color-kinder.com Open in urlscan Pro
2a03:6f00:6:1::57f9:2b81 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://color-kinder.com/
Effective URL:
https://color-kinder.com/
Submission: On December 09 via manual (December 9th 2022, 1:40:55 pm UTC) from PL — Scanned from DE

Summary HTTP 132 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 20 domains to perform 132 HTTP transactions. The main IP is 2a03:6f00:6:1::57f9:2b81, located in Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is color-kinder.com.
TLS certificate: Issued by R3 on October 1st 2022. Valid for: 3 months.

This is the only time color-kinder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 37	2a03:6f00:6:1... 2a03:6f00:6:1::57f9:2b81	9123 (TIMEWEB-AS) (TIMEWEB-AS)
8	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2 20	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2 2	35.157.182.139 35.157.182.139	16509 (AMAZON-02) (AMAZON-02)
9	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:d648:86cf:755a:6dbf	16509 (AMAZON-02) (AMAZON-02)
132	21

37 2a03:6f00:6:1::57f9:2b81 (Russian Federation) 1 redirects

ASN9123 (TIMEWEB-AS, RU)

color-kinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.182.139 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-182-139.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.154.237 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:d648:86cf:755a:6dbf (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	color-kinder.com 1 redirects color-kinder.com	313 KB
33	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	515 KB
28	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 static.doubleclick.net — Cisco Umbrella Rank: 199 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	844 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	70 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	121 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 415	4 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 677	2 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36 ajax.googleapis.com — Cisco Umbrella Rank: 300	33 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	141 KB
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1473	487 B
2	agkn.com 2 redirects d.agkn.com — Cisco Umbrella Rank: 634	1 KB
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 630	925 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8575	914 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1505	297 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 904	356 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 308	461 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 837	701 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2554	347 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
132	20

	Domain	Requested by
37	color-kinder.com	1 redirects color-kinder.com
20	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	pagead2.googlesyndication.com	color-kinder.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com color-kinder.com googleads.g.doubleclick.net
9	cm.g.doubleclick.net	googleads.g.doubleclick.net
9	static.doubleclick.net	googleads.g.doubleclick.net
8	www.googletagmanager.com	color-kinder.com
4	ssum-sec.casalemedia.com	4 redirects
4	image6.pubmatic.com	4 redirects
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	color-kinder.com googleads.g.doubleclick.net
2	rtb.openx.net	googleads.g.doubleclick.net
2	d.agkn.com	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	color-kinder.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
132	26

This site contains no links.

Subject Issuer	Validity	Valid
color-kinder.com R3	`2022-10-01` - `2022-12-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://color-kinder.com/
Frame ID: 46819253E3DB5007CC19453A84BD5A5F
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
Frame ID: B117323046664D03042A8D3360CB5B0F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974151996320664&output=html&adk=1812271804&adf=3025194257&lmt=1670593251&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fcolor-kinder.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670593250779&bpp=125&bdt=192&idt=368&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4163446754292&frm=20&pv=2&ga_vid=341998924.1670593251&ga_sid=1670593251&ga_hid=696020254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777948%2C44779957%2C31071262%2C21065725&oid=2&pvsid=3601703983653490&tmod=115087075&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=391
Frame ID: 2342B3E9FF17842962E15AD3230E5FBE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974151996320664&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1182920990~rp.3&daaos=1670547687800&w=1200&fwrn=4&fwrnh=100&lmt=1670593252&rafmt=1&to=qs&pwprc=5458882937&format=1200x280&url=https%3A%2F%2Fcolor-kinder.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670593252100&bpp=3&bdt=1513&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98a6a29d147439bd-22db383c6cd80071%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_MaraLA_2yv2qzrxlA6V6-E-cfLgBg&gpic=UID%3D00000b8fb79227c3%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_Mbo9RCU26DhqJtrQKpb6fkFBoEUWA&prev_fmts=0x0&nras=2&correlator=4163446754292&frm=20&pv=1&ga_vid=341998924.1670593251&ga_sid=1670593251&ga_hid=696020254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777948%2C44779957%2C31071262%2C21065725&oid=2&pvsid=3601703983653490&tmod=115087075&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sxVBubSqz7&p=https%3A//color-kinder.com&dtd=24
Frame ID: BF551797F3D5720492FE891FE336FDF5
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974151996320664&output=html&h=280&adk=1418185256&adf=1523758184&pi=t.aa~a.4052609321~rp.4&daaos=1670547687800&w=1200&fwrn=4&fwrnh=100&lmt=1670593252&rafmt=1&to=qs&pwprc=5458882937&format=1200x280&url=https%3A%2F%2Fcolor-kinder.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670593252100&bpp=1&bdt=1513&idt=1&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98a6a29d147439bd-22db383c6cd80071%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_MaraLA_2yv2qzrxlA6V6-E-cfLgBg&gpic=UID%3D00000b8fb79227c3%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_Mbo9RCU26DhqJtrQKpb6fkFBoEUWA&prev_fmts=0x0%2C1200x280&nras=3&correlator=4163446754292&frm=20&pv=1&ga_vid=341998924.1670593251&ga_sid=1670593251&ga_hid=696020254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777948%2C44779957%2C31071262%2C21065725&oid=2&pvsid=3601703983653490&tmod=115087075&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Z6AdOLps9y&p=https%3A//color-kinder.com&dtd=35
Frame ID: 4F90DCC647EADB0FC0E03622E572893C
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Frame ID: 33E04C8773CB3E5F53EDBE039634D0FB
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 587CA295FB675743D7B386D4911F2580
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 986FD5B84DE1FDA52BBAA096F506D5A7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 93F87DDCEA99754C3469DBF15D05F5C2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 899AC44793218F7C94FEF28523092EF3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: E6BE214DA39C829D1309A2918596BF5D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 3C3659BAA8EFB434181758ADA302A3D2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A1A51885D5855A152CAED07E0A229699
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B07F9D005887176A090DEFCAE0F75D2D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ausmalbilder für Jungen und Mädchen. Drucken Ausmalbilder können absolut kostenlos sein.

Page URL History Show full URLs

http://color-kinder.com/ HTTP 301
https://color-kinder.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

132
Requests

92 %
HTTPS

71 %
IPv6

20
Domains

26
Subdomains

21
IPs

4
Countries

2043 kB
Transfer

3853 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://color-kinder.com/ HTTP 301
https://color-kinder.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 83

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCE48amKxCABBiABDIIOcAyd9B1F6w HTTP 301
https://tpc.googlesyndication.com/simgad/16144437581461410148

Request Chain 98

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCE48amKxCABBiABDIIOcAyd9B1F6w HTTP 301
https://tpc.googlesyndication.com/simgad/16144437581461410148

Request Chain 107

https://d.agkn.com/pixel/2175/?google_gid=CAESEKjnBI1ZYt-DoisDoK5eFOk&google_cver=1&google_push=ASkJ3Fadk7Q_2drSzIoH7gcyOTDHLNlwItQT7bN45aeImB-Z8NomelyoXr8YiUtVY15j15kmG0rtGxaszv4ET4SLTh3RWgZ_9wJ4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3Fadk7Q_2drSzIoH7gcyOTDHLNlwItQT7bN45aeImB-Z8NomelyoXr8YiUtVY15j15kmG0rtGxaszv4ET4SLTh3RWgZ_9wJ4&google_hm=Q0FFU0VLam5CSTFaWXQtRG9pc0RvSzVlRk9r

Request Chain 109

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIunm8WlAuSbgVOTX-gsNCA&google_cver=1&google_push=ASkJ3FY3U5DoGOsxJgRWbf0gJc213-JPbJjTOrh1nGZigMmW3l590Q68rkxPJFvedjL09n6KuTpwm4CkIQEFYQMytwFlWgkCNhNG HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIunm8WlAuSbgVOTX-gsNCA&google_cver=1&google_push=ASkJ3FY3U5DoGOsxJgRWbf0gJc213-JPbJjTOrh1nGZigMmW3l590Q68rkxPJFvedjL09n6KuTpwm4CkIQEFYQMytwFlWgkCNhNG&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KiYgxKoYSP2eDQ9K7-8r8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FY3U5DoGOsxJgRWbf0gJc213-JPbJjTOrh1nGZigMmW3l590Q68rkxPJFvedjL09n6KuTpwm4CkIQEFYQMytwFlWgkCNhNG

Request Chain 110

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHouyBNcRM2gw7WQSHxebBs&google_cver=1&google_push=ASkJ3FbVfbzeRmmK05hptPNEtd6FvfsA9X_6dJplhdhgrycvkm2UhLd8Ib6K6InI0ybmJeBCIamyvbPmk316bgFEShGuI2keAXvH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHSzM4MDktMTctR1VSSg==&google_push=ASkJ3FbVfbzeRmmK05hptPNEtd6FvfsA9X_6dJplhdhgrycvkm2UhLd8Ib6K6InI0ybmJeBCIamyvbPmk316bgFEShGuI2keAXvH

Request Chain 111

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAWNMunE6GX5m99JChCZqLc&google_cver=1&google_push=ASkJ3FZCOtiKSV9RdCtG-mZYxLD4zy8DtGmA1RJAIr_dNFXfcIdRqHDDl2VX7O-4GzWxmOLHgzLFJgiE5JT5xNfyrc32sJWOj50G HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAWNMunE6GX5m99JChCZqLc&google_push=ASkJ3FZCOtiKSV9RdCtG-mZYxLD4zy8DtGmA1RJAIr_dNFXfcIdRqHDDl2VX7O-4GzWxmOLHgzLFJgiE5JT5xNfyrc32sJWOj50G&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAWNMunE6GX5m99JChCZqLc&google_hm=Y5M65dZ-ik9t9L6sdA4jZAAAFCEAAAAB&google_nid=index&google_push=ASkJ3FZCOtiKSV9RdCtG-mZYxLD4zy8DtGmA1RJAIr_dNFXfcIdRqHDDl2VX7O-4GzWxmOLHgzLFJgiE5JT5xNfyrc32sJWOj50G

Request Chain 115

https://d.agkn.com/pixel/2175/?google_gid=CAESEMFXL2poPfyQp3BxL5-4JAE&google_cver=1&google_push=ASkJ3FabTiSsD2dFc2Kv_1Hf4OTk6peUO_Oi2HFoF2Pr_oXg_ku0KOtukDJ0ZpLm-UnMCr0fpN72T0UQqDtuhnqioRRNBalFAYje7A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FabTiSsD2dFc2Kv_1Hf4OTk6peUO_Oi2HFoF2Pr_oXg_ku0KOtukDJ0ZpLm-UnMCr0fpN72T0UQqDtuhnqioRRNBalFAYje7A&google_hm=Q0FFU0VNRlhMMnBvUGZ5UXAzQnhMNS00SkFF

Request Chain 118

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHedryJbuTqGaulnno5pvFg&google_cver=1&google_push=ASkJ3Fa8AEMgjQ372BwTkXF75m6_o4cN6-wNIP0smiL_oyRTlMj3n8IHNih9e69J1su4R5fAtPU_01ekDPe2MqZMcVoYjseYytgxbg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHedryJbuTqGaulnno5pvFg&google_cver=1&google_push=ASkJ3Fa8AEMgjQ372BwTkXF75m6_o4cN6-wNIP0smiL_oyRTlMj3n8IHNih9e69J1su4R5fAtPU_01ekDPe2MqZMcVoYjseYytgxbg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EeLk6CKWQEm4c9hTypKpiA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Fa8AEMgjQ372BwTkXF75m6_o4cN6-wNIP0smiL_oyRTlMj3n8IHNih9e69J1su4R5fAtPU_01ekDPe2MqZMcVoYjseYytgxbg

Request Chain 119

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGaKixspyJkGy5K0z0vfmpc&google_cver=1&google_push=ASkJ3FYUnBpzGrVRjHrbMN9r0opnzJVtfKl1BEIyJ5dW1nGFjyxVyUTAKCav3xRsN_ct0Yyq3AKSbkcXqlOExaQsNBWH9FrN6Fdwng HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGaKixspyJkGy5K0z0vfmpc&google_push=ASkJ3FYUnBpzGrVRjHrbMN9r0opnzJVtfKl1BEIyJ5dW1nGFjyxVyUTAKCav3xRsN_ct0Yyq3AKSbkcXqlOExaQsNBWH9FrN6Fdwng&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGaKixspyJkGy5K0z0vfmpc&google_hm=Y5M65dZ-ik9t9L6sdA4jZAAAFCEAAAAB&google_nid=index&google_push=ASkJ3FYUnBpzGrVRjHrbMN9r0opnzJVtfKl1BEIyJ5dW1nGFjyxVyUTAKCav3xRsN_ct0Yyq3AKSbkcXqlOExaQsNBWH9FrN6Fdwng

132 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
color-kinder.com/
Redirect Chain

http://color-kinder.com/
https://color-kinder.com/

31 KB
6 KB

383ms
256ms

Document
text/html

2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 0f810d5b5f15f7400907bba82c4a90531663946e94d7bb27c6a114ff280f33d3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 13:40:50 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.22.1
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 169
Content-Type: text/html
Date: Fri, 09 Dec 2022 13:40:50 GMT
Location: https://color-kinder.com/
Server: nginx/1.22.1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
70 KB 75ms
22ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JBG0ND5ELC

Requested by

Host: color-kinder.com
URL: https://color-kinder.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24c244818eca2b2fb2ab81f4cb9005075faad2230df0dd4cda9d8cd45406ece4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71164
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Dec 2022 13:40:50 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 99ms
56ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2974151996320664

Requested by

Host: color-kinder.com
URL: https://color-kinder.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2b9415e8be863351b5b793891fc1c967bab56a7f784a09f1350d36430ccb4f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://color-kinder.com/
Origin: https://color-kinder.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49358
x-xss-protection: 0
server: cafe
etag: 11375991128571545669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 13:40:50 GMT

GET
H2 200 style2.css
color-kinder.com/css/ 274 KB
22 KB 136ms
130ms Stylesheet
text/css 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://color-kinder.com/css/style2.css
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 09bf2d199a361b91c721cd94c13af329475b1e8bf8e35030a2665abd3c0a1f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
content-encoding: gzip
last-modified: Wed, 19 Jan 2022 14:49:05 GMT
server: nginx/1.22.1
etag: W/"61e824e1-44929"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 47ms
17ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap

Requested by

Host: color-kinder.com
URL: https://color-kinder.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe4ded55789f78204754a353d124951e36b60128ca671450e55b5f328927f786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 13:40:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 13:26:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 13:40:50 GMT

GET
H2 200 magnific-popup.css
color-kinder.com/css/ 5 KB
2 KB 136ms
131ms Stylesheet
text/css 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://color-kinder.com/css/magnific-popup.css
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 8718930f8725af60b8bc8a4e820075e7ba636cd9a92861cd762a27f9b6949eef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
content-encoding: gzip
last-modified: Sat, 20 Nov 2021 20:49:06 GMT
server: nginx/1.22.1
etag: W/"61995f42-1239"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 jquery.fancybox.css
color-kinder.com/fancybox/ 17 KB
4 KB 137ms
132ms Stylesheet
text/css 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://color-kinder.com/fancybox/jquery.fancybox.css
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 3fc93cc3f2dec261a4dbd670cfcf476a15f759d6b9066f30bb65e4082d032fdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 18:50:20 GMT
server: nginx/1.22.1
etag: W/"619d37ec-4404"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 slick-theme.css
color-kinder.com/css/ 2 KB
834 B 137ms
133ms Stylesheet
text/css 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://color-kinder.com/css/slick-theme.css
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 8bb7ce6130944e498f9fa89f78e31f86c81b142d334cb885a211c5ada9d940b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
content-encoding: gzip
last-modified: Sat, 20 Nov 2021 20:49:06 GMT
server: nginx/1.22.1
etag: W/"61995f42-83b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 slick.css
color-kinder.com/css/ 1 KB
724 B 138ms
134ms Stylesheet
text/css 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://color-kinder.com/css/slick.css
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: a2891206822d93cafcc70e0e4001fa25bbbae6407e965dddc01507de6e013a1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
content-encoding: gzip
last-modified: Sat, 20 Nov 2021 20:49:06 GMT
server: nginx/1.22.1
etag: W/"61995f42-581"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: color-kinder.com
URL: https://color-kinder.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 20:15:05 GMT

GET
H2 200 share.js Show response
color-kinder.com/js/ 4 KB
1 KB 139ms
135ms Script
application/x-javascript 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://color-kinder.com/js/share.js
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: b171516ef599b22c1e6a59781d1eb02a97930a05b9b54c97f33d360c4adfdf83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 18:50:50 GMT
server: nginx/1.22.1
etag: W/"619be68a-edc"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 jquery.fancybox.min.js Show response
color-kinder.com/fancybox/ 67 KB
22 KB 194ms
190ms Script
application/x-javascript 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://color-kinder.com/fancybox/jquery.fancybox.min.js
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 18:50:20 GMT
server: nginx/1.22.1
etag: W/"619d37ec-10a9d"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
color-kinder.com/js/ 20 KB
7 KB 195ms
192ms Script
application/x-javascript 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://color-kinder.com/js/jquery.magnific-popup.min.js
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 18:50:50 GMT
server: nginx/1.22.1
etag: W/"619be68a-4ef8"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 slick.min.js Show response
color-kinder.com/js/ 42 KB
10 KB 195ms
192ms Script
application/x-javascript 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://color-kinder.com/js/slick.min.js
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 18:50:50 GMT
server: nginx/1.22.1
etag: W/"619be68a-a76f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 modals.min.js Show response
color-kinder.com/js/ 336 B
524 B 196ms
193ms Script
application/x-javascript 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://color-kinder.com/js/modals.min.js
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 553441ee97cf388b63759b9a8884b57ff460f7023a46e52f58c93adeead13903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
last-modified: Mon, 22 Nov 2021 18:50:50 GMT
server: nginx/1.22.1
etag: "619be68a-150"
content-type: application/x-javascript
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 336
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 slider.min.js Show response
color-kinder.com/js/ 987 B
1 KB 197ms
194ms Script
application/x-javascript 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://color-kinder.com/js/slider.min.js
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: f1c58ac49804cae55c76340b31bb4d66834088287bcc040016df8f94f1df1bd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
last-modified: Mon, 22 Nov 2021 18:50:50 GMT
server: nginx/1.22.1
etag: "619be68a-3db"
content-type: application/x-javascript
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 987
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 scriptynd.min.js Show response
color-kinder.com/js/ 7 KB
2 KB 197ms
195ms Script
application/x-javascript 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://color-kinder.com/js/scriptynd.min.js
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 1fbcecd06dc39fc6b256822fabe389df05047b7cfdc1022013a9bb0f79e09fd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 20:23:18 GMT
server: nginx/1.22.1
etag: W/"619d4db6-1b9a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 pdopage.min.css
color-kinder.com/assets/components/pdotools/css/ 163 B
340 B 137ms
135ms Stylesheet
text/css 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://color-kinder.com/assets/components/pdotools/css/pdopage.min.css
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 53f0a562b8304a0e078c7bd102027a0ed7a83c09b910f6266b48bd54086726f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
last-modified: Sat, 20 Nov 2021 19:38:46 GMT
server: nginx/1.22.1
etag: "61994ec6-a3"
content-type: text/css
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 163
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 germany.png
color-kinder.com/img/language/ 202 B
380 B 62ms
62ms Image
image/png 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/img/language/germany.png
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: bf00f3f78e85d9383ce48d648f1bb1a86d5a8793b218642a5041da6ba7dd3dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
last-modified: Mon, 22 Nov 2021 18:46:27 GMT
server: nginx/1.22.1
etag: "619be583-ca"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 202
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 germany.webp
color-kinder.com/img/language/ 246 B
425 B 64ms
61ms Image
image/webp 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/img/language/germany.webp
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 3fa766dc6cbb8b6070bab2860e03dbfd1874aa8431cc8cfe1eadec54ae93f0f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
last-modified: Mon, 22 Nov 2021 18:46:27 GMT
server: nginx/1.22.1
etag: "619be583-f6"
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 246
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 pdopage.min.js Show response
color-kinder.com/assets/components/pdotools/js/ 5 KB
2 KB 62ms
62ms Script
application/x-javascript 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://color-kinder.com/assets/components/pdotools/js/pdopage.min.js
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 65a045b7d9884422bff24ff6c709676203aa8bec61e6590773247baf6c1f30c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
content-encoding: gzip
last-modified: Sat, 20 Nov 2021 19:38:46 GMT
server: nginx/1.22.1
etag: W/"61994ec6-1306"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Mon, 09 Jan 2023 13:40:50 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 43ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JBG0ND5ELC&gtm=2oebu0&_p=696020254&cid=341998924.1670593251&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670593250&sct=1&seg=0&dl=https%3A%2F%2Fcolor-kinder.com%2F&dt=Ausmalbilder%20f%C3%BCr%20Jungen%20und%20M%C3%A4dchen.%20Drucken%20Ausmalbilder%20k%C3%B6nnen%20absolut%20kostenlos%20sein.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JBG0ND5ELC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 13:40:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://color-kinder.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a
www.googletagmanager.com/ 0
59 B 25ms
22ms Image
text/html 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-JBG0ND5ELC&cv=1&v=3&t=t&pid=843601233&rv=bu0&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACAAIA&h=Ag&tc=6&dl=color-kinder.com%2F&tdp=G-JBG0ND5ELC;78128499;0;0;0&z=0

Requested by

Host: color-kinder.com
URL: https://color-kinder.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 td
www.googletagmanager.com/ 0
128 B 31ms
29ms Image
image/gif 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-JBG0ND5ELC&cv=1&v=3&t=t&pid=843601233&rv=bu0&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACAAIA&h=Ag&tc=6&dl=color-kinder.com%2F&tdp=G-JBG0ND5ELC;78128499;0;0;0&z=0
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 13:40:50 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 33ms
30ms Image
text/html 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-JBG0ND5ELC&cv=1&v=3&t=t&pid=843601233&rv=bu0&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAACAAIA&h=Ag&tc=6&tr=1ccdemoutboundclick.1ccdempageview.1ccdconversionmarking.1setproductsettings.1ogtgooglesignals&ti=2ccdemoutboundclick.2ccdempageview.2ccdconversionmarking.2setproductsettings.2ogtgooglesignals&z=0

Requested by

Host: color-kinder.com
URL: https://color-kinder.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 33ms
31ms Image
text/html 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-JBG0ND5ELC&cv=1&v=3&t=t&pid=843601233&rv=bu0&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAAACAAIA&h=Ag&tc=6&tr=1gct&ti=1gct&z=0

Requested by

Host: color-kinder.com
URL: https://color-kinder.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 34ms
31ms Image
text/html 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-JBG0ND5ELC&cv=1&v=3&t=t&pid=843601233&rv=bu0&es=1&e=gtag.config&eid=4&u=AAAAAAAAAAAAACCAAIA&h=Ag&tc=6&epr=1G.2G&z=0

Requested by

Host: color-kinder.com
URL: https://color-kinder.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
40 B 35ms
33ms Image
text/html 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-JBG0ND5ELC&cv=1&v=3&t=t&pid=843601233&rv=bu0&e=gtm.init&eid=0&u=AAAAAAAAAAAAACCAAIA&h=Ag&tc=6&tr=5ccdemoutboundclick.5ccdempageview.5ccdconversionmarking.5setproductsettings.5ogtgooglesignals&ti=2ccdemoutboundclick.2ccdempageview.2ccdconversionmarking.2setproductsettings.2ogtgooglesignals&z=0

Requested by

Host: color-kinder.com
URL: https://color-kinder.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ 355 KB
117 KB 93ms
75ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2974151996320664&plah=color-kinder.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2974151996320664

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b512fec2fe7353e96309756a88f02c3830ce2a273a1a6bfddb97ecb8c4a8554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119788
x-xss-protection: 0
server: cafe
etag: 3899227578588362037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 13:40:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/ Frame B117 10 KB
5 KB 36ms
7ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2974151996320664

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://color-kinder.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55420
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 22:17:10 GMT
etag: 10353107486223812946
expires: Thu, 22 Dec 2022 22:17:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 france.svg
color-kinder.com/img/language/ 769 B
951 B 63ms
62ms Image
image/svg+xml 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/img/language/france.svg
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/css/style2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 0f42d56e63009cb9f859b1be231021a9f67b8790c78308dd323df0a3cbff7be0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/css/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
last-modified: Mon, 22 Nov 2021 18:46:27 GMT
server: nginx/1.22.1
etag: "619be583-301"
content-type: image/svg+xml
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 769
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 hungary.svg
color-kinder.com/img/language/ 3 KB
2 KB 64ms
63ms Image
image/svg+xml 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/img/language/hungary.svg
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/css/style2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 4035621af5d863b0c90ab7450ba4af64e8658cf7ca0ec46dea9a73fac22091cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/css/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
content-encoding: gzip
last-modified: Sun, 28 Nov 2021 16:26:18 GMT
server: nginx/1.22.1
etag: W/"61a3adaa-bf6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 arab.svg
color-kinder.com/img/language/ 10 KB
7 KB 65ms
64ms Image
image/svg+xml 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/img/language/arab.svg
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/css/style2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ade3c192bf79aa68230b3952c5aa93ccd35a613366071a5539a36c7501e9a039

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/css/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
content-encoding: gzip
last-modified: Sun, 28 Nov 2021 16:26:18 GMT
server: nginx/1.22.1
etag: W/"61a3adaa-2972"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 spain.svg
color-kinder.com/img/language/ 6 KB
2 KB 67ms
65ms Image
image/svg+xml 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/img/language/spain.svg
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/css/style2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 87751780665b14fa2f62f2e760f3b425fce0fc4e433e7c8cb3a90d1bea3c40ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/css/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 18:46:27 GMT
server: nginx/1.22.1
etag: W/"619be583-1734"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 thailand.svg
color-kinder.com/img/language/ 726 B
908 B 67ms
66ms Image
image/svg+xml 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/img/language/thailand.svg
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/css/style2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 9718f0b6520c7aafbd29f4dc66622367321d390872a86e146406324b65ce1051

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/css/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
last-modified: Sun, 28 Nov 2021 16:26:18 GMT
server: nginx/1.22.1
etag: "61a3adaa-2d6"
content-type: image/svg+xml
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 726
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 poland.svg
color-kinder.com/img/language/ 3 KB
2 KB 68ms
67ms Image
image/svg+xml 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/img/language/poland.svg
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/css/style2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: b6ae9b084321719161d9a804e2e882e13d958298e74728396b0b5813c4f8bf06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/css/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
content-encoding: gzip
last-modified: Sun, 28 Nov 2021 16:26:18 GMT
server: nginx/1.22.1
etag: W/"61a3adaa-bde"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 finland.svg
color-kinder.com/img/language/ 463 B
645 B 68ms
67ms Image
image/svg+xml 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/img/language/finland.svg
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/css/style2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 27303a9e1bd9c51e87fcf9c6bc9dcf9a1d86fa52e9ecb3a66f32e3aab4014aa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/css/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:50 GMT
last-modified: Sun, 28 Nov 2021 17:24:43 GMT
server: nginx/1.22.1
etag: "61a3bb5b-1cf"
content-type: image/svg+xml
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 463
expires: Mon, 09 Jan 2023 13:40:50 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 66ms
16ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://color-kinder.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:41:22 GMT
x-content-type-options: nosniff
age: 43168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 01:41:22 GMT

GET
H2 200 ausmalbilder-blackpink.98758d51121f3d89a30537434642f0e11.jpg
color-kinder.com/assets/components/phpthumbof/cache/ 22 KB
23 KB 77ms
61ms Image
image/jpeg 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/assets/components/phpthumbof/cache/ausmalbilder-blackpink.98758d51121f3d89a30537434642f0e11.jpg
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e85b22ccd347916453ab28a63097fedc39dd5ee5c9ae7b302782550f5830ea12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:51 GMT
last-modified: Mon, 24 Jan 2022 10:21:53 GMT
server: nginx/1.22.1
etag: "61ee7dc1-5996"
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 22934
expires: Mon, 09 Jan 2023 13:40:51 GMT

GET
H2 200 apex-ausmalbilder.98758d51121f3d89a30537434642f0e11.jpg
color-kinder.com/assets/components/phpthumbof/cache/ 14 KB
14 KB 78ms
61ms Image
image/jpeg 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/assets/components/phpthumbof/cache/apex-ausmalbilder.98758d51121f3d89a30537434642f0e11.jpg
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 26cfee64ccd415511dffb9ea6c3a9021ae4c6b6a5b94e32e29a8b40c5d0323fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:51 GMT
last-modified: Thu, 13 Jan 2022 19:15:06 GMT
server: nginx/1.22.1
etag: "61e07a3a-3707"
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 14087
expires: Mon, 09 Jan 2023 13:40:51 GMT

GET
H2 200 ausmalbilder-iron-man.98758d51121f3d89a30537434642f0e11.jpg
color-kinder.com/assets/components/phpthumbof/cache/ 31 KB
31 KB 78ms
62ms Image
image/jpeg 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/assets/components/phpthumbof/cache/ausmalbilder-iron-man.98758d51121f3d89a30537434642f0e11.jpg
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 26d8b3850f25b3e4c80a913d941d145f7faa36f6cee7075830d575c22240cea1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:51 GMT
last-modified: Tue, 11 Jan 2022 15:24:57 GMT
server: nginx/1.22.1
etag: "61dda149-7c3f"
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 31807
expires: Mon, 09 Jan 2023 13:40:51 GMT

GET
H2 200 simpsons-ausmalbilder.98758d51121f3d89a30537434642f0e11.jpg
color-kinder.com/assets/components/phpthumbof/cache/ 11 KB
11 KB 129ms
121ms Image
image/jpeg 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/assets/components/phpthumbof/cache/simpsons-ausmalbilder.98758d51121f3d89a30537434642f0e11.jpg
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 791d257f9c5e7eb412a1319b7864ad43e2eea5e9b378dd369d1d3a1b4535d1ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:51 GMT
last-modified: Mon, 10 Jan 2022 15:15:05 GMT
server: nginx/1.22.1
etag: "61dc4d79-2bdc"
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 11228
expires: Mon, 09 Jan 2023 13:40:51 GMT

GET
H2 200 ausmalbilder-sommer.98758d51121f3d89a30537434642f0e11.jpg
color-kinder.com/assets/components/phpthumbof/cache/ 21 KB
21 KB 130ms
122ms Image
image/jpeg 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/assets/components/phpthumbof/cache/ausmalbilder-sommer.98758d51121f3d89a30537434642f0e11.jpg
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: bf69e07b2f04f0ff99295760e814c4ea3e6393a50df670beaf679871ae6f7e57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:51 GMT
last-modified: Sun, 09 Jan 2022 20:33:52 GMT
server: nginx/1.22.1
etag: "61db46b0-5363"
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 21347
expires: Mon, 09 Jan 2023 13:40:51 GMT

GET
H2 200 ausmalbilder-donut.98758d51121f3d89a30537434642f0e11.jpg
color-kinder.com/assets/components/phpthumbof/cache/ 17 KB
17 KB 130ms
122ms Image
image/jpeg 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/assets/components/phpthumbof/cache/ausmalbilder-donut.98758d51121f3d89a30537434642f0e11.jpg
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 6241293ef6f34c5d6a8a8063c7bdc9c61bae4251560135849eb02fd5fbaf50b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:51 GMT
last-modified: Sat, 08 Jan 2022 16:43:15 GMT
server: nginx/1.22.1
etag: "61d9bf23-4486"
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 17542
expires: Mon, 09 Jan 2023 13:40:51 GMT

GET
H2 200 igel-ausmalbilder.98758d51121f3d89a30537434642f0e11.jpg
color-kinder.com/assets/components/phpthumbof/cache/ 20 KB
20 KB 126ms
122ms Image
image/jpeg 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/assets/components/phpthumbof/cache/igel-ausmalbilder.98758d51121f3d89a30537434642f0e11.jpg
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 501bacbe4600038735ad1d8e9bd5d552be3bf3f2c12a17ad0beccad5a626a4ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:51 GMT
last-modified: Fri, 07 Jan 2022 18:46:13 GMT
server: nginx/1.22.1
etag: "61d88a75-500d"
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 20493
expires: Mon, 09 Jan 2023 13:40:51 GMT

GET
H2 200 kwami-ladybug-ausmalbilder.98758d51121f3d89a30537434642f0e11.jpg
color-kinder.com/assets/components/phpthumbof/cache/ 10 KB
10 KB 126ms
123ms Image
image/jpeg 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/assets/components/phpthumbof/cache/kwami-ladybug-ausmalbilder.98758d51121f3d89a30537434642f0e11.jpg
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 1365cecc9d678b216acd8893477780407f5557d1f6e3ed1ac3bf5d4604224c65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:51 GMT
last-modified: Tue, 11 Jan 2022 14:37:33 GMT
server: nginx/1.22.1
etag: "61dd962d-2916"
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 10518
expires: Mon, 09 Jan 2023 13:40:51 GMT

GET
H2 200 lol-pets-ausmalbilder.98758d51121f3d89a30537434642f0e11.jpg
color-kinder.com/assets/components/phpthumbof/cache/ 16 KB
16 KB 126ms
123ms Image
image/jpeg 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/assets/components/phpthumbof/cache/lol-pets-ausmalbilder.98758d51121f3d89a30537434642f0e11.jpg
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 017516e639e36d079515bd4bf034b9b6b298f240b82474d27252f71b80ab0d07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:51 GMT
last-modified: Sat, 25 Dec 2021 13:16:06 GMT
server: nginx/1.22.1
etag: "61c71996-3f66"
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 16230
expires: Mon, 09 Jan 2023 13:40:51 GMT

GET
H2 200 brawl-stars-leon-ausmalbilder.98758d51121f3d89a30537434642f0e11.jpg
color-kinder.com/assets/components/phpthumbof/cache/ 23 KB
23 KB 126ms
123ms Image
image/jpeg 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/assets/components/phpthumbof/cache/brawl-stars-leon-ausmalbilder.98758d51121f3d89a30537434642f0e11.jpg
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 7103df47573abb13f784786f1d137d657744dfc99863e1e051c34af4ca0cc9ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:51 GMT
last-modified: Fri, 24 Dec 2021 16:19:33 GMT
server: nginx/1.22.1
etag: "61c5f315-5c8a"
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 23690
expires: Mon, 09 Jan 2023 13:40:51 GMT

GET
H2 200 ausmalbilder-8-bit.98758d51121f3d89a30537434642f0e11.jpg
color-kinder.com/assets/components/phpthumbof/cache/ 17 KB
18 KB 126ms
124ms Image
image/jpeg 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/assets/components/phpthumbof/cache/ausmalbilder-8-bit.98758d51121f3d89a30537434642f0e11.jpg
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e90a0349e15ace398085a2dfff10980c0856e980d1c3fa8977886d2ce047e1e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:51 GMT
last-modified: Wed, 22 Dec 2021 13:47:50 GMT
server: nginx/1.22.1
etag: "61c32c86-45fd"
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 17917
expires: Mon, 09 Jan 2023 13:40:51 GMT

GET
H2 200 ausmalbilder-fornite.98758d51121f3d89a30537434642f0e11.jpg
color-kinder.com/assets/components/phpthumbof/cache/ 11 KB
11 KB 126ms
124ms Image
image/jpeg 2a03:6f00:6:1::57f9:2b81
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://color-kinder.com/assets/components/phpthumbof/cache/ausmalbilder-fornite.98758d51121f3d89a30537434642f0e11.jpg
Requested by: Host: color-kinder.com
URL: https://color-kinder.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:6:1::57f9:2b81 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 31c9d5ad348ed8aa5d83aad08a22415e8c5ad83c6849eca6da26d45027dfbe8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:51 GMT
last-modified: Tue, 21 Dec 2021 19:54:09 GMT
server: nginx/1.22.1
etag: "61c230e1-2cdd"
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 11485
expires: Mon, 09 Jan 2023 13:40:51 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
701 B 55ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=color-kinder.com&callback=_gfp_s_&client=ca-pub-2974151996320664&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2974151996320664&plah=color-kinder.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e70b6fd233e77bc9260e9d79f91cdfa92896515ce4abf769621afb7251814b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 73ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=color-kinder.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 43ms
18ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=color-kinder.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2342 111 KB
35 KB 855ms
838ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974151996320664&output=html&adk=1812271804&adf=3025194257&lmt=1670593251&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fcolor-kinder.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670593250779&bpp=125&bdt=192&idt=368&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4163446754292&frm=20&pv=2&ga_vid=341998924.1670593251&ga_sid=1670593251&ga_hid=696020254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777948%2C44779957%2C31071262%2C21065725&oid=2&pvsid=3601703983653490&tmod=115087075&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=391

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d86345f12c376e43bccea6e66cbb02d2e9233e8a035f3756715f318c5961bbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://color-kinder.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35837
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 13:40:52 GMT
expires: Fri, 09 Dec 2022 13:40:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ 150 KB
51 KB 72ms
69ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

974e4e9883f5a1737c18bfe23e0cfdaa1b985c0a6a300968cd8ed0fc3a1387d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52356
x-xss-protection: 0
server: cafe
etag: 9664617880869638218
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 13:40:52 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 52ms
17ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=color-kinder.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 47ms
24ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=color-kinder.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF55 111 KB
35 KB 749ms
726ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974151996320664&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1182920990~rp.3&daaos=1670547687800&w=1200&fwrn=4&fwrnh=100&lmt=1670593252&rafmt=1&to=qs&pwprc=5458882937&format=1200x280&url=https%3A%2F%2Fcolor-kinder.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670593252100&bpp=3&bdt=1513&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98a6a29d147439bd-22db383c6cd80071%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_MaraLA_2yv2qzrxlA6V6-E-cfLgBg&gpic=UID%3D00000b8fb79227c3%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_Mbo9RCU26DhqJtrQKpb6fkFBoEUWA&prev_fmts=0x0&nras=2&correlator=4163446754292&frm=20&pv=1&ga_vid=341998924.1670593251&ga_sid=1670593251&ga_hid=696020254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777948%2C44779957%2C31071262%2C21065725&oid=2&pvsid=3601703983653490&tmod=115087075&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sxVBubSqz7&p=https%3A//color-kinder.com&dtd=24

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47036352e7959e42dd37ceedeacbd716c268ed548699617f835874a6e8c98474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://color-kinder.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35740
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 13:40:52 GMT
expires: Fri, 09 Dec 2022 13:40:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4F90 109 KB
35 KB 667ms
661ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974151996320664&output=html&h=280&adk=1418185256&adf=1523758184&pi=t.aa~a.4052609321~rp.4&daaos=1670547687800&w=1200&fwrn=4&fwrnh=100&lmt=1670593252&rafmt=1&to=qs&pwprc=5458882937&format=1200x280&url=https%3A%2F%2Fcolor-kinder.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670593252100&bpp=1&bdt=1513&idt=1&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98a6a29d147439bd-22db383c6cd80071%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_MaraLA_2yv2qzrxlA6V6-E-cfLgBg&gpic=UID%3D00000b8fb79227c3%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_Mbo9RCU26DhqJtrQKpb6fkFBoEUWA&prev_fmts=0x0%2C1200x280&nras=3&correlator=4163446754292&frm=20&pv=1&ga_vid=341998924.1670593251&ga_sid=1670593251&ga_hid=696020254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777948%2C44779957%2C31071262%2C21065725&oid=2&pvsid=3601703983653490&tmod=115087075&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Z6AdOLps9y&p=https%3A//color-kinder.com&dtd=35

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7d6a12df315c6e2032084b38e6fc0291190ce09b2f83251098bfe90d35a2fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://color-kinder.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35931
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 13:40:52 GMT
expires: Fri, 09 Dec 2022 13:40:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/ Frame 33E0 10 KB
4 KB 9ms
7ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://color-kinder.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69700
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 18:19:12 GMT
etag: 10353107486223812946
expires: Thu, 22 Dec 2022 18:19:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 33E0 0
0 65ms
64ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzWRS4zqTY4WKDcXTmweiqqiYB-zD4NBtiMOJ2aQQsJAfEAEghpinggFglYqegrAHoAH34pu0KMgBAqgDAcgDyQSqBOMBT9DA3Pi-_g2CyS93G0DP9raZzRgtOZdPUcxsxJBXH8RPjdBKsC5FvJe9VErBsFlo8a3VIFvRpgD9VOkdG-eUp79WimdBlm_IV8VdFofSNMrAIykTRHgikcVOJIObzIOvYEOQ7tmGjR6egFkMyupJFeqH1MZc1m8XQLDOJHsGh2DkbWkrq7MjfSisAKqE1ZslyRMnrj-QTpAdhUhLpXeqQ7LrGyxKZVq74Ae6BYPinUO1836RMLOgc5lxnVXF0yCoCrYcJTgn1OC-GY1Puf8Wpr4geIKbAZrvGXphJ-xR2g8caUjABPCi3qmiBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAf3muyTA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJr-MNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTI5NzQxNTE5OTYzMjA2NjQYAA&sigh=Lo7cRGJJ0Z0&uach_m=[UACH]&cid=CAQSGwDq26N94o4aQ724sfR7QPA3-JX6MkGHclv9SRgBIBM

Requested by

Host: color-kinder.com
URL: https://color-kinder.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Dec 2022 13:40:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 09 Dec 2022 13:40:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 33E0 23 KB
10 KB 49ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 18:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 18:13:14 GMT

GET
H2 200 7021105033092941915
tpc.googlesyndication.com/simgad/ Frame 33E0 12 KB
12 KB 51ms
15ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7021105033092941915?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql6-wAlqXhcMvbufHK2XOpkqMCyww

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be40fb54e1d05cee1be2ede48926fdab9fbd1e6de0e0b3170d6f8fb6b96d34c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 16:35:06 GMT
x-content-type-options: nosniff
age: 335146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11967
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 15:21:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Dec 2023 16:35:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 33E0 3 KB
1 KB 49ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Dec 2022 13:09:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 33E0 18 KB
7 KB 48ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 18:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 18:11:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 33E0 153 KB
47 KB 83ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 13:40:52 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 33E0 34 KB
14 KB 56ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20e61b393e246051ebe36f186c4c5a8a0ab4efa227f16ec0c4cf57d60e0388d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 21:54:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
server: cafe
etag: 2612990788289469886
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 21:54:57 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 587C 143 B
166 B 9ms
8ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 13:28:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 33E0 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9be182fa2cbd78eb577b39d7d3565586e80436909d4f2c38258c1023182c047

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 587C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

19ms
19ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 13:40:52 GMT
expires: Fri, 09 Dec 2022 13:40:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 13:40:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 986F 36 KB
16 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 11:52:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 11:52:08 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4F90 3 KB
601 B 52ms
22ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974151996320664&output=html&h=280&adk=1418185256&adf=1523758184&pi=t.aa~a.4052609321~rp.4&daaos=1670547687800&w=1200&fwrn=4&fwrnh=100&lmt=1670593252&rafmt=1&to=qs&pwprc=5458882937&format=1200x280&url=https%3A%2F%2Fcolor-kinder.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670593252100&bpp=1&bdt=1513&idt=1&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98a6a29d147439bd-22db383c6cd80071%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_MaraLA_2yv2qzrxlA6V6-E-cfLgBg&gpic=UID%3D00000b8fb79227c3%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_Mbo9RCU26DhqJtrQKpb6fkFBoEUWA&prev_fmts=0x0%2C1200x280&nras=3&correlator=4163446754292&frm=20&pv=1&ga_vid=341998924.1670593251&ga_sid=1670593251&ga_hid=696020254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777948%2C44779957%2C31071262%2C21065725&oid=2&pvsid=3601703983653490&tmod=115087075&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Z6AdOLps9y&p=https%3A//color-kinder.com&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 13:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 12:45:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 13:40:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 4F90 2 KB
765 B 108ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 18:25:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 18:25:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 4F90 23 KB
9 KB 78ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 18:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 18:13:14 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 4F90 3 KB
1 KB 101ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Dec 2022 13:09:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 4F90 18 KB
7 KB 85ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 18:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 18:11:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4F90 0
0 78ms
21ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT6zthSbu1szfyylwmmST5hKvtDZX4cXhzk3UCq6tp7a7b0LHqqpHKIOZnNasts2cMGtq77buIS7FeQvnroKbqpLbFhaw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974151996320664&output=html&h=280&adk=1418185256&adf=1523758184&pi=t.aa~a.4052609321~rp.4&daaos=1670547687800&w=1200&fwrn=4&fwrnh=100&lmt=1670593252&rafmt=1&to=qs&pwprc=5458882937&format=1200x280&url=https%3A%2F%2Fcolor-kinder.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670593252100&bpp=1&bdt=1513&idt=1&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98a6a29d147439bd-22db383c6cd80071%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_MaraLA_2yv2qzrxlA6V6-E-cfLgBg&gpic=UID%3D00000b8fb79227c3%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_Mbo9RCU26DhqJtrQKpb6fkFBoEUWA&prev_fmts=0x0%2C1200x280&nras=3&correlator=4163446754292&frm=20&pv=1&ga_vid=341998924.1670593251&ga_sid=1670593251&ga_hid=696020254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777948%2C44779957%2C31071262%2C21065725&oid=2&pvsid=3601703983653490&tmod=115087075&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Z6AdOLps9y&p=https%3A//color-kinder.com&dtd=35
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F90 153 KB
47 KB 53ms
29ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 13:40:52 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 4F90 34 KB
14 KB 69ms
2ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 21:16:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4F90 0
0 60ms
58ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxObe5DqTY-zbC4jE6gSL6Y6AA5LWn65s7uXimvEQ2ImFngsQASCGmKeCAWCVip6CsAegAYKOnPUoyAEJqAMByAPLBKoE8AFP0EDQS_U_bzHw8wrg5OUOstxs_-P2Be1d4OHCr3Grallxg8L6ajlu_UvZd9GL9ipzdewFK3aQZ7OMtNyQrIMIEiT3XB_mhu16DRsGE7qheXoRA-v-nOmtzb8QNxu_FUX5TM0EqgvWfXE1DzMZpmxtuB0tPsf8GXMzi0_Ve8pYpf-TmylpvfvDEzvqOo59oy7Jb-oha3RPDRlDK4ZYn7Ogv6JnGRTgHY-J-J2Uy7wYyiI2eaPmj5vaEn2y04sqrDi-1WwIDpCVg5xkLnwHEiTT1Q_bwKjhQ9wRPrBEXlSFXw918mrAPYXUIWjQSgGjwU7ABPP_0oCjBJIFBAgEGAGSBQQIBRgEoAYugAeCxuzUA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCwjwbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTAtAVAYAXAbIXHAoaCAASFHB1Yi0yOTc0MTUxOTk2MzIwNjY0GAA&sigh=6DFAbmiTTkM&uach_m=[UACH]&cid=CAQSPADq26N9vtuqGi0tCfr8kiu_5QneJsbF2QN8eff5WltkFuGvngxiiESEmOlM5ZANsx_5njVd7K41Nzp-rxgBIBM&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974151996320664&output=html&h=280&adk=1418185256&adf=1523758184&pi=t.aa~a.4052609321~rp.4&daaos=1670547687800&w=1200&fwrn=4&fwrnh=100&lmt=1670593252&rafmt=1&to=qs&pwprc=5458882937&format=1200x280&url=https%3A%2F%2Fcolor-kinder.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670593252100&bpp=1&bdt=1513&idt=1&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98a6a29d147439bd-22db383c6cd80071%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_MaraLA_2yv2qzrxlA6V6-E-cfLgBg&gpic=UID%3D00000b8fb79227c3%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_Mbo9RCU26DhqJtrQKpb6fkFBoEUWA&prev_fmts=0x0%2C1200x280&nras=3&correlator=4163446754292&frm=20&pv=1&ga_vid=341998924.1670593251&ga_sid=1670593251&ga_hid=696020254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777948%2C44779957%2C31071262%2C21065725&oid=2&pvsid=3601703983653490&tmod=115087075&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Z6AdOLps9y&p=https%3A//color-kinder.com&dtd=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Dec 2022 13:40:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 13650525789967406013_3289778503909974610.png
static.doubleclick.net/dynamic/5/396077578/ Frame 4F90 70 KB
70 KB 118ms
46ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/396077578/13650525789967406013_3289778503909974610.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad8ccc382fc96ce70e2ce2ec683a4a5b30769fe335c12c489e9ab7ed863a70ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 07:11:15 GMT
x-content-type-options: nosniff
age: 196177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71639
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:24:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 07:11:15 GMT

GET
H2 200 11601769098915092867_8507514706627327658.png
static.doubleclick.net/dynamic/5/396077578/ Frame 4F90 9 KB
9 KB 77ms
22ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/396077578/11601769098915092867_8507514706627327658.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b277fa13ac68561b8074224ce5f07cdf565e2c1c07aacdbbaf625184e815cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 18:26:35 GMT
x-content-type-options: nosniff
age: 328457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8997
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:24:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 18:26:35 GMT

GET
H2 200 14844727076690591887_5541704954540447619.png
static.doubleclick.net/dynamic/5/396077578/ Frame 4F90 32 KB
32 KB 67ms
12ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/396077578/14844727076690591887_5541704954540447619.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee5fef75aedbe7910904e0ad49588292f12c5b9f8a2207446b088a23082560aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 06:07:52 GMT
x-content-type-options: nosniff
age: 27180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32590
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:23:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 06:07:52 GMT

GET
H2 200 417777700735704502_8695563961451305315.png
static.doubleclick.net/dynamic/5/396077578/ Frame 4F90 208 KB
209 KB 60ms
5ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/396077578/417777700735704502_8695563961451305315.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b35a96850a9f96841931e899cb0a6fadd8c163c39627ad53fc4f42fa979ef82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 17:46:11 GMT
x-content-type-options: nosniff
age: 330881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 213383
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:24:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 17:46:11 GMT

GET
H3

200

16144437581461410148
tpc.googlesyndication.com/simgad/ Frame 4F90
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCE48amKxCABBiABDIIOcAyd9B1F6w
https://tpc.googlesyndication.com/simgad/16144437581461410148

66 KB
66 KB

52ms
19ms

Image
image/jpeg

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16144437581461410148

Requested by

Protocol

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

015d1cecf14c3ef529e92d788304fe58aa571c4e3ebaf4d78d5eea44f693c844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 06:48:08 GMT
x-content-type-options: nosniff
age: 24764
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67423
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 11:07:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 06:48:08 GMT

Redirect headers

date: Fri, 09 Dec 2022 10:57:00 GMT
x-content-type-options: nosniff
server: cafe
age: 9832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/16144437581461410148
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 08 Jan 2023 10:57:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BF55 2 KB
535 B 52ms
38ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974151996320664&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1182920990~rp.3&daaos=1670547687800&w=1200&fwrn=4&fwrnh=100&lmt=1670593252&rafmt=1&to=qs&pwprc=5458882937&format=1200x280&url=https%3A%2F%2Fcolor-kinder.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670593252100&bpp=3&bdt=1513&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98a6a29d147439bd-22db383c6cd80071%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_MaraLA_2yv2qzrxlA6V6-E-cfLgBg&gpic=UID%3D00000b8fb79227c3%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_Mbo9RCU26DhqJtrQKpb6fkFBoEUWA&prev_fmts=0x0&nras=2&correlator=4163446754292&frm=20&pv=1&ga_vid=341998924.1670593251&ga_sid=1670593251&ga_hid=696020254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777948%2C44779957%2C31071262%2C21065725&oid=2&pvsid=3601703983653490&tmod=115087075&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sxVBubSqz7&p=https%3A//color-kinder.com&dtd=24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 13:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 13:01:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 13:40:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame BF55 2 KB
765 B 61ms
47ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 18:25:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 18:25:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame BF55 23 KB
9 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 18:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 18:13:14 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame BF55 3 KB
1 KB 53ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Dec 2022 13:09:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame BF55 18 KB
7 KB 49ms
35ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 18:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Dec 2022 18:11:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BF55 0
0 54ms
44ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9FFiR6o_URp9k66f9e3wjSqHIDscsyjPH7hlS7Mhp_vbg5kf-JZ15nGCv8KmPDh1_F7_FHgDgPfq6VA--q0uDzyi_2w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974151996320664&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1182920990~rp.3&daaos=1670547687800&w=1200&fwrn=4&fwrnh=100&lmt=1670593252&rafmt=1&to=qs&pwprc=5458882937&format=1200x280&url=https%3A%2F%2Fcolor-kinder.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670593252100&bpp=3&bdt=1513&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98a6a29d147439bd-22db383c6cd80071%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_MaraLA_2yv2qzrxlA6V6-E-cfLgBg&gpic=UID%3D00000b8fb79227c3%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_Mbo9RCU26DhqJtrQKpb6fkFBoEUWA&prev_fmts=0x0&nras=2&correlator=4163446754292&frm=20&pv=1&ga_vid=341998924.1670593251&ga_sid=1670593251&ga_hid=696020254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777948%2C44779957%2C31071262%2C21065725&oid=2&pvsid=3601703983653490&tmod=115087075&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sxVBubSqz7&p=https%3A//color-kinder.com&dtd=24
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF55 153 KB
47 KB 59ms
49ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 13:40:52 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame BF55 34 KB
14 KB 30ms
0ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 21:16:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BF55 0
0 72ms
58ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQO_e5DqTY8WuC72W78EP8vqsuAOS1p-ubLbt3vi4ENiJhZ4LEAEghpinggFglYqegrAHoAGCjpz1KMgBCagDAcgDywSqBPYBT9C3DtCg2LsqE923ELJK49Tb_FNWYZEyvPNb7vsTOxc7Yz78DcLQL6td_pUBycFLVJoHsbVURkZa3tbRSm1JB9X4oUI6t5Y6h35yzZuIbK_CMSV_8ZJECwfS1jzmkpSWUtg3Feds87usItcFyFrTvoew8AnIH4YYSNzQTGYBFpES-oZL4HwDZVXtKHIB8zs7UOxY_A93rAeMCFgrBcPJdV0lPv81D_EEjshZ42Ez4OZVKoxc0Wom4ooRx018NFAIBuJjmXnff9aOF_asVFh82MoY1nRmKgFaEQWhQ_ZdGTMZRbPYYrqwYXBGzXTIOv68Tuozv2OWwATz_9KAowSSBQQIBBgBkgUECAUYBKAGLoAHgsbs1AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ3YkE0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwLQFQGAFwGyFxwKGggAEhRwdWItMjk3NDE1MTk5NjMyMDY2NBgA&sigh=52an4IshLRI&uach_m=[UACH]&cid=CAQSPADq26N9yjXWnSWcgN6fTb3wx-GeRjpBu5HcNp5hvNPSE9ad5pwaef8JVDzRjTNZ-8_e5oveSmQ8BrrxABgBIBM&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974151996320664&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1182920990~rp.3&daaos=1670547687800&w=1200&fwrn=4&fwrnh=100&lmt=1670593252&rafmt=1&to=qs&pwprc=5458882937&format=1200x280&url=https%3A%2F%2Fcolor-kinder.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670593252100&bpp=3&bdt=1513&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98a6a29d147439bd-22db383c6cd80071%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_MaraLA_2yv2qzrxlA6V6-E-cfLgBg&gpic=UID%3D00000b8fb79227c3%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_Mbo9RCU26DhqJtrQKpb6fkFBoEUWA&prev_fmts=0x0&nras=2&correlator=4163446754292&frm=20&pv=1&ga_vid=341998924.1670593251&ga_sid=1670593251&ga_hid=696020254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777948%2C44779957%2C31071262%2C21065725&oid=2&pvsid=3601703983653490&tmod=115087075&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sxVBubSqz7&p=https%3A//color-kinder.com&dtd=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 09 Dec 2022 13:40:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 13650525789967406013_3289778503909974610.png
static.doubleclick.net/dynamic/5/396077578/ Frame BF55 70 KB
70 KB 78ms
26ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/396077578/13650525789967406013_3289778503909974610.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad8ccc382fc96ce70e2ce2ec683a4a5b30769fe335c12c489e9ab7ed863a70ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 07:11:15 GMT
x-content-type-options: nosniff
age: 196177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71639
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:24:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 07:11:15 GMT

GET
H3 200 11601769098915092867_8507514706627327658.png
static.doubleclick.net/dynamic/5/396077578/ Frame BF55 9 KB
9 KB 70ms
19ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/396077578/11601769098915092867_8507514706627327658.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b277fa13ac68561b8074224ce5f07cdf565e2c1c07aacdbbaf625184e815cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 18:26:35 GMT
x-content-type-options: nosniff
age: 328457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8997
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:24:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 18:26:35 GMT

GET
H3 200 14844727076690591887_5541704954540447619.png
static.doubleclick.net/dynamic/5/396077578/ Frame BF55 32 KB
32 KB 82ms
31ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/396077578/14844727076690591887_5541704954540447619.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee5fef75aedbe7910904e0ad49588292f12c5b9f8a2207446b088a23082560aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 06:07:52 GMT
x-content-type-options: nosniff
age: 27180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32590
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:23:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 06:07:52 GMT

GET
H3 200 417777700735704502_8695563961451305315.png
static.doubleclick.net/dynamic/5/396077578/ Frame BF55 208 KB
208 KB 71ms
20ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/396077578/417777700735704502_8695563961451305315.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b35a96850a9f96841931e899cb0a6fadd8c163c39627ad53fc4f42fa979ef82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 17:46:11 GMT
x-content-type-options: nosniff
age: 330881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 213383
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:24:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 17:46:11 GMT

GET
H3 200 17355180649413257275_16282955595290616607.png
static.doubleclick.net/dynamic/5/396077578/ Frame BF55 90 KB
90 KB 88ms
38ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/396077578/17355180649413257275_16282955595290616607.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ab6ae2c03a22732a4abee117e1b210f9942c0da3b99d74da394e21fa2387944

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 19:50:52 GMT
x-content-type-options: nosniff
age: 237000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91760
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 19:23:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 19:50:52 GMT

GET
H3

200

16144437581461410148
tpc.googlesyndication.com/simgad/ Frame BF55
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCE48amKxCABBiABDIIOcAyd9B1F6w
https://tpc.googlesyndication.com/simgad/16144437581461410148

66 KB
66 KB

20ms
17ms

Image
image/jpeg

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16144437581461410148

Requested by

Protocol

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

015d1cecf14c3ef529e92d788304fe58aa571c4e3ebaf4d78d5eea44f693c844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 06:48:08 GMT
x-content-type-options: nosniff
age: 24765
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67423
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 11:07:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 06:48:08 GMT

Redirect headers

date: Fri, 09 Dec 2022 10:57:00 GMT
x-content-type-options: nosniff
server: cafe
age: 9832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/16144437581461410148
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 08 Jan 2023 10:57:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 93F8 1 KB
643 B 39ms
20ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 09:30:19 GMT
etag: 48472445140208031
expires: Sat, 10 Dec 2022 09:30:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4F90 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 892a7288881e3b4fe78d9fa0570140f5b6093a00c3c09fd8cf237a3a2bff6565

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 899A 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15034
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 09:30:19 GMT
etag: 48472445140208031
expires: Sat, 10 Dec 2022 09:30:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BF55 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d203ab410178b6be47a94813dcd9b4d1daa50137ca66e5b66d7ab52405f9a902

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame BF55 20 KB
20 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 21:33:43 GMT
x-content-type-options: nosniff
age: 576430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 21:33:43 GMT

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 4F90 21 KB
21 KB 18ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 22:44:30 GMT
x-content-type-options: nosniff
age: 226583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 22:44:30 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 4F90 20 KB
20 KB 28ms
11ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 21:33:43 GMT
x-content-type-options: nosniff
age: 576430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 21:33:43 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 93F8 35 B
463 B 52ms
9ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO0Ph0AQnBcAgW2N40zakQo&google_cver=1&google_push=ASkJ3FaISntV_9cMgoi-iBqzTr3-qrITJVwRI-j7YJJQghtEQ1Y_z76rGGvNlhcu8sAoeSTZTLVN4MgbjVmHdCGPcvopM-nibaE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 13:40:53 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 93F8
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEKjnBI1ZYt-DoisDoK5eFOk&google_cver=1&google_push=ASkJ3Fadk7Q_2drSzIoH7gcyOTDHLNlwItQT7bN45aeImB-Z8NomelyoXr8YiUtVY15j15kmG0rtGxaszv4ET4SLTh3RWgZ_9wJ4
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3Fadk7Q_2drSzIoH7gcyOTDHLNlwItQT7bN45aeImB-Z8NomelyoXr8YiUtVY15j15kmG0rtGxaszv4ET4SLTh3RWgZ_9wJ4&google_hm=Q0FFU0VLam5CSTFaWXQtR...

170 B
188 B

42ms
27ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3Fadk7Q_2drSzIoH7gcyOTDHLNlwItQT7bN45aeImB-Z8NomelyoXr8YiUtVY15j15kmG0rtGxaszv4ET4SLTh3RWgZ_9wJ4&google_hm=Q0FFU0VLam5CSTFaWXQtRG9pc0RvSzVlRk9r

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 13:40:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 13:40:52 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3Fadk7Q_2drSzIoH7gcyOTDHLNlwItQT7bN45aeImB-Z8NomelyoXr8YiUtVY15j15kmG0rtGxaszv4ET4SLTh3RWgZ_9wJ4&google_hm=Q0FFU0VLam5CSTFaWXQtRG9pc0RvSzVlRk9r
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 93F8 43 B
136 B 57ms
17ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEOnPuWb8bBURsGgRR0ba3Lc&google_cver=1&google_push=ASkJ3FZTy7BjRpDJtVCSjSPJFR2mZib_Ne2HDqLS2Jo5-PcOgoMgoMufwnMgv5hk9dc67Ju89YXxO-oWuoSh7WhtgP4jCYAEsB_U
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974151996320664&output=html&h=280&adk=1418185256&adf=1523758184&pi=t.aa~a.4052609321~rp.4&daaos=1670547687800&w=1200&fwrn=4&fwrnh=100&lmt=1670593252&rafmt=1&to=qs&pwprc=5458882937&format=1200x280&url=https%3A%2F%2Fcolor-kinder.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670593252100&bpp=1&bdt=1513&idt=1&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98a6a29d147439bd-22db383c6cd80071%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_MaraLA_2yv2qzrxlA6V6-E-cfLgBg&gpic=UID%3D00000b8fb79227c3%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_Mbo9RCU26DhqJtrQKpb6fkFBoEUWA&prev_fmts=0x0%2C1200x280&nras=3&correlator=4163446754292&frm=20&pv=1&ga_vid=341998924.1670593251&ga_sid=1670593251&ga_hid=696020254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777948%2C44779957%2C31071262%2C21065725&oid=2&pvsid=3601703983653490&tmod=115087075&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Z6AdOLps9y&p=https%3A//color-kinder.com&dtd=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 13:40:52 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 83khrvh3vgktojbnug8a3pv3qag2em7m

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 93F8
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KiYgxKoYSP2eDQ9K7-8r8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KiYgxKoYSP2eDQ9K7-8r8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FY3U5DoGOsxJgRWbf0gJc213-JPbJjTOrh1nGZigMmW3l590Q68rkxPJFvedjL09n6KuTpwm4CkIQEFYQMytwFlWgkCNhNG

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 13:40:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KiYgxKoYSP2eDQ9K7-8r8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FY3U5DoGOsxJgRWbf0gJc213-JPbJjTOrh1nGZigMmW3l590Q68rkxPJFvedjL09n6KuTpwm4CkIQEFYQMytwFlWgkCNhNG
date: Fri, 09 Dec 2022 13:40:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 93F8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHouyBNcRM2gw7WQSHxebBs&google_cver=1&google_push=ASkJ3FbVfbzeRmmK05hptPNEtd6FvfsA9X_6dJplhdhgrycvkm2UhLd8Ib6K6InI0ybmJeBCIam...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHSzM4MDktMTctR1VSSg==&google_push=ASkJ3FbVfbzeRmmK05hptPNEtd6FvfsA9X_6dJplhdhgrycvkm2UhLd8Ib6K6InI0ybmJeBCIamyvbPmk316bgFEShGuI2keAXvH

170 B
188 B

44ms
20ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHSzM4MDktMTctR1VSSg==&google_push=ASkJ3FbVfbzeRmmK05hptPNEtd6FvfsA9X_6dJplhdhgrycvkm2UhLd8Ib6K6InI0ybmJeBCIamyvbPmk316bgFEShGuI2keAXvH

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 13:40:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJHSzM4MDktMTctR1VSSg==&google_push=ASkJ3FbVfbzeRmmK05hptPNEtd6FvfsA9X_6dJplhdhgrycvkm2UhLd8Ib6K6InI0ybmJeBCIamyvbPmk316bgFEShGuI2keAXvH
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 93F8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAWNMunE6GX5m99JChCZqLc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAWNMunE6GX5m99JChCZqLc&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAWNMunE6GX5m99JChCZqLc&google_hm=Y5M65dZ-ik9t9L6sdA4jZAAAFCEAAAAB&google_nid=index&google_push=ASkJ3FZCOtiKSV9RdCtG-mZYxLD4zy8DtGmA1...

170 B
188 B

24ms
23ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAWNMunE6GX5m99JChCZqLc&google_hm=Y5M65dZ-ik9t9L6sdA4jZAAAFCEAAAAB&google_nid=index&google_push=ASkJ3FZCOtiKSV9RdCtG-mZYxLD4zy8DtGmA1RJAIr_dNFXfcIdRqHDDl2VX7O-4GzWxmOLHgzLFJgiE5JT5xNfyrc32sJWOj50G

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 13:40:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Dec 2022 13:40:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlG01oShsADHoCeUp9VX0sQziRlW1wgh4r%2FjeIgHrrzoY6uagq8pd8v8%2F9%2BxuR%2Bw9EMRc9mc1oVImcqJPVO1EFmQWWC09sLgb4VoFhuqAQX%2BVNZL6BCTBHSMAobRlVTgIJTmKdwz0OFmzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAWNMunE6GX5m99JChCZqLc&google_hm=Y5M65dZ-ik9t9L6sdA4jZAAAFCEAAAAB&google_nid=index&google_push=ASkJ3FZCOtiKSV9RdCtG-mZYxLD4zy8DtGmA1RJAIr_dNFXfcIdRqHDDl2VX7O-4GzWxmOLHgzLFJgiE5JT5xNfyrc32sJWOj50G
cache-control: no-cache
cf-ray: 776e27b8e800bbc8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 93F8 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 93F8 0
223 B 58ms
15ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LJBbDcgONyt8V9O8FNrWoFmNgHgSP47CqfZH1KmiEnyowpn_4XANE0OeSHuaJ8yLwxodGOZQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 899A 35 B
462 B 41ms
11ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIgC_FhyT74twsigtWUqMKI&google_cver=1&google_push=ASkJ3FazxIM8BCKXr8SHDAxsdRavq72CZ86NrEcYbGPn5C5r3dP9bYzBTwA_DezANRvCe0ndMpI8ICk5ErNjsDwJHjVG-G8ux7bozQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 13:40:53 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 899A
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEMFXL2poPfyQp3BxL5-4JAE&google_cver=1&google_push=ASkJ3FabTiSsD2dFc2Kv_1Hf4OTk6peUO_Oi2HFoF2Pr_oXg_ku0KOtukDJ0ZpLm-UnMCr0fpN72T0UQqDtuhnqioRRNBalFAYje7A
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FabTiSsD2dFc2Kv_1Hf4OTk6peUO_Oi2HFoF2Pr_oXg_ku0KOtukDJ0ZpLm-UnMCr0fpN72T0UQqDtuhnqioRRNBalFAYje7A&google_hm=Q0FFU0VNRlhMMnBvUGZ...

170 B
188 B

38ms
23ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FabTiSsD2dFc2Kv_1Hf4OTk6peUO_Oi2HFoF2Pr_oXg_ku0KOtukDJ0ZpLm-UnMCr0fpN72T0UQqDtuhnqioRRNBalFAYje7A&google_hm=Q0FFU0VNRlhMMnBvUGZ5UXAzQnhMNS00SkFF

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 13:40:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 13:40:52 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FabTiSsD2dFc2Kv_1Hf4OTk6peUO_Oi2HFoF2Pr_oXg_ku0KOtukDJ0ZpLm-UnMCr0fpN72T0UQqDtuhnqioRRNBalFAYje7A&google_hm=Q0FFU0VNRlhMMnBvUGZ5UXAzQnhMNS00SkFF
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 899A 43 B
356 B 81ms
29ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESENpZwnnMw_oFey5n7is_TJA&google_push=ASkJ3FabHIQUJrozoR1jVdow6Kkl_kWUDC_cJp5FGtoOt0k13nntebYkY_ZJ_30qlRMFtTecgG6gc24NnEpqrLpwYm33bozzyYlh&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974151996320664&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1182920990~rp.3&daaos=1670547687800&w=1200&fwrn=4&fwrnh=100&lmt=1670593252&rafmt=1&to=qs&pwprc=5458882937&format=1200x280&url=https%3A%2F%2Fcolor-kinder.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670593252100&bpp=3&bdt=1513&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98a6a29d147439bd-22db383c6cd80071%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_MaraLA_2yv2qzrxlA6V6-E-cfLgBg&gpic=UID%3D00000b8fb79227c3%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_Mbo9RCU26DhqJtrQKpb6fkFBoEUWA&prev_fmts=0x0&nras=2&correlator=4163446754292&frm=20&pv=1&ga_vid=341998924.1670593251&ga_sid=1670593251&ga_hid=696020254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777948%2C44779957%2C31071262%2C21065725&oid=2&pvsid=3601703983653490&tmod=115087075&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sxVBubSqz7&p=https%3A//color-kinder.com&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 13:40:53 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 899A 43 B
351 B 43ms
16ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEOIDVfOUIjp-_OCosN46VRc&google_cver=1&google_push=ASkJ3Fb5zupoFN3FgYEiOyscM9HDUi9q3D6PbcRAVzCo7ztuaqoeUrviX_qU1aqkCCvO1giFb3APe6XIfeZyy6eNAgi2wee4FI97hg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974151996320664&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1182920990~rp.3&daaos=1670547687800&w=1200&fwrn=4&fwrnh=100&lmt=1670593252&rafmt=1&to=qs&pwprc=5458882937&format=1200x280&url=https%3A%2F%2Fcolor-kinder.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670593252100&bpp=3&bdt=1513&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98a6a29d147439bd-22db383c6cd80071%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_MaraLA_2yv2qzrxlA6V6-E-cfLgBg&gpic=UID%3D00000b8fb79227c3%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_Mbo9RCU26DhqJtrQKpb6fkFBoEUWA&prev_fmts=0x0&nras=2&correlator=4163446754292&frm=20&pv=1&ga_vid=341998924.1670593251&ga_sid=1670593251&ga_hid=696020254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777948%2C44779957%2C31071262%2C21065725&oid=2&pvsid=3601703983653490&tmod=115087075&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sxVBubSqz7&p=https%3A//color-kinder.com&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 13:40:52 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ju01e6o05k84ktb7fd40jt4cfvahkhlo

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 899A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EeLk6CKWQEm4c9hTypKpiA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

22ms
22ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EeLk6CKWQEm4c9hTypKpiA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Fa8AEMgjQ372BwTkXF75m6_o4cN6-wNIP0smiL_oyRTlMj3n8IHNih9e69J1su4R5fAtPU_01ekDPe2MqZMcVoYjseYytgxbg

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 13:40:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EeLk6CKWQEm4c9hTypKpiA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Fa8AEMgjQ372BwTkXF75m6_o4cN6-wNIP0smiL_oyRTlMj3n8IHNih9e69J1su4R5fAtPU_01ekDPe2MqZMcVoYjseYytgxbg
date: Fri, 09 Dec 2022 13:40:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 899A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGaKixspyJkGy5K0z0vfmpc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGaKixspyJkGy5K0z0vfmpc&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGaKixspyJkGy5K0z0vfmpc&google_hm=Y5M65dZ-ik9t9L6sdA4jZAAAFCEAAAAB&google_nid=index&google_push=ASkJ3FYUnBpzGrVRjHrbMN9r0opnzJVtfKl1B...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGaKixspyJkGy5K0z0vfmpc&google_hm=Y5M65dZ-ik9t9L6sdA4jZAAAFCEAAAAB&google_nid=index&google_push=ASkJ3FYUnBpzGrVRjHrbMN9r0opnzJVtfKl1BEIyJ5dW1nGFjyxVyUTAKCav3xRsN_ct0Yyq3AKSbkcXqlOExaQsNBWH9FrN6Fdwng

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 13:40:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Dec 2022 13:40:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IskHdPD3B72aZyx6n9x2wH1%2FiSwDk%2B%2Bm59o%2FZ2HoMGz0tOKQBYvzTZJCuY7s2YWcy4YYyUmEVZwAzVaZMZg%2Fu6aKj7qapThtX11hGjdBFTnA6g0r41hvvKQMCcTR4G%2F%2Fc1ywu%2F50blOyhg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGaKixspyJkGy5K0z0vfmpc&google_hm=Y5M65dZ-ik9t9L6sdA4jZAAAFCEAAAAB&google_nid=index&google_push=ASkJ3FYUnBpzGrVRjHrbMN9r0opnzJVtfKl1BEIyJ5dW1nGFjyxVyUTAKCav3xRsN_ct0Yyq3AKSbkcXqlOExaQsNBWH9FrN6Fdwng
cache-control: no-cache
cf-ray: 776e27b8effebbc8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 899A 43 B
297 B 236ms
25ms Image
image/gif 2a05:d01c:1d8:8101:d648:86cf:755a:6dbf
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHXLmMSSyxk6STBpo7irMGs&google_cver=1&google_push=ASkJ3Fa0aCehnJCseJFBFox9XQQLsawUTQJ3pva2ZZCLp8T-uImotsQrl0AjjcsrqJ9urQkaDgycl-M5IkN054YCGGZKZFHBLtXZ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2974151996320664&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1182920990~rp.3&daaos=1670547687800&w=1200&fwrn=4&fwrnh=100&lmt=1670593252&rafmt=1&to=qs&pwprc=5458882937&format=1200x280&url=https%3A%2F%2Fcolor-kinder.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670593252100&bpp=3&bdt=1513&idt=-M&shv=r20221206&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98a6a29d147439bd-22db383c6cd80071%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_MaraLA_2yv2qzrxlA6V6-E-cfLgBg&gpic=UID%3D00000b8fb79227c3%3AT%3D1670593251%3ART%3D1670593251%3AS%3DALNI_Mbo9RCU26DhqJtrQKpb6fkFBoEUWA&prev_fmts=0x0&nras=2&correlator=4163446754292&frm=20&pv=1&ga_vid=341998924.1670593251&ga_sid=1670593251&ga_hid=696020254&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2610&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777948%2C44779957%2C31071262%2C21065725&oid=2&pvsid=3601703983653490&tmod=115087075&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sxVBubSqz7&p=https%3A//color-kinder.com&dtd=24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:d648:86cf:755a:6dbf London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 09 Dec 2022 13:40:53 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 899A 0
40 B 49ms
16ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I0VoNaEmy8fNPJUoSTWG1os22w5MoFvbvDDP2hSNwiMMX_vdE4bKoPHQMbMRbQK_3GT5zZ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 74ms
57ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221206&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d62a63a00ed52182782256ff912cb04ffe7b42623e2d6fdaee9ee7cf5b5a63e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11120
x-xss-protection: 0

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame E6BE 36 KB
16 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 11:52:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 11:52:08 GMT

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C36 36 KB
16 KB 14ms
8ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 11:52:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 11:52:08 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 13:40:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A1A5 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://color-kinder.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1276
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 13:19:37 GMT
expires: Sat, 09 Dec 2023 13:19:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B07F 783 B
535 B 18ms
18ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9b90372404b40afe2410387802123c0702a3bbd8dafffb1b23c2515eab146109

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-byy09VyzM5L9bmy3Oh5E-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://color-kinder.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-byy09VyzM5L9bmy3Oh5E-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 13:40:53 GMT
expires: Fri, 09 Dec 2022 13:40:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame A1A5 36 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 11:52:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 11:52:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B07F 0
0 150ms
149ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221206&jk=3601703983653490&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 33E0 42 B
64 B 159ms
158ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_kOWjvo69Krr-loTUbGrinWzNQfouR-KUrGzBfuWfjLP0UUwak0P9gnULYdA7srA6Fn3RKLFG67LamoysLonBFvpdhDZoQDpX867ze1821MVYTrACgH4FRfE2h6puFgKHgg7eeA&sai=AMfl-YQ4AXp5ci3tbyIoMzUAhRIbqdUOTFOyd-fxpbYbimuEcrHUnh0cK78lGNWvp2x7lqzQvC9xBia_VAlY8wg&sig=Cg0ArKJSzJto9Ur4zCTUEAE&cid=CAQSGwDq26N94o4aQ724sfR7QPA3-JX6MkGHclv9SRgBIBM&id=lidar2&mcvt=1006&p=0,0,124,1005&mtos=96,830,1006,1180,1240&tos=96,734,176,174,60&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670593252174&rpt=201&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 13:40:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A1A5 0
10 B 9ms
7ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DJ7Stg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 20ms
20ms Image
text/html 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-JBG0ND5ELC&cv=1&v=3&t=t&pid=843601233&rv=bu0&es=1&e=gtm.load&eid=6&u=AgAAAAAAAAAAACCAAIA&h=Ag&tc=6&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:40:53 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 157ms
157ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221206&jk=3601703983653490&bg=!BAelB0PNAAYgquz3AKo7ACkAdvg8Wpz5ELvwNp0lp7pEsXIPaE_Q9ybGOtkb8aQwn27d0iaAxZRGuAIAAACFUgAAAAJoAQcKALvHh-iivmHE9o5-cnLO9fEnkSvunpuvlQR4XsMnVeAWEV0jKqamfI5Rb4jTcUdyDAkif89UZiP4SSa-cRwpRNRT8-LfPYtuibX44yy5ntYrQa_nfdc2RTdvGAPE86QgSNJpC5bdOUyucR-CAO3BuiUQJTdeY-SD0CObAsOtaNVi2M_z6fJWGYnIrqEZ00VaG2lR4zinXXfcjmPwtLoVwWT8dDvNNY25ITi0vuSc1mCeWSqvpGCFcaRMFvfnmQK7mn9B2MqoHbfUybWmqjZm4stw4JrWwxNc306fC9XgV0bb--zAdzWSwjYAvGQ5IVMb9RW1BYCkvLlMim1nHJfpXEaFFR6fsbaY2Twxu3mkcXOly9nWisExVCXT_9hRWGNLDvoXMASdX2FLEIEZ7k4XShha9qzOJDGsvlvKBeTfhhAgIVU3fUKh0-rzksJpO2UqNvZDaVO_nvFVHGMKueRpH_RjbZqltmSsS798eFKGpFcFhxlxjIE6XBjU7Iz_ONVqCFsTxFg0Xc5iEfh-Teeu28wLwMg143XAmupCROUe-O8Qayv-puFcseOEel8gRtZRAqMJTRqcA_NptOAVjaNIB7mEXBqdZtPzKWeRF8qDcnSJoyJaV7GzpthFrlwzD7zTDTHt47Xh0clLCcMrh9aq-C1DVhJOr6tQX-C0Uxcru4vXtB3rhepr86Y0PdzvrQ5CsNMENA07gnshUCHbWJG4TEy4VMiu-XfKolRYZ7J_3MfRBjcb-EqEOc7EIbxvGxSjxa7RiiOUwF9yq3hM-Nus28mBFnXNcrQOmlthPeKUCNo1zdPwfbjksYta23SExF92MRR2OsBrsg3r2nktEZ7vVH-SWch-FKCDUqLWTPyz1G_8MODHTqEjRrOyVa6Y2ogvQG_8MaJAvXXGwQHM02j5tusNpWxDi5AZa0qpT9v0t6uy8e83ZNkG_pNpZkijvUWUkx4VzIf60esEQJygQt646NaaYcm5hQ6pzSEfRIZ0xvZhKu5mIId2BYgsECs_-crbyolzNkoSS6QPluUkRne4HHolf8pBDw5Y3nMgCaaGk7uVTw_VTu111lT6LPZ4XlaJHxF3W4hgtevWtU6JqIpVBlUDcZ2OmIyxx-weHRMlswJH1Ii47wfpCWp6pWRvD9k_s4BtYwgrXqnainOQn5yqmdshV-WhA4yC5gYj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://color-kinder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEO0itkgkr7m9q-m8AuyPnog&google_cver=1&google_push=ASkJ3FZEk7y8rEpaUzRr4Tcy0SZKP_fYmlXu32Wf5kFAD3oFbgd-2_RAEB4M4MNzV-5NfgD2uXC1SLNRVVUJpc51Pqugz9jzNr8KSw

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
color-kinder.com/	1970-01-20 08:13:18	Name: PHPSESSID Value: e633c4608e057c2a24714acdb7bc24b3
.color-kinder.com/	1970-01-20 17:39:13	Name: _ga_JBG0ND5ELC Value: GS1.1.1670593250.1.0.1670593250.0.0.0
.color-kinder.com/	1970-01-20 17:39:13	Name: _ga Value: GA1.1.341998924.1670593251
.color-kinder.com/	1970-01-20 17:24:49	Name: __gads Value: ID=98a6a29d147439bd-22db383c6cd80071:T=1670593251:RT=1670593251:S=ALNI_MaraLA_2yv2qzrxlA6V6-E-cfLgBg
.color-kinder.com/	1970-01-20 17:24:49	Name: __gpi Value: UID=00000b8fb79227c3:T=1670593251:RT=1670593251:S=ALNI_Mbo9RCU26DhqJtrQKpb6fkFBoEUWA
.doubleclick.net/	1970-01-20 08:03:16	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 17:24:49	Name: IDE Value: AHWqTUmG86QAPC3eCeYlTeVSFg9QmDtEW2mabsvFKN3IgBbK2yJRPEvYTIdtb-im8Wg
.quantserve.com/	1970-01-20 10:12:49	Name: d Value: EF0BCQHiJ4EA
.quantserve.com/	1970-01-20 17:33:27	Name: mc Value: 63933ae5-2b06d-543ec-0e1ba
.pubmatic.com/	1970-01-20 08:04:39	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 16:48:49	Name: CMID Value: Y5M65dZ.ik9t9L6sdA4jZAAA
.casalemedia.com/	1970-01-20 10:12:49	Name: CMPS Value: 5153
.casalemedia.com/	1970-01-20 10:12:49	Name: CMPRO Value: 5153
.agkn.com/	1970-01-20 16:48:49	Name: u Value: C\|0CEArJfdlKyX3ZQAAAAAAAQ13AQCAAQpAAAAAAA
.agkn.com/	1970-01-20 16:48:49	Name: ab Value: 0001%3AimoEvLc73QMtFBL51bMMv28Qv1kuiZil
.pubmatic.com/	1970-01-20 16:48:49	Name: KADUSERCOOKIE Value: 2A2620C4-AA18-48FD-9E0D-0F4AEFEF2BF2
.casalemedia.com/	1970-01-20 10:12:49	Name: CMTS Value: 3285
.innovid.com/	1970-01-20 10:12:49	Name: uuid Value: e52349cd-8516-4be6-9fae-0df629865375-20221209 08:40:53

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEO0itkgkr7m9q-m8AuyPnog&google_cver=1&google_push=ASkJ3FZEk7y8rEpaUzRr4Tcy0SZKP_fYmlXu32Wf5kFAD3oFbgd-2_RAEB4M4MNzV-5NfgD2uXC1SLNRVVUJpc51Pqugz9jzNr8KSw Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
ajax.googleapis.com
cm.g.doubleclick.net
cms.quantserve.com
color-kinder.com
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
region1.google-analytics.com
rtb.openx.net
ssum-sec.casalemedia.com
static.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
142.250.186.66
172.64.154.237
185.64.190.78
2001:4860:4802:32::36
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:802::2002
2a00:1450:4001:802::2006
2a00:1450:4001:803::2004
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:812::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a03:6f00:6:1::57f9:2b81
2a05:d01c:1d8:8101:d648:86cf:755a:6dbf
34.98.67.61
35.157.182.139
35.227.252.103
69.173.144.165
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
015d1cecf14c3ef529e92d788304fe58aa571c4e3ebaf4d78d5eea44f693c844
017516e639e36d079515bd4bf034b9b6b298f240b82474d27252f71b80ab0d07
09bf2d199a361b91c721cd94c13af329475b1e8bf8e35030a2665abd3c0a1f0e
0ab6ae2c03a22732a4abee117e1b210f9942c0da3b99d74da394e21fa2387944
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0f42d56e63009cb9f859b1be231021a9f67b8790c78308dd323df0a3cbff7be0
0f810d5b5f15f7400907bba82c4a90531663946e94d7bb27c6a114ff280f33d3
1365cecc9d678b216acd8893477780407f5557d1f6e3ed1ac3bf5d4604224c65
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1fbcecd06dc39fc6b256822fabe389df05047b7cfdc1022013a9bb0f79e09fd2
20e61b393e246051ebe36f186c4c5a8a0ab4efa227f16ec0c4cf57d60e0388d1
24c244818eca2b2fb2ab81f4cb9005075faad2230df0dd4cda9d8cd45406ece4
26cfee64ccd415511dffb9ea6c3a9021ae4c6b6a5b94e32e29a8b40c5d0323fe
26d8b3850f25b3e4c80a913d941d145f7faa36f6cee7075830d575c22240cea1
27303a9e1bd9c51e87fcf9c6bc9dcf9a1d86fa52e9ecb3a66f32e3aab4014aa3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31c9d5ad348ed8aa5d83aad08a22415e8c5ad83c6849eca6da26d45027dfbe8d
3fa766dc6cbb8b6070bab2860e03dbfd1874aa8431cc8cfe1eadec54ae93f0f5
3fc93cc3f2dec261a4dbd670cfcf476a15f759d6b9066f30bb65e4082d032fdb
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
4035621af5d863b0c90ab7450ba4af64e8658cf7ca0ec46dea9a73fac22091cd
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
47036352e7959e42dd37ceedeacbd716c268ed548699617f835874a6e8c98474
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
501bacbe4600038735ad1d8e9bd5d552be3bf3f2c12a17ad0beccad5a626a4ef
53f0a562b8304a0e078c7bd102027a0ed7a83c09b910f6266b48bd54086726f4
553441ee97cf388b63759b9a8884b57ff460f7023a46e52f58c93adeead13903
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6241293ef6f34c5d6a8a8063c7bdc9c61bae4251560135849eb02fd5fbaf50b6
65a045b7d9884422bff24ff6c709676203aa8bec61e6590773247baf6c1f30c7
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6b277fa13ac68561b8074224ce5f07cdf565e2c1c07aacdbbaf625184e815cd3
7103df47573abb13f784786f1d137d657744dfc99863e1e051c34af4ca0cc9ac
791d257f9c5e7eb412a1319b7864ad43e2eea5e9b378dd369d1d3a1b4535d1ab
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8718930f8725af60b8bc8a4e820075e7ba636cd9a92861cd762a27f9b6949eef
87751780665b14fa2f62f2e760f3b425fce0fc4e433e7c8cb3a90d1bea3c40ef
892a7288881e3b4fe78d9fa0570140f5b6093a00c3c09fd8cf237a3a2bff6565
8b512fec2fe7353e96309756a88f02c3830ce2a273a1a6bfddb97ecb8c4a8554
8bb7ce6130944e498f9fa89f78e31f86c81b142d334cb885a211c5ada9d940b7
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
9718f0b6520c7aafbd29f4dc66622367321d390872a86e146406324b65ce1051
974e4e9883f5a1737c18bfe23e0cfdaa1b985c0a6a300968cd8ed0fc3a1387d8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b90372404b40afe2410387802123c0702a3bbd8dafffb1b23c2515eab146109
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2891206822d93cafcc70e0e4001fa25bbbae6407e965dddc01507de6e013a1c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad8ccc382fc96ce70e2ce2ec683a4a5b30769fe335c12c489e9ab7ed863a70ce
ade3c192bf79aa68230b3952c5aa93ccd35a613366071a5539a36c7501e9a039
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b171516ef599b22c1e6a59781d1eb02a97930a05b9b54c97f33d360c4adfdf83
b35a96850a9f96841931e899cb0a6fadd8c163c39627ad53fc4f42fa979ef82f
b6ae9b084321719161d9a804e2e882e13d958298e74728396b0b5813c4f8bf06
be40fb54e1d05cee1be2ede48926fdab9fbd1e6de0e0b3170d6f8fb6b96d34c6
bf00f3f78e85d9383ce48d648f1bb1a86d5a8793b218642a5041da6ba7dd3dda
bf69e07b2f04f0ff99295760e814c4ea3e6393a50df670beaf679871ae6f7e57
c9be182fa2cbd78eb577b39d7d3565586e80436909d4f2c38258c1023182c047
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
d203ab410178b6be47a94813dcd9b4d1daa50137ca66e5b66d7ab52405f9a902
d62a63a00ed52182782256ff912cb04ffe7b42623e2d6fdaee9ee7cf5b5a63e8
d86345f12c376e43bccea6e66cbb02d2e9233e8a035f3756715f318c5961bbe6
e2b9415e8be863351b5b793891fc1c967bab56a7f784a09f1350d36430ccb4f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70b6fd233e77bc9260e9d79f91cdfa92896515ce4abf769621afb7251814b25
e7d6a12df315c6e2032084b38e6fc0291190ce09b2f83251098bfe90d35a2fb3
e85b22ccd347916453ab28a63097fedc39dd5ee5c9ae7b302782550f5830ea12
e90a0349e15ace398085a2dfff10980c0856e980d1c3fa8977886d2ce047e1e1
ee5fef75aedbe7910904e0ad49588292f12c5b9f8a2207446b088a23082560aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c58ac49804cae55c76340b31bb4d66834088287bcc040016df8f94f1df1bd4
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fe4ded55789f78204754a353d124951e36b60128ca671450e55b5f328927f786
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

color-kinder.com Open in urlscan Pro 2a03:6f00:6:1::57f9:2b81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

132 Requests

92 %HTTPS

71 %IPv6

20 Domains

26 Subdomains

21 IPs

4 Countries

2043 kBTransfer

3853 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

color-kinder.com Open in urlscan Pro
2a03:6f00:6:1::57f9:2b81 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

92 %
HTTPS

71 %
IPv6

20
Domains

26
Subdomains

21
IPs

4
Countries

2043 kB
Transfer

3853 kB
Size

18
Cookies

132 HTTP transactions
3 data transactions