_tld=0&ipr=y

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/880455918/ 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/880455918/?random=1702497681095&cv=11&fst=1702497600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&frm=0&tiba=Donate&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_6jePId2K3Fjhc6cM5yymtpxL2kMaTMQ9gKHl-EyVcezvdkcU&random=2194361029&rmt_tld=1&ipr=y

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPTJjYyajYMDFTdLkQUdjFsHCA;src=11336053;type=invmedia;cat=sickk000;ord=2723302195271;auiddc=*;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
adservice.google.com/ddm/fls/z/ Frame 5ED5 42 B
107 B 112ms
65ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPTJjYyajYMDFTdLkQUdjFsHCA;src=11336053;type=invmedia;cat=sickk000;ord=2723302195271;auiddc=*;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf

Requested by

Host: 11336053.fls.doubleclick.net
URL: https://11336053.fls.doubleclick.net/activityi;dc_pre=CPTJjYyajYMDFTdLkQUdjFsHCA;src=11336053;type=invmedia;cat=sickk000;ord=2723302195271;auiddc=728784906.1702497681;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11336053.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CIOYjYyajYMDFWRUkQUdHeoM2w;src=5627812;type=sickk0;cat=skf-d0;ord=1342611691598;auiddc=*;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw...
adservice.google.com/ddm/fls/z/ Frame A84E 42 B
401 B 110ms
63ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIOYjYyajYMDFWRUkQUdHeoM2w;src=5627812;type=sickk0;cat=skf-d0;ord=1342611691598;auiddc=*;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf

Requested by

Host: 5627812.fls.doubleclick.net
URL: https://5627812.fls.doubleclick.net/activityi;dc_pre=CIOYjYyajYMDFWRUkQUdHeoM2w;src=5627812;type=sickk0;cat=skf-d0;ord=1342611691598;auiddc=728784906.1702497681;gtm=45He3bt0v71468454;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5627812.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame A84E 202 KB
53 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5627812.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 13 Dec 2023 20:01:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: cULopwzTmwsfkAf2w9MmPXDkjlfSrLqmt1Y7UkL3X7j8SrAOcgDxxoqjWk/kz5uod9LBXtXBfeby9jLXokAZjQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 _Incapsula_Resource
donate.sickkidsfoundation.com/ 1 B
35 B 9ms
9ms Image
text/plain 107.154.140.65
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donate.sickkidsfoundation.com/_Incapsula_Resource?SWKMTFSR=1&e=0.76474313705945
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.140.65 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.140.65.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/ndf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 823D 200 B
841 B 130ms
130ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3086634
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Dec 2023 20:01:21 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 968158
x-content-type-options: nosniff
x-request-id: 8d40e04c-3b3d-4614-802d-4fd8d8bcfec7
x-served-by: cache-fra-eddf8230110-FRA

GET
H2 200 / Show response
ct.pinterest.com/user/ 297 B
627 B 57ms
40ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612982544860&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1702497681279&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 3
alt-svc: h3=":443";ma=600
x-pinterest-rid: 7039271074855647
content-length: 172
pin-unauth: dWlkPU5tSTNaVEl4WkRVdE16QmhNeTAwTXpBNExXSTVZbVF0WkRFM05UUTNaREF4WXpRMQ
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://donate.sickkidsfoundation.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 9ac24272b1390cffa57796e44049f901bc97ead3
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 297 B
289 B 57ms
41ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&tid=2612982544860&cb=1702497681280&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 2
alt-svc: h3=":443";ma=600
x-pinterest-rid: 3684902478033454
content-length: 172
pin-unauth: dWlkPVlUQXlZamhtTm1RdE16ZGlOeTAwTmpkbUxXRXlZelF0TURFMlkyTTNZamc0WkRjeA
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://donate.sickkidsfoundation.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 9ac24272b1390cffa57796e44049f901bc97ead3
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
284 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25070334&tm=gtm002&Ver=2&mid=45da6ee6-9c20-48eb-b267-7ed744ce9b55&sid=62c19cd099f211eeba9241a7f0cc9e77&vid=62c1a8e099f211eeb6f9b7d7c1a342a2&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate&kw=SickKids%20Foundation,%20hospital%20foundation,%20children%27s%20hospital%20foundation,%20donate,%20donate%20online,%20children%27s%20charity,%20fund%20the%20fight,%20fundthefight.ca&p=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&r=&lt=2016&evt=pageLoad&sv=1&rn=605872

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 13 Dec 2023 20:01:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DB4F18C172D8486D8B89FA032E0A8746 Ref B: FRAEDGE1908 Ref C: 2023-12-13T20:01:21Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
181 B 50ms
50ms Image
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2612982544860&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2274d80534%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1702497681312
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 9ac24272b1390cffa57796e44049f901bc97ead3
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
alt-svc: h3=":443";ma=600
x-pinterest-rid: 6242086259651549
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1da237a8-8122-4c02-9fcf-0aa6fde57222.js Show response
tr.snapchat.com/config/com/ 167 B
444 B 80ms
21ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/1da237a8-8122-4c02-9fcf-0aa6fde57222.js?v=3.7.2-2312071952

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

1a23b6afc48e437715afac36afe5c9a1d374cd1283a8b675de5b720dc52314b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://donate.sickkidsfoundation.com/
Origin: https://donate.sickkidsfoundation.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://donate.sickkidsfoundation.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 6A04 0
201 B 76ms
18ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=1da237a8-8122-4c02-9fcf-0aa6fde57222&u_scsid=098e5a7c-8272-402f-bab9-effb8530169c&u_sclid=5d7e50f1-e77e-41b1-a1fe-487c5309c531

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://donate.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 13 Dec 2023 20:01:21 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H3 200 1728472720702530 Show response
connect.facebook.net/signals/config/ Frame A84E 371 KB
115 KB 303ms
303ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1728472720702530?v=2.9.138&r=stable&domain=donate.sickkidsfoundation.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5606536121ff46d9ce671f35bbbd9c6c6a2dab83fcd8af126ddc9e229bfb55e7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5627812.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 13 Dec 2023 20:01:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: fV7JNwVUgx4Z4Rw7687I3//lvw3kl9AqsvVEWmrdR1gMSD2zQ8jLEtz4wKq4VYMVmblZ3j3xnHbhR7tvVsoU8Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 302599 Show response
vc.hotjar.io/sessions/ 0
258 B 141ms
47ms XHR
text/plain 18.66.192.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/302599?s=0.25&r=0.2400053735008092
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.3a21fc8f657f3b8e388d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-58.muc50.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
via: 1.1 ae6c2eb8d653982f5df6a91a4b14b518.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: t1cPexXJ3149X-wFh2ZDf_k8UVtfrrzbHZ5It7EYcxx-jR-Pq4LYdg==

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 50ms
50ms Image
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&tid=2612982544860&cb=1702497681344&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%2C%22pin_unauth%22%3A%22dWlkPU5tSTNaVEl4WkRVdE16QmhNeTAwTXpBNExXSTVZbVF0WkRFM05UUTNaREF4WXpRMQ%22%2C%22aem_fn%22%3A%229169e3ca73eeb47d29e92532bcc0ffd1f22178bc26e73bf6e466f0aefadb8b50%22%2C%22aem_eligible_list%22%3A%5B%22fn%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2274d80534%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Requested by: Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 9ac24272b1390cffa57796e44049f901bc97ead3
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
alt-svc: h3=":443";ma=600
x-pinterest-rid: 7872150436963175
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1728472720702530 Show response
connect.facebook.net/signals/config/ 371 KB
115 KB 512ms
511ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1728472720702530?v=2.9.138&r=stable&domain=donate.sickkidsfoundation.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5606536121ff46d9ce671f35bbbd9c6c6a2dab83fcd8af126ddc9e229bfb55e7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 13 Dec 2023 20:01:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: hLxvVruJViaA5EcTNiYtO9TzXM84jd5xGgvJQPMRE0nxT0DDL+7mjIirCNyJW6Paz4uVCcHrIxotVpgPBPkXZg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 34ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=250085185187976&ev=PageView&dl=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&rl=&if=false&ts=1702497681381&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702497681380.73023335&cs_est=true&ler=empty&it=1702497681168&coo=false&rqm=GET

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 13 Dec 2023 20:01:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 823D 631 B
534 B 107ms
107ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Dec 2023 20:01:21 GMT
via: 1.1 varnish
age: 3764577
x-cache: HIT
content-length: 399
x-request-id: b87715d8-1b0b-4b94-b902-30c6f064e871
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 921495

POST
H2 200 csp-report
q.stripe.com/ Frame 823D 0
716 B 547ms
187ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702497681854908
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702497681854455
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 823D 0
717 B 547ms
186ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702497681854959
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702497681854476
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 p
tr.snapchat.com/ 0
101 B 24ms
23ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://donate.sickkidsfoundation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://donate.sickkidsfoundation.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame DC97 930 B
2 KB 30ms
10ms Document
text/html 2600:9000:2057:8e00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Dec 2023 20:00:48 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-id: Wql_SUbLav2WPhbywbHMc7qPqgvNVM39mofUj55Em4ZIgfqNz47u7w==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame DC97 0
490 B 410ms
187ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702497681855651
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1702497681854513
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame DC97 87 KB
14 KB 13ms
13ms Script
text/javascript 2600:9000:2057:8e00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:8e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:00:58 GMT
content-encoding: br
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 24
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: f7jpnPx3CISepJibfB84D9EX-A0bd6xs_IOqIks7RKOspSwiYWYWfg==

POST
H2 200 6 Show response
m.stripe.com/ Frame DC97 156 B
668 B 553ms
184ms XHR
application/json 52.10.76.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.76.194 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-10-76-194.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

724ebffa106002922ed48da790249e3bc02db9ca19aa14aa197efe6a8d07a03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 13 Dec 2023 20:01:22 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702497682053041
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1702497682052820
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2

200

src=8353444;dc_pre=COSjsoyajYMDFR0NogMd8-IEcQ;type=invmedia;cat=cybopq6b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8353444;type=invmedia;cat=cybopq6b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=8353444;dc_pre=COSjsoyajYMDFR0NogMd8-IEcQ;type=invmedia;cat=cybopq6b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
https://adservice.google.com/ddm/fls/z/src=8353444;dc_pre=COSjsoyajYMDFR0NogMd8-IEcQ;type=invmedia;cat=cybopq6b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

42 B
107 B

54ms
54ms

Image
image/gif

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8353444;dc_pre=COSjsoyajYMDFR0NogMd8-IEcQ;type=invmedia;cat=cybopq6b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:21 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=8353444;dc_pre=COSjsoyajYMDFR0NogMd8-IEcQ;type=invmedia;cat=cybopq6b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p
tr6.snapchat.com/ 0
42 B 31ms
20ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://donate.sickkidsfoundation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 8c01ee3b9a5e107671b82665f3f1570f6d41d98165df65d47569ae72a6ff8bac Show response
capi.annalect.com/events/ Frame A84E 0
171 B 327ms
96ms XHR
text/plain 2600:1f18:6791:a007:ff33:52f8:797e:54a9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://capi.annalect.com/events/8c01ee3b9a5e107671b82665f3f1570f6d41d98165df65d47569ae72a6ff8bac

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1728472720702530?v=2.9.138&r=stable&domain=donate.sickkidsfoundation.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f18:6791:a007:ff33:52f8:797e:54a9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://5627812.fls.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://5627812.fls.doubleclick.net
date: Wed, 13 Dec 2023 20:01:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ Frame A84E 0
31 B 11ms
10ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1728472720702530&ev=Purchase&dl=https%3A%2F%2F5627812.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIOYjYyajYMDFWRUkQUdHeoM2w%3Bsrc%3D5627812%3Btype%3Dsickk0%3Bcat%3Dskf-d0%3Bord%3D1342611691598%3Bauiddc%3D728784906.1702497681%3Bgtm%3D45He3bt0v71468454%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.sickkidsfoundation.com%252Fndf%3F&rl=https%3A%2F%2Fdonate.sickkidsfoundation.com%2F&if=true&ts=1702497681839&cd[value]=1.00&cd[currency]=USD&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&eid=ob3_plugin-set_3e9c9449396ab52f9434958140ffc93e75d5c231e1806b510c07dc4d85abd3dc&ler=other&it=1702497681317&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5627812.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 13 Dec 2023 20:01:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 p
tr.snapchat.com/ 0
15 B 60ms
60ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://donate.sickkidsfoundation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 13 Dec 2023 20:01:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://donate.sickkidsfoundation.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 55ca8236b27c373045deebbd637d2fb44a0b1e8d25972fa4d98c586ac59daea0 Show response
capi.annalect.com/events/ 0
171 B 216ms
96ms XHR
text/plain 2600:1f18:6791:a007:ff33:52f8:797e:54a9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://capi.annalect.com/events/55ca8236b27c373045deebbd637d2fb44a0b1e8d25972fa4d98c586ac59daea0

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1728472720702530?v=2.9.138&r=stable&domain=donate.sickkidsfoundation.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f18:6791:a007:ff33:52f8:797e:54a9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://donate.sickkidsfoundation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://donate.sickkidsfoundation.com
date: Wed, 13 Dec 2023 20:01:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 10ms
10ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1728472720702530&ev=PageView&dl=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&rl=&if=false&ts=1702497681952&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702497681380.73023335&cs_est=true&ler=empty&eid=ob3_plugin-set_d6c2f0c8a32bb423e19c72ed16308b0f4b4c3525ce333bb433876e812c85fc4a&it=1702497681168&coo=false&rqm=GET

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.sickkidsfoundation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 13 Dec 2023 20:01:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
203 B 164ms
163ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://donate.sickkidsfoundation.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 13 Dec 2023 20:01:22 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: AA2455F221DF45C4ABEC964CE3301C9C Ref B: FRAEDGE2007 Ref C: 2023-12-13T20:01:22Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://donate.sickkidsfoundation.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYMaaGS4gbxUHMeYWGfhg==

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 50DC
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D64c440ec-0d27-a288-46eb-b5e5780ddfaa%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.sickkidsfoundation.com/&ex-hargs=v%3D1.0%3Bc%3...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D64c440ec-0d27-a288-46eb-b5e5780ddfaa%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.sickkidsfoundation.com/&ex-hargs=v%3D1.0%3Bc%3...

2 KB
2 KB

130ms
129ms

Document
text/html

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D64c440ec-0d27-a288-46eb-b5e5780ddfaa%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.sickkidsfoundation.com/&ex-hargs=v%3D1.0%3Bc%3D1480596890801%3Bp%3D64C440EC-0D27-A288-46EB-B5E5780DDFAA&cb=968790934565535900&dcc=t

Requested by

Host: donate.sickkidsfoundation.com
URL: https://donate.sickkidsfoundation.com/ndf

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

088f510384e2eb77874a15c115f500d75eb31fc0e2128e71b092231591f7b432

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://donate.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1695
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 13 Dec 2023 20:01:22 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: SEGB3JNNY96JTXF4PW43

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 13 Dec 2023 20:01:22 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D64c440ec-0d27-a288-46eb-b5e5780ddfaa%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.sickkidsfoundation.com/&ex-hargs=v%3D1.0%3Bc%3D1480596890801%3Bp%3D64C440EC-0D27-A288-46EB-B5E5780DDFAA&cb=968790934565535900&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: FG18RMVE65QNFHPKQFAS

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 37B7 0
60 B 110ms
32ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=gwmjca0&ref=https%3A%2F%2Fdonate.sickkidsfoundation.com%2Fndf&upid=frd07f7&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://donate.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Wed, 13 Dec 2023 20:01:22 GMT
server: Kestrel

GET
H3 200 ct.html Show response
ct.pinterest.com/ Frame D16A 565 B
516 B 36ms
35ms Document
text/html 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://donate.sickkidsfoundation.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Wed, 13 Dec 2023 20:01:22 GMT
pinterest-version: 9ac24272b1390cffa57796e44049f901bc97ead3
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1639765173444080

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 09D6 7 KB
8 KB 100ms
100ms Document
text/html 52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D64c440ec-0d27-a288-46eb-b5e5780ddfaa%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.sickkidsfoundation.com/&ex-hargs=v%3D1.0%3Bc%3D1480596890801%3Bp%3D64C440EC-0D27-A288-46EB-B5E5780DDFAA&cb=968790934565535900&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

f7d79f6ccba3abe91e2d95db7ad3bee3ceb00b3c55fba829234a6648d5836c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D64c440ec-0d27-a288-46eb-b5e5780ddfaa%26type%3D55%26m%3D7&ex-fch=416613&ex-src=https://www.sickkidsfoundation.com/&ex-hargs=v%3D1.0%3Bc%3D1480596890801%3Bp%3D64C440EC-0D27-A288-46EB-B5E5780DDFAA&cb=968790934565535900&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 7544
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 13 Dec 2023 20:01:22 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: EK6DD6QDHTW8T91TQHD0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=SXGjAoZ_QqugR7_oji1SRQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DSXGjAoZ_QqugR7_oji1SRQ%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=SXGjAoZ_QqugR7_oji1SRQ

43 B
479 B

271ms
100ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=SXGjAoZ_QqugR7_oji1SRQ

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GAGMMPEBXER9EW6PGF88
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:22 GMT
an-x-request-uuid: e9638238-21d6-4478-b2b1-31f00c0b0ee0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=SXGjAoZ_QqugR7_oji1SRQ
x-proxy-origin: 45.141.152.73; 45.141.152.73; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 match
match.360yield.com/ Frame 09D6 43 B
198 B 186ms
40ms Image
image/gif 54.72.153.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=stZFuf_7R_y4deXly_TIqQ&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.72.153.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-153-232.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 13 Dec 2023 20:01:22 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 09D6 43 B
163 B 166ms
25ms Image
image/gif 81.17.55.173
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=RYOt4c37QH6aEod7Jd9etw
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.173 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:22 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=zR5dJ8ycQe2mgWGLc6ISrg&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=zR5dJ8ycQe2mgWGLc6ISrg&C=1
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZXoNknMLU5ErbBmeMbyBHwAA

43 B
479 B

243ms
97ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZXoNknMLU5ErbBmeMbyBHwAA

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0ZD8DWYQQKBJVY5CNBBW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMUwUsuNfrUqHtiliX5zrFCm6d6tjdHg7eNl3XtJB0UD1yi7N9BcFPvM6jNnF8%2BUjpCqjIM9WMba7CWK9K2j2XMys4DV73Yky%2BTaJvgm3NKvVRNM22Ldt%2BqvjOBm5RNW61PzTtnHp2upVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZXoNknMLU5ErbBmeMbyBHwAA
cache-control: no-cache
cf-ray: 8350cc74b8d54db3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58516/ Frame 09D6 0
15 B 23ms
18ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=cImR-bPDQrykratRn_dheg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:22 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
capi.connatix.com/us/ Frame 09D6 82 B
82 B 105ms
58ms Image
image/gif 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?pId=32&puId=vXmlyQxEQc6be48kAwLNSQ&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DconnatixHMT%26id%3D%7BpuId%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 8350cc74aab2377c-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=fa686c93bffe4253a784603bee6e5ae3

43 B
479 B

134ms
103ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=fa686c93bffe4253a784603bee6e5ae3

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XSC7EK0A6Y6TMKPJ2NBT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=fa686c93bffe4253a784603bee6e5ae3
date: Wed, 13 Dec 2023 20:01:22 GMT
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

128ms
99ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EGGK67M3K35VZ5H0RKPR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 13 Dec 2023 20:01:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 0b2ae559ee268e62d32798bba4c8c014.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=HHKRJC9C9BPXZTV4G6F4:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: HHKRJC9C9BPXZTV4G6F4
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: obwXDgTws1O2fTk1bCOb-jmehSJyiDYixQnOjZ83o5MpUOcyW-JpZw==

GET
H2 200 match
match.360yield.com/ Frame 09D6 43 B
199 B 180ms
39ms Image
image/gif 54.72.153.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.72.153.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-153-232.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 13 Dec 2023 20:01:22 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 pixel.gif
usersync.samplicio.us/amazon/ Frame 09D6 0
186 B 125ms
99ms Image
text/plain 18.158.243.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.243.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-243-75.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:22 GMT
x-ratelimit-remaining: 0
location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
cache-control: no-cache, no-store, must-revalidate
x-ratelimit-reset: 0
x-ratelimit-limit: 0
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=12466ae0878f5be84

43 B
479 B

102ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=12466ae0878f5be84

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3GTVM3N046GNY93K83HB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 13 Dec 2023 20:01:22 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=12466ae0878f5be84
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
critical-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=35BQuIuvQbeEFu6LpjsbHA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=35BQuIuvQbeEFu6LpjsbHA

43 B
479 B

198ms
106ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=35BQuIuvQbeEFu6LpjsbHA

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KBBB7V69DP4AHJKVRKJT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=35BQuIuvQbeEFu6LpjsbHA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=3Zjk9B4lS6CQW_Qa40WHgg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=65945473761081610271038628595960236268

43 B
479 B

284ms
100ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=65945473761081610271038628595960236268

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VRGBYETT3Z92TBRE8M0F
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

dcs: dcs-prod-irl1-1-v054-026f8435a.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Wed, 13 Dec 2023 20:01:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: 27PcM6nMTyI=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=65945473761081610271038628595960236268
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 v2
odr.mookie1.com/t/ Frame 09D6 42 B
204 B 48ms
16ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=fVHTUpv2R-yYKe4RNYikjw
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:22 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=2267508667466472261

43 B
479 B

115ms
115ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=2267508667466472261

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EAT9R013VPFP3QQDR6SX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=2267508667466472261
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2235ee9a10-dc72-40f4-a3e7-252486478c3e%22,%22Time%22:%2220231213T200122.932091%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=35ee9a10-dc72-40f4-a3e7-252486478c3e

43 B
479 B

107ms
107ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=35ee9a10-dc72-40f4-a3e7-252486478c3e

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7HR4QC1NCZ3YFNXDJJ2F
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=35ee9a10-dc72-40f4-a3e7-252486478c3e
Server: LogModule 0.6
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=amazon-na-23&gdpr=0
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr=0&domid=1109
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx&google_gid=CAESEKdQZnZqgd0bQff-PjN_Ydw&google_cver=1
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEKdQZnZqgd0bQff-PjN_Ydw&gdpr=0&action=GET_ID&etid=&domid=1109
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3287944669099993142&opid=apx&ops=&utidl=tech:goo:CAESEKdQZnZqgd0bQff-PjN_Ydw&gdpr=0&action=GET_ID&etid=&domid=1109
https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-60498489467&gdpr=0

43 B
479 B

106ms
105ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-60498489467&gdpr=0

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EPG9BYSRWRKEHA7XYBTW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-60498489467&gdpr=0
date: Wed, 13 Dec 2023 20:01:23 GMT
strict-transport-security: max-age=63072000;includeSubDomains;preload
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=LCg6oiM_GelbPlqqSNnvKjc4fB04ZgIC

43 B
479 B

185ms
109ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=LCg6oiM_GelbPlqqSNnvKjc4fB04ZgIC

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 05XHZQS79NHX5KMVV2D9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLeY3NquzNEItrso%2F9MHLDT%2FprboJ6%2BJnC9Vj0ijkNpxEt5VVTaS9rPZGV5rOgY0KGizgkqf%2BE948fGVLKfMmKIUq%2FaIcVl%2FAnbz17wEHWif6zJAe1NgqEiG4mfu1TDR8Ydr2x9g8O22HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=index&id=LCg6oiM_GelbPlqqSNnvKjc4fB04ZgIC
cache-control: no-cache
cf-ray: 8350cc758a1d4db3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 amazon
crb.kargo.com/api/v1/dsync/ Frame 09D6 43 B
374 B 56ms
7ms Image
image/gif 18.196.74.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/amazon?exid=k_kh1nVtRXudgWTDt2moxg&r=https://s.amazon-adsystem.com/ecm3?ex=KargoHMT&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.74.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-74-146.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:23 GMT
x-accel-expires: 0
vary: Origin
x-rejected: consent
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=3287944669099993142&ex=appnexus.com

43 B
479 B

106ms
106ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=3287944669099993142&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PYS081ZQQEA1FPPJQMRW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:22 GMT
an-x-request-uuid: e7b0487a-5d6e-472a-8975-d9cc7be63927
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s.amazon-adsystem.com/ecm3?id=3287944669099993142&ex=appnexus.com
x-proxy-origin: 45.141.152.73; 45.141.152.73; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 09D6 0
225 B 90ms
25ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=eV-w6lkmSveyul_QBwZ4pw&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 13 Dec 2023 20:01:22 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=1g44lhspAeAjAV5Rxat1M8WWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

43 B
479 B

105ms
104ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=1g44lhspAeAjAV5Rxat1M8WWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XR40MMXPZZE2M1YAR1E2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=1g44lhspAeAjAV5Rxat1M8WWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 /
loadus.exelator.com/load/ Frame 09D6 0
324 B 57ms
7ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:23 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=EE681E0A930D7A6526008AC2021EE6B3

43 B
479 B

98ms
98ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=EE681E0A930D7A6526008AC2021EE6B3

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J7AEA174N878QP4G0DGE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 13 Dec 2023 20:01:23 GMT
server: openresty/1.21.4.1
content-type: text/html
location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=EE681E0A930D7A6526008AC2021EE6B3
access-control-allow-origin: https://www.homedepot.com
access-control-expose-headers: User-NDAT
cache-control: no-cache, private
access-control-allow-credentials: true
p3p: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
content-length: 151
expires: Wed, 13 Dec 2023 20:01:22 GMT

GET
H2 200 sync
sync-amazon.ads.yieldmo.com/ Frame 09D6 0
38 B 138ms
31ms Image
text/plain 34.248.234.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-amazon.ads.yieldmo.com/sync?pn_id=amazon&id=yKGrbrSIR5mv1czw4pvczQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DyieldmoHMT%26id%3D%7B%7Buserid%7D%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.234.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-234-146.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:23 GMT
content-length: 0

GET
H2 204 sd
us-u.openx.net/w/1.0/ Frame 09D6 0
119 B 36ms
16ms Image
image/gif 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072986&val=FgAUsHSvTNSXHk4TjkFvZw&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DopenxHMT%26id%3D%7BOPENX_RTB_USERID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:23 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=14cb9311-87b0-4df2-936b-df4a4cd5d828-tuctc739313

43 B
479 B

106ms
106ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=14cb9311-87b0-4df2-936b-df4a4cd5d828-tuctc739313

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9SGMG41XGMPGV5TTW0Y6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=14cb9311-87b0-4df2-936b-df4a4cd5d828-tuctc739313
date: Wed, 13 Dec 2023 20:01:23 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18147

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=219573204729004379744&ex=neustar.biz

43 B
479 B

108ms
108ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=219573204729004379744&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9GGM1HX9SRTRJJ4KM8YV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:23 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=219573204729004379744&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=782b3b29b17374164efffe050c084e78

43 B
479 B

101ms
101ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=782b3b29b17374164efffe050c084e78

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 69814NXPDE6N3SDEJ83C
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=782b3b29b17374164efffe050c084e78
date: Wed, 13 Dec 2023 20:01:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

101ms
101ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 76WY8DQA8XR9QGZ10R09
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Wed, 13 Dec 2023 20:01:23 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET sync
t.myvisualiq.net/ Frame 09D6 0
0

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 09D6 0
122 B 84ms
26ms Image
text/plain 188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=iEWAxIjlSSu8eZyhixcT5g&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT2&id=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-tkr5q
date: Wed, 13 Dec 2023 20:01:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58725/ Frame 09D6
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini

0
15 B

11ms
11ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini

Requested by

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini
date: Wed, 13 Dec 2023 20:01:23 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.94
content-length: 355
content-language: en

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=f7d949f8138ed23b6fc6c774f7b1bedf&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

97ms
97ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=f7d949f8138ed23b6fc6c774f7b1bedf&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QHTDEPHXXAB6RT2N6D34
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:23 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=f7d949f8138ed23b6fc6c774f7b1bedf&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1702497683185066-337

GET
H2 200 map
sync.rfp.fout.jp/ Frame 09D6 43 B
275 B 269ms
247ms Image
image/gif 35.186.196.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.rfp.fout.jp/map?dsp_id=12&uid=Rq93WfcbSjaSpFauOk4fJg
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.196.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.196.186.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:23 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
vary: Accept-Encoding
p3p: CP="ADM NOI OUR"
content-type: image/gif
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 09D6 0
338 B 109ms
31ms Image
text/plain 18.203.91.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=sM-zti5WR06GM12IKRcJCg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.91.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-91-219.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: beacon-n020-dub-prod.krxd.net
date: Wed, 13 Dec 2023 20:01:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1702497683
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 09D6 0
35 B 48ms
6ms Image
text/plain 18.193.96.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=wE4DpHXcQL5mguNBAJxVK3sW&source_user_id=mzcqZQ6HSPeBRlw0d_J_Zw
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.96.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-96-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:23 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=YcKAdr1EQ1G8PI8E_YUe3g&redirectId=2545
https://s.amazon-adsystem.com/ecm3?id=fcbc58404832aa5a7993a9faac2c988&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=YcKAdr1EQ1G8PI8E_YUe3g

43 B
479 B

111ms
111ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=fcbc58404832aa5a7993a9faac2c988&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=YcKAdr1EQ1G8PI8E_YUe3g

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MARF98KHR9ZY69SGH81C
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:23 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=fcbc58404832aa5a7993a9faac2c988&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=YcKAdr1EQ1G8PI8E_YUe3g
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1702497683221015-431

GET partner
sync.search.spotxchange.com/ Frame 09D6 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEJBFivMqQADNVjzvK7eKIIQ&google_cver=1

43 B
479 B

196ms
101ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEJBFivMqQADNVjzvK7eKIIQ&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TVJZCRVNNSASWC1X27WB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEJBFivMqQADNVjzvK7eKIIQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame 09D6 20 B
20 B 311ms
93ms Image
text/plain 34.199.164.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.164.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-164-108.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: usermatch-a014-ash-prod.krxd.net
date: Wed, 13 Dec 2023 20:01:23 GMT
content-type: text/plain; charset=utf-8
x-age: 0
content-length: 20
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=76aab1b33d683dbbbcb750f96e5c5090

43 B
479 B

108ms
108ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=76aab1b33d683dbbbcb750f96e5c5090

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3EZDK52X678TM0V64MHK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 13 Dec 2023 20:01:23 GMT
via: 1.1 24d97ac79c66f25c7df0732cb86ef322.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MUC50-C1
x-cache: Miss from cloudfront
location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=76aab1b33d683dbbbcb750f96e5c5090
content-length: 0
x-amz-cf-id: cO-Cbaw8uY2sEbQBqby99UqEVTItE8S0jzaPk7cjzr4QjhaeQp7GoA==

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 09D6 43 B
224 B 18ms
18ms Image
image/gif 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:23 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 xuid
eb2.3lift.com/ Frame 09D6 37 B
140 B 28ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=8341&xuid=hdorAlkoQg67E2kVanpacg&dongle=az46&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:01:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=C8A92B746CC444B8

43 B
479 B

102ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=C8A92B746CC444B8

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3JTX65MMCZ901A8GE7SF
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:30 GMT
frontend-id: 12
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=C8A92B746CC444B8
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=NkT8XfqyROubX_gGwUU7cg&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
479 B

100ms
100ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WEKAJ4Z91FHG7EQENGJX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 09D6
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=be0db8ac7b9e8009277325fba0f6032a78529f6e9a584398ac99d89064de6948

43 B
479 B

106ms
106ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=be0db8ac7b9e8009277325fba0f6032a78529f6e9a584398ac99d89064de6948

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Dec 2023 20:01:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5WQW7EYGNG9MXVD54F1W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 20:01:23 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=be0db8ac7b9e8009277325fba0f6032a78529f6e9a584398ac99d89064de6948
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 09D6 0
166 B 69ms
23ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=sM-zti5WR06GM12IKRcJCg&dmt=3&ex-pl-n-g-hmt=NkT8XfqyROubX_gGwUU7cg&ep=ttam_T219Ay-cPciHbT10nDcGlR5kTHZiXvxqnNEKM3UFWjwSpOh7idIySDu91RGOwqa0-uZTOVhKMbohDsGSTSJhVJg-dWrVgjgnCN8795GsZ9-uC_ClH9ejZdlZsSYUdy0unmDHNwjU2mqbamVZyuX7n9Jre9TyBK9cFZKr1qt7efquGfA6sjn1q4UiOSdEHT-LGJ_8Uu0x4xjJmx6AZbBdwaz3L8bFEg8pKYaRxrP3PZOBndm4ZmLiunctym4lA0T-tFXl07rXX7dpBW8MSaiIrLKkbD_UPc6KDfeOtARZ_8T3a-TYjITruBP-8zSaAyhpP2prsdce-inFdPFzd0AV7IFZEp8-y8-s50CKu-oEqg035FjjNB7-3IFqxqqoVNG8WC_EHZMxdfifQVJtVyHKQxcgy4MYkX4jnOGEaTyRujYOFdoEnVL75Z_MX4Bgz-kAgN9J8cTX906ZYzE2k_b_6eSPhmq8A4M1Ztf-MTyhjKfMjKLwr2BUqJkTTG1GKaNUYbpPruQfP3irqUPPWlA72mA6Wl7ERcRlRM5Nt9TQ8-NEgqOG4khSFxIn9EmWDVtnu-OQdzwxr7Csdw7uxV-KF_ktpwVsJ-P32SpjvJsPXua9vf_0KfOSACBdFozuBE9YvsGeDKT7LjsUe4xm1AmLsMMgNHe-mAiSPIouMdZUnlTclcBeJL8OweD9gZK6PgeYChAXM5pzJFW7cOVOriF_uS4hG-1ZAFubrAGlYvlvzGJd3h5GGZ_7xFtqzV7H_B79ifcZYeEHfJp4Df_NVMspIHWZQ_H3BMq8Jji-LD4WGhFQw8ScAv1wZp1eGIkrqroxf7y-kntmnjBuDeZh7RAk9CUvrHrvwhGqMNcN8EfpyGpXoMWNsdc3WfDiOxmNEgcAVsRRJEkskQPuaGFhZwANj27odv_LrHZcYWXaLrPlV4loSpp1_VRxQYT_dH8ygT2-AMXZhxRvTsHlBTWIDGiHUeCDZZeac03NSe8Z4U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 13 Dec 2023 20:01:22 GMT
content-length: 0
content-type: text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.myvisualiq.net
URL: https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

77 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 16:56:24	Name: X-AB Value: undefined
donate.sickkidsfoundation.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken_L05ERg2 Value: 4sazIDWvVjK78pqPD4IN5e9EULPSnUW9UqnMs1zdEgDDhGnLVmC72hPCFLzWK49k9hahTSVrtQlUOMsAYZL2la9akWEK8sN1kmo-2bxDiJI1
.sickkidsfoundation.com/	1970-01-21 01:39:15	Name: visid_incap_2907790 Value: ulogrp16Q9uSC2wdPQRBmo8NemUAAAAAQUIPAAAAAAB0PluYZdn9a8IxhaDeg86M
.sickkidsfoundation.com/	1969-12-31 23:59:59	Name: incap_ses_876_2907790 Value: xJyWYfO6DD3LolBRbC4oDI8NemUAAAAAlyntdNA7Zic3J2nyMFFK8g==
.sickkidsfoundation.com/	1970-01-20 19:04:33	Name: _gcl_au Value: 1.1.728784906.1702497681
.donate.sickkidsfoundation.com/	1970-01-21 02:30:57	Name: _ga Value: GA1.3.137034511.1702497681
.donate.sickkidsfoundation.com/	1970-01-20 16:56:24	Name: _gid Value: GA1.3.222295617.1702497681
.donate.sickkidsfoundation.com/	1970-01-20 16:54:57	Name: _dc_gtm_UA-66351416-1 Value: 1
.sickkidsfoundation.com/	1970-01-21 02:30:57	Name: _ga_1N3ZYKZ49X Value: GS1.1.1702497681.1.0.1702497681.0.0.0
.sickkidsfoundation.com/	1970-01-21 02:30:57	Name: _ga Value: GA1.1.137034511.1702497681
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: kWQzviN6iKk
.youtube.com/	1970-01-20 21:14:09	Name: VISITOR_INFO1_LIVE Value: DM2W1V9gPy4
.doubleclick.net/	1970-01-21 02:16:33	Name: IDE Value: AHWqTUmhI8FgltetF_Yv7HtJ6y39jQt44rpoBkNUgUp_H6g4Aw9ESOvNxinHv3nVDn8
.gumgum.com/	1970-01-21 01:40:33	Name: cs Value: true
.donate.sickkidsfoundation.com/	1970-01-21 02:30:57	Name: _ga_N87CSHY5ZB Value: GS1.3.1702497681.1.0.1702497681.60.0.0
donate.sickkidsfoundation.com/	1970-01-20 16:54:57	Name: ___utmvc Value: SkIhukUO1tSo32H4lCsbgKNvd1JZNTbiJTCTtP9OiRF6gQTLbZmRQkuFcVoQRQQPJ1uNmPZTqPa8QuL5bN+Jrq177PN7Ac+Sd+UVs2XYZZjwiqtSWEOFc94TFYkXpzDJx5C84Njb8ZMbfrBsdcg2orNUqoGpUUybXUg5n17ojqwAXbDQ+x9Vh4VXvstX5MLK7MCTBIt5EuhwIaYXg4Bk94gHJN1wUMDtnmZWIAwbkvzchk+hccPu05vKuif0YkH9xIlSE3y+51N+hs24hCXiDtCPdbjVsjZRlZq7aEyvFiM8kQIUs2P5t/PWLZPuwweHFQdRh+L3p3oiISagktrubQDi9g40APybg0mGqtJsola46QywR0j3F+IQQC2qcUEBMUJAaOgWgsNai6zEhe21UMIlAjyoLOWqxgrcQ2+32Xpj45dmSnNflXbt5B6QIPsFBLEMPyELwHhS/BW1DOFCTucow3Ys2CzTaEJx3CBP0sRXUXDlQVMd2IwexSzKcFzOOFx9JEIhAspJfVEx/xW2Q0BgtDHZcXgw12AN3ZGZBz+5yRcuAtp8dyFKmsN4qzI8Rxjv2r4JEMHIqhp/CqBdvfIzz2k+lwe4wIuCFYDSOIbVjGFFEy3NNRVCeqKBuCMnHq1J2pjNdaba3RIZWzF2pDdDFdARZM3Uhhykifsn0vVaoN+XI6VEZjPLErBSgP+eYWRzU2bpE8r2GFXevQuXI89r9f4CdacZk8Ux/mQP++0LYSfWWkV9TzMqdxcRNretyF6Tw2pMlv9ph4AsLil5BUfxUWKpndGM6ya9STtUbZKHKgdsMsFJeGrJF/Cb3G4lw6a9F9cgZk+/4AIaicSExkPoAdWJ9WPeOf+kXq391PuvfEHpGzeQ881CdrGtQetMRq2lo0GwDmqNpBx4vAUL6CwnXq7yqad7o7NnrRlvgFm6zpmRNJzu4O2mdTd1qcalW8+tByQW8xH/d/dwpcqj7ZKl+ScP3ednLt2kNBRqetakoZfMlav5OKhCcs9S/NoAoDPT8YWCgHDZhIcXtkYS4GK+cL0uJSd8nao8xlxKTJevic0ZzgFom1EF6XAujeCrrOu7RX+YF8Ug1nFpoCimDxj2PhZuPQuZeYPtgBq2nf47hnGQnqNsl5eP7tNclR3KN0f512O8OlUMpgBRMSdlSj2ye9Puxctcg3+566Qfe70Av4RBZaYBpfKIGkqoGlmC6l99kMBG6UCFL3IDK5NwEJlpWSJT9smPBnJHWtqc2L4PQVpqCGD2H4QctDzTeSiyCqut++aXL3OuB/vQiIYQPKlpRmplTVjMBJ2Kl4H/0dTVvnM3uyF4MxHzgzNHOnSmS0TJkcFq8gXQi9xWCsC/PXriw64oIGQ6FsZfl/oqPuD1YzGNb+BVeUuuQy/d+c9tNvl+JcG/7x/Kl+xf+JIGxDYlZArPPhZWW7CfqRdwqEn3d1ggIVipWZ9MA+n8SETXIjfC2rxBZS6kjTo1CJRVy7YwhG0b/Qmc00jNlV97s623nLqcG2ZLzzKWB1qkhIG3/zL1lXv81tNkmdsvtqY1MefrxMw6igVKL5BYnMyIhpetQGbBCAMeaaxAEPVX5FMtfhcSwehSn8Pqu7iT2821fF5lueCEjsxdjB5NmmsC0YnVIE9JrG+X9JFcf9ai5DHvlDE+VtWoot+A5vr0b5SAsAOgXUrXCUHwouQedIMqsOcItpbDJE95hc3LgWm4zPhgWNs2UhXLfptV8x3hj1z1vLNb1d86C0fSfliU+KlU2PT6jl0sbS3NEpDGQ0uqY9NceDB1jX7Da+eWRAw2tiNgLL1tvLn9S93cUgSQpzAWHyvHLlVOqFyg6YATP1bdMlRDlzl97Dk9WUdIMkj4JIuCxKMpbjyqfUurhEBpNzEjNddraKL3nMSNI8D8mkkQfLiIr9FROa6G+OJzCUegbcoH32OhgrZMu0t1LdBuD99UKXaI5mdY8l7TpHfnXh95OFmnpZolLoR6smKZ9EhdV9MLcZSeCNlKCJtXHLI7bsytZ2UnWYTLudDPvJSfd9Ho6ztzSzTYA1TEc5N9/n0zYOLLBtcO3D7B9n5RH3f93CmOop7mQ9230CUAHu0UsOv9jm1bka/3prjB98wiw081GFVOxhdJIupndbYjzWteRIABhl4pkol5OYGZcepLHWda5HNiCt0zmaAOitvQ6VFCZ/FHsz1f0jWzr+9ZGCfP8G4u2+EVu/8nUEfjxlTB57oLtKDY5zkYDT8PIK5wF6it8ku0vGZn15X06xh4psHko2/4kTxi054PPww0ojR0pLxxwSs5V9rD2wWYN5PfJWwOJxsfJ5gSe3Bav5pURh60XYaMXyWqYXEQ7mdxfQy2RzkkhepJxd755conN26wAqE6dUKpmKdpDWD4ASVbg+40EgRA2y5rNLz1hvT2U5NQ1rUorerdt3da80wxmvj6rdlP3Jv6hEENVFv3uODDqGu2+ZB1DUCrOONJmmOT9DpIq13kC5KYQ+Hss6OsNkvYQTyF+KTJbjDqV7Vj7+i5Mj3aCvareUx3SWdLngsUPrIPupYICbZs11A/aT0AgTtwqZj6nk4FZsMcSQYznsR6j5+IbGig0UdDEOdSqVQc5BqT8uZoSDXSEa0UmWqt4uT1nxO+jBrFs7i93JTK8kNNdOBnO0sH1qjVpqk0GtCzr/PT/y3xFO6xSMO9nsGjom7NDPQsQAkwpW0PcdNSaszCpsxJjoyyggtScRrA5d6fQWUfRHn3SDYhdI8tn8GbCgAPqzbRQj7dMheeeXDcJXiX8uEAbJ5tUZywlIKZTTzYHnI+qtN2k1v7atLwLGRpZ2VzdD0xOTQxNDIscz02MzgyOGQ3Zjk5Njc3MzdkNjdhYWEwN2I4MTgyNzg3ZDdhODg2NDZiYWI3ZDlmNjg4MDhmOGU4MThlODI5ZDY4YTY4MTc5YTc4NzhhNzE2ZQ==
.sickkidsfoundation.com/	1970-01-21 02:24:44	Name: _scid Value: 3edbe64d-547f-409b-ad0a-087d3d3b5ec2
.sickkidsfoundation.com/	1970-01-21 02:24:44	Name: _scid_r Value: 3edbe64d-547f-409b-ad0a-087d3d3b5ec2
.sickkidsfoundation.com/	1970-01-20 16:56:24	Name: _uetsid Value: 62c19cd099f211eeba9241a7f0cc9e77
.sickkidsfoundation.com/	1970-01-21 02:16:33	Name: _uetvid Value: 62c1a8e099f211eeb6f9b7d7c1a342a2
.t.co/	1970-01-21 02:30:57	Name: muc_ads Value: ad39d141-1f8c-45de-ad0e-f9ee1287082e
.twitter.com/	1970-01-21 02:30:57	Name: personalization_id Value: "v1_qyaN6Lz0semrT3XMLe/+Pg=="
.sickkidsfoundation.com/	1970-01-21 01:40:33	Name: _hjSessionUser_302599 Value: eyJpZCI6IjllNjMyYzUxLTVmZjctNTk4OS1iMGVkLTVkZGNlOWRhYTNmMSIsImNyZWF0ZWQiOjE3MDI0OTc2ODEzMzYsImV4aXN0aW5nIjpmYWxzZX0=
.sickkidsfoundation.com/	1970-01-20 16:54:59	Name: _hjFirstSeen Value: 1
.bing.com/	1970-01-21 02:16:33	Name: MUID Value: 3A8286C9808064503947952F818065D2
.sickkidsfoundation.com/	1970-01-20 16:54:59	Name: _hjIncludedInSessionSample_302599 Value: 0
.sickkidsfoundation.com/	1970-01-20 16:54:59	Name: _hjSession_302599 Value: eyJpZCI6IjgzZDMxMGM1LTI2YjMtNDQ0Mi04MTQ2LTQ2MjkwNGIxYjQxNSIsImNyZWF0ZWQiOjE3MDI0OTc2ODEzMzksImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6dHJ1ZX0=
.sickkidsfoundation.com/	1970-01-20 16:54:59	Name: _hjAbsoluteSessionInProgress Value: 1
.donate.sickkidsfoundation.com/	1970-01-21 01:40:33	Name: _pin_unauth Value: dWlkPU5tSTNaVEl4WkRVdE16QmhNeTAwTXpBNExXSTVZbVF0WkRFM05UUTNaREF4WXpRMQ
.linkedin.com/	1970-01-20 19:04:33	Name: li_sugr Value: 3a7cecb3-c806-4a0c-87b3-970105fb2b78
.linkedin.com/	1970-01-21 01:40:33	Name: bcookie Value: "v=2&ba2ac5d1-c3ba-43d9-897b-b1452afe0bc5"
.linkedin.com/	1970-01-20 16:56:24	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2699:u=1:x=1:i=1702497681:t=1702584081:v=2:sig=AQEp0iBWiQffTI6HxcyFLBozWhgRntwm"
.pinterest.com/	1970-01-21 01:40:33	Name: ar_debug Value: 1
.sickkidsfoundation.com/	1970-01-20 19:04:33	Name: _fbp Value: fb.1.1702497681380.73023335
.ct.pinterest.com/	1970-01-21 01:40:33	Name: _pinterest_ct_ua Value: "TWc9PSZKZVRaL1NZUE1QN1dZbEVSRHN2b1UwK2FHYWhqaGdseVV6WDlRaXFqOEVOQng2emlmKzhnZ0JFeXBLLzliZTBEenVwS1cySDdQRGhEaU9OaG1XMEVkaXBCTDR0M1JWbTVqMS80aGVvRE1MTT0mTnlKS2FPRG4waFFVR2NxVTdnSHFtVFYwVm5FPQ=="
.linkedin.com/	1970-01-20 17:38:09	Name: UserMatchHistory Value: AQLC-WAKKDHewAAAAYxkxQAg49h6W-wterL20nskD5b12aA-PcfMAVeUybASmvsm-wTTqn1gNdLOJQ
.linkedin.com/	1970-01-20 17:38:09	Name: AnalyticsSyncHistory Value: AQKSNyrZXaMtxgAAAYxkxQAh-kanSsBU9EFvU1YiWtqajATgLkVMmi7ZyV5Opzbqw-sUaLSxnT2ouoR7GG9dpA
.connectedinteractive.com/	1970-01-20 16:55:01	Name: 8092782a3475b91c78e512ffafa20c56_open Value: 1702497681
.www.linkedin.com/	1970-01-21 01:40:33	Name: bscookie Value: "v=1&20231213200121df7cab68-0283-4c42-80f7-d93865950547AQHN4Ch1XBYY3fY-p2PbKN-_lcDMyCer"
.linkedin.com/	1970-01-20 21:14:09	Name: li_gc Value: MTswOzE3MDI0OTc2ODE7MjswMjGkEAUoGZ+ijsiloK08jAv+v1N6mEekgCO7QdIMb1zZxA==
.demdex.net/	1970-01-20 21:14:09	Name: demdex Value: 65945473761081610271038628595960236268
.dpm.demdex.net/	1970-01-20 21:14:09	Name: dpm Value: 65945473761081610271038628595960236268
.mxptint.net/	1970-01-21 02:30:57	Name: mxpim Value: R33647_10DA4CD05_2D88FC2.1.657A0D91657A0D910000000000000000000000000000000000000000657A0D91
m.stripe.com/	1970-01-21 02:30:57	Name: m Value: 7c07c3ef-5436-413e-84cf-04ad3885767682b12f
.donate.sickkidsfoundation.com/	1970-01-21 01:40:33	Name: __stripe_mid Value: 6f4abdfd-e694-4b99-aad3-90e4fb182b7c40cfbf
.donate.sickkidsfoundation.com/	1970-01-20 16:54:59	Name: __stripe_sid Value: 11888f3b-bc81-46b4-aa60-bdce4fa3935db0ecce
.amazon-adsystem.com/	1970-01-20 21:44:24	Name: ad-id Value: A1c0uhfi2kdXtTMa5HCqa-U
.amazon-adsystem.com/	1970-01-21 02:30:57	Name: ad-privacy Value: 0
.adnxs.com/	1970-01-20 19:04:33	Name: uuid2 Value: 3287944669099993142
.casalemedia.com/	1970-01-21 01:40:33	Name: CMID Value: ZXoNknMLU5ErbBmeMbyBHwAA
.casalemedia.com/	1970-01-20 19:04:33	Name: CMPS Value: 3194
.casalemedia.com/	1970-01-20 19:04:33	Name: CMPRO Value: 3194
.adnxs.com/	1970-01-20 19:04:33	Name: anj Value: dTM7k!M4/YF7/.XF']wIg2GTvlT.wY!]tbPl1M]o$IyEVU[W6`Lc<2o@1(*cFrTpiM#$.sD?t(=csk]>@oTDS#BI7y)N[UD!!+F?)n#e2
.tremorhub.com/	1970-01-21 01:40:54	Name: tvid Value: c4052e9ee1f145c0a093735ee040d3e4
.tremorhub.com/	1970-01-21 02:30:57	Name: tv_UIAM Value: fa686c93bffe4253a784603bee6e5ae3
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1702497682_1
.serving-sys.com/	1970-01-20 17:38:09	Name: u2 Value: 35ee9a10-dc72-40f4-a3e7-252486478c3e4PU060
.adform.net/	1970-01-20 17:39:36	Name: C Value: 1
.adform.net/	1970-01-20 18:21:21	Name: uid Value: 2267508667466472261
.kargo.com/	1970-01-21 01:40:33	Name: ktcid Value: 1a82cde4-7394-0d19-54fd-035121377a18
ads.samba.tv/	1970-01-21 02:26:38	Name: sambapxid Value: 12466ae0878f5be84
.mediarithmics.com/	1970-01-21 01:40:33	Name: mics_vid Value: 60498489467
.mediarithmics.com/	1970-01-21 01:40:33	Name: mics_uaid Value: web:1:f4168148-a9db-4533-a8ee-301f9ab7fade
.mediarithmics.com/	1970-01-21 01:40:33	Name: mics_lts Value: 1702497683030
.bidswitch.net/	1970-01-21 01:40:33	Name: tuuid Value: cf21709c-01b8-4d77-b1aa-4398ce283914
.bidswitch.net/	1970-01-21 01:40:33	Name: c Value: 1702497683
.bidswitch.net/	1970-01-21 01:40:33	Name: tuuid_lu Value: 1702497683
.yahoo.com/	1970-01-21 01:40:55	Name: A3 Value: d=AQABBJMNemUCELk4qhIXjLnAQ_Z76ODieFAFEgEBAQFfe2WDZeAKyiMA_eMAAA&S=AQAAAgfBtWHoBbK44RjQubnrHBA
.agkn.com/	1970-01-21 01:40:33	Name: ab Value: 0001%3Aw%2BFC9Qf9YK9h7IaXlXkcFhj5r5AnMUZS
.ads.stickyadstv.com/	1970-01-20 17:38:09	Name: UID Value: fcbc58404832aa5a7993a9faac2c988
.ads.stickyadstv.com/	1970-01-20 17:15:07	Name: uid-bp-30833 Value: YcKAdr1EQ1G8PI8E_YUe3g
.krxd.net/	1970-01-20 21:14:09	Name: _kuid_ Value: P-RMfJxC
.ninthdecimal.com/	1970-01-21 01:40:33	Name: ndat Value: Ch5o7mV6DZPCigAms+YeAg==
.ispot.tv/	1970-01-21 02:30:57	Name: pt Value: v2:be0db8ac7b9e8009277325fba0f6032a78529f6e9a584398ac99d89064de6948\|ea1c0bf7d5b6b570c261b4f3303374e8c13e39a1d633c337388e304d9002931d
.semasio.net/	1970-01-21 01:40:33	Name: SEUNCY Value: C8A92B746CC444B8
.bluekai.com/	1970-01-20 21:18:28	Name: bku Value: b/X99J1BKZVThz9B
.bluekai.com/	1970-01-20 21:18:28	Name: bkpa Value: KJy9RQY5d02pSUHknp1tmexywlJkjsk0wVC65cOpJEBOJEJsJEJsz08CqVabqtT+RVHpKUB6jV6rRt2+JEJsjVB+10DpHZPTJEBWRZhNjV+CSu8Mqt6k1MjojYDpHYD0Ba2YuN2PPDkW9y9ZOH2a

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/250085185187976?v=2.9.138&r=stable&domain=donate.sickkidsfoundation.com(Line 137) Message: Unrecognized feature: 'attribution-reporting'.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://usermatch.krxd.net/um/v2?partner=amzn Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11336053.fls.doubleclick.net
5627812.fls.doubleclick.net
aa.agkn.com
ad.doubleclick.net
ads.connectedinteractive.com
ads.samba.tv
ads.stickyadstv.com
adservice.google.com
aep.mxptint.net
amazon.partners.tremorhub.com
analytics.twitter.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c1.adform.net
capi.annalect.com
capi.connatix.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
cookie-matching.mediarithmics.com
crb.kargo.com
ct.pinterest.com
d3htn85c6cao65.cloudfront.net
donate.sickkidsfoundation.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
js.stripe.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
m.stripe.com
m.stripe.network
match.360yield.com
match.sharethrough.com
mpp.mxptint.net
odr.mookie1.com
pi.ispot.tv
pixel.rubiconproject.com
polyfill.io
public-prod-dspcookiematching.dmxleo.com
px.ads.linkedin.com
px.gumgum.com
px4.ads.linkedin.com
q.stripe.com
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.pinimg.com
sb.scorecardresearch.com
sc-static.net
script.hotjar.com
snap.licdn.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
sync-amazon.ads.yieldmo.com
sync.rfp.fout.jp
sync.search.spotxchange.com
sync.taboola.com
t.co
t.myvisualiq.net
tags.bluekai.com
token.rubiconproject.com
tr.snapchat.com
tr6.snapchat.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.imdb.com
www.linkedin.com
www.youtube.com
x.bidswitch.net
sync.search.spotxchange.com
t.myvisualiq.net
104.18.41.104
104.244.42.131
104.244.42.197
107.154.140.65
108.138.15.119
108.138.40.243
13.107.42.14
13.248.245.213
135.84.189.37
141.226.228.48
142.250.181.230
146.75.116.157
15.197.193.217
151.101.128.176
151.101.192.84
151.101.2.132
172.64.151.101
18.153.39.189
18.158.243.75
18.173.161.79
18.173.188.94
18.193.96.13
18.196.74.146
18.198.69.109
18.203.91.219
18.66.192.125
18.66.192.58
185.64.191.210
185.89.210.101
188.65.124.66
198.47.127.19
2.19.217.66
2001:4860:4802:34::36
204.2.226.28
216.58.206.38
216.58.212.162
2600:1f18:612b:4264:4b11:4b0e:f335:7576
2600:1f18:6791:a007:ff33:52f8:797e:54a9
2600:9000:2057:8e00:19:7d10:bd80:93a1
2606:4700::6811:180e
2607:ae80:192:1::173
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9d
2a02:26f0:3500:16::215:1490
2a02:26f0:3500:795::1931
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:e00::282
3.218.221.252
3.64.21.223
3.75.62.37
34.160.236.64
34.197.233.111
34.199.164.108
34.248.234.146
35.186.196.148
35.190.43.134
35.244.159.8
37.157.4.29
38.68.201.140
52.10.76.194
52.212.56.60
52.214.242.160
52.46.151.131
54.187.119.242
54.194.188.15
54.36.150.187
54.72.153.232
54.93.159.119
69.173.144.139
77.243.51.121
81.17.55.173
99.84.88.2
99.84.88.4
04c6083a9781b397d0b570f97154a3fa61aac68dfba173617e5a6351786b7470
05e82e160e777ed45062a66007e1e5c9b76884aeb16ccf36d545637e48132548
088f510384e2eb77874a15c115f500d75eb31fc0e2128e71b092231591f7b432
0a0cd0f1dd7bdee1b172775acc6fa5463dd680646b1a6c9f43fcd3fd27c50ebb
167ee4702e76b96cfe396221bef5630f2182e4148a3406c303992ab2f44c357a
1a23b6afc48e437715afac36afe5c9a1d374cd1283a8b675de5b720dc52314b0
1c758e1219fce44244bd475b915647e455c31c02dad57d5b1f61c89f7fcf0440
2d940850e2a211d5455d10ac1fe2d4c40b2f5a309798d573aa97f29af2f1a832
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31d65b141bbeeae253df4e293fd31152429f89eade3c2e0eb7f6c665e1d34310
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
45329efb6cbf7446dc239f76a7546ffb0f4c51afd40b1e703b6c67d10674d72c
45a08a3ddcc4e278b52211ff04ad956858b750d0e4840d236b5cac88450f7769
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb91cfba09c92e3b6a92ae9c51418224ae9fc015e9a45376549d5447ddd75bd
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5606536121ff46d9ce671f35bbbd9c6c6a2dab83fcd8af126ddc9e229bfb55e7
56a8d9fc61a7b9778856986772477f668375ded84572ddcc7b60e266480c8f8e
56f2d01b138f8c4f155627570f5f8ca611aad6b9077f31ed71cb4d621735073c
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e8245f74bb3b5a6a427cb68b028830456233ea1e669bf9582a84dd9ca9ab255
60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb
61635401ee13198fc2df0a82d7273cdd5270ffb006831359031f3b1834e0083e
62cca83ad6173090b97f077785c4fbd7c538aa0e8777950ab9f2827a9fe2dab8
6ada98a3a91822b5e0f1a0523c302abcb41a512142e6cf92f61e598db9095961
724ebffa106002922ed48da790249e3bc02db9ca19aa14aa197efe6a8d07a03e
79461a2356dfc7179b5ad9c3725050028645f29f491cfc99d567018a4fc20891
7be4e81e47d10f994fe3ef4a926d38c555b719e06f8ce070ed1964d6198a4db2
8493cdda94c825474c03c4d0c70d4a9d33ad28a203f35179226e1600c4179c12
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86617d567e853c5cc9cd035ae582ada964eef8fdb70529de3b2786e667eea484
8685aec0f6d77f9e32fbbee5153d339ea406f340a4439c2e32e77ae1094f0830
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d4e6d22c2920fc8ced60af772db5d9f6fbbbc7581d0347982ac02ff07b5e802
8f13e78b41d11df22721b7f1a0949c93f69dbf909022472b2d49f2b9d44a06bf
93417276accf894049920c795869ca4a6c3c02415f7f949fd9e6a7cb3426918c
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a54c0f0abc017f802b8a68c2233d679d4a302a322b196116b4d03b015e66fec
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6e5c039a5419a555da7a580f6b25584c3fcaa3bba577f3154d0690e13e21002
ca767e8a29ac41afbf8ed2c0702af321b3e819427479c8e63aa12982023aa0ed
cc00ce4e9c1acb92bb520d7f57cff3386e045c20d5a7ca92e08b9be6e70306fa
cd3a316f9e24473d9722aa61ee28fcc95d0ab9ecf1f3e24da2d3da7f723eb36b
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d53feddb0cce9f638d733984b3c36715c17860ca6537e608f41d4f09a7dab54b
d58e83a2e1a2f25c00b2998f2c146b620a881e495a49850c15c620f980d5b1bb
dad13c6e2c16b9f2159217a6924c38cdb06f2c0a334beff2c50d99d0c621b3db
db248e718106b48bfffe3917ec0bc3085c9a5d87fe6a4b697dd9a1055240c400
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e0a160e5609ebc9bc7356f9ba5cc23a403f7663e2abfa099e7c0bc7d56d27a87
e253b5fd8682ec36a015b562051a3e703c8154379885cf0e6e0cb8c475ef40dc
e30961a70de9127492565588c69e50a898082c94048d7702a9df249572981dd6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62906e2e50011b64e339f6fc5989d088ce29b8f380d721ad61e7d62172163e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
f7d79f6ccba3abe91e2d95db7ad3bee3ceb00b3c55fba829234a6648d5836c76
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fc8ad0445a2711a3062525b11316152e739dc01f73fa26e46d851cf43db2ae7e

donate.sickkidsfoundation.com Open in urlscan Pro 107.154.140.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

152 Requests

80 %HTTPS

27 %IPv6

71 Domains

93 Subdomains

61 IPs

11 Countries

2057 kBTransfer

5589 kBSize

77 Cookies

5 Outgoing links

Redirected requests

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

donate.sickkidsfoundation.com Open in urlscan Pro
107.154.140.65 Public Scan

Screenshot
Live screenshot

Full Image

152
Requests

80 %
HTTPS

27 %
IPv6

71
Domains

93
Subdomains

61
IPs

11
Countries

2057 kB
Transfer

5589 kB
Size

77
Cookies

152 HTTP transactions
0 data transactions