www.kidzone.ws Open in urlscan Pro
52.202.222.143 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.kidzone.ws/magic/coin_trick.htm
Effective URL:
https://www.kidzone.ws/magic/coin_trick.htm
Submission: On January 24 via manual (January 24th 2024, 5:59:33 am UTC) from IN — Scanned from DE

Summary HTTP 195 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 58 IPs in 7 countries across 39 domains to perform 195 HTTP transactions. The main IP is 52.202.222.143, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.kidzone.ws. The Cisco Umbrella rank of the primary domain is 432222.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 19th 2023. Valid for: a year.

This is the only time www.kidzone.ws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	52.202.222.143 52.202.222.143	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
8	2606:4700:20:... 2606:4700:20::681a:7da	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3 9	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::6815:815	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:249... 2600:9000:2490:8600:11:b309:9100:21	16509 (AMAZON-02) (AMAZON-02)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223e:8800:5:82fd:2500:21	16509 (AMAZON-02) (AMAZON-02)
1	3.236.169.28 3.236.169.28	14618 (AMAZON-AES) (AMAZON-AES)
1	99.86.4.128 99.86.4.128	16509 (AMAZON-02) (AMAZON-02)
1	23.197.10.19 23.197.10.19	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:246e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.234.63.226 172.234.63.226	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.220.173.30 54.220.173.30	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.245.47.29 18.245.47.29	16509 (AMAZON-02) (AMAZON-02)
4	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
11	52.28.111.100 52.28.111.100	16509 (AMAZON-02) (AMAZON-02)
1	145.40.97.67 145.40.97.67	54825 (PACKET) (PACKET)
1	34.254.148.127 34.254.148.127	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	34.149.50.64 34.149.50.64	15169 (GOOGLE) (GOOGLE)
7	2602:803:c003... 2602:803:c003:200::43	26667 (RUBICONPR...) (RUBICONPROJECT)
2 5	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
1	2606:4700:440... 2606:4700:4400::6812:22b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.248.25.157 34.248.25.157	16509 (AMAZON-02) (AMAZON-02)
1	159.89.246.130 159.89.246.130	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	3.124.236.160 3.124.236.160	16509 (AMAZON-02) (AMAZON-02)
1	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
2	141.95.33.120 141.95.33.120	16276 (OVH) (OVH)
16	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2 3	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 3	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2	65.21.73.144 65.21.73.144	24940 (HETZNER-AS) (HETZNER-AS)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
12	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
3	65.21.74.17 65.21.74.17	24940 (HETZNER-AS) (HETZNER-AS)
195	58

12 52.202.222.143 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-222-143.compute-1.amazonaws.com

www.kidzone.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:7da (United States)

ASN13335 (CLOUDFLARENET, US)

qd.admetricspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:815 (United States)

ASN13335 (CLOUDFLARENET, US)

pioeg.admetricspro.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:8600:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:8800:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.236.169.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-236-169-28.compute-1.amazonaws.com

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.10.19 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-10-19.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.234.63.226 (Paris, France)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-234-63-226.ip.linodeusercontent.com

aps.zqtk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.173.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-173-30.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.47.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-47-29.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.28.111.100 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-111-100.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.148.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-148-127.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2602:803:c003:200::43 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.25.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-25-157.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.236.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-236-160.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.21.73.144 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.144.73.21.65.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.229.233.6 (United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.21.74.17 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.17.74.21.65.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	845 KB
19	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163	254 KB
17	revjet.com ads.revjet.com — Cisco Umbrella Rank: 6930 cdn.revjet.com — Cisco Umbrella Rank: 6513 pix.revjet.com — Cisco Umbrella Rank: 5747	693 KB
14	google.com 3 redirects cse.google.com — Cisco Umbrella Rank: 3031 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 469 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143	294 KB
12	kidzone.ws 1 redirects www.kidzone.ws — Cisco Umbrella Rank: 432222	48 KB
11	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 978	2 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 410	208 KB
8	admetricspro.com qd.admetricspro.com — Cisco Umbrella Rank: 13867	449 KB
7	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 520	22 KB
5	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 478 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	3 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 314 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591 aax.amazon-adsystem.com — Cisco Umbrella Rank: 395	78 KB
4	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 863	407 B
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 857 id5-sync.com — Cisco Umbrella Rank: 425	30 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1603 mp.4dex.io — Cisco Umbrella Rank: 2539	25 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1664 a.ad.gt — Cisco Umbrella Rank: 1857	5 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2029	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	215 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	130 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914	547 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 898	12 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1234	104 B
2	cloudfront.net d15kdpgjg3unno.cloudfront.net dyv1bugovvq1g.cloudfront.net	123 KB
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 253	10 KB
1	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 581	649 B
1	serverbid.com e.serverbid.com — Cisco Umbrella Rank: 2663	390 B
1	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 2107	669 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3797	1 KB
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459	113 B
1	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 1839	835 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 625	21 KB
1	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1535	11 KB
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 740	355 B
1	zqtk.net aps.zqtk.net — Cisco Umbrella Rank: 10520	2 KB
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1798	10 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1157	17 KB
1	amazonaws.com sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5363	682 B
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 2320	48 KB
1	workers.dev pioeg.admetricspro.workers.dev — Cisco Umbrella Rank: 25827	690 B
195	39

	Domain	Requested by
30	tpc.googlesyndication.com	cadmus.script.ac www.kidzone.ws 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com tpc.googlesyndication.com
16	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com pagead2.googlesyndication.com www.kidzone.ws
12	cdn.revjet.com	www.kidzone.ws srcdoc
12	www.kidzone.ws	1 redirects www.kidzone.ws
11	btlr.sharethrough.com	cadmus.script.ac
10	cdn.ampproject.org	cadmus.script.ac
9	www.google.com	3 redirects cse.google.com www.google.com www.kidzone.ws cadmus.script.ac
8	qd.admetricspro.com	www.kidzone.ws qd.admetricspro.com
7	fastlane.rubiconproject.com	cadmus.script.ac
7	securepubads.g.doubleclick.net	1 redirects qd.admetricspro.com cadmus.script.ac www.kidzone.ws
6	googleads.g.doubleclick.net	756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com www.kidzone.ws
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	targeting.unrulymedia.com	cadmus.script.ac
3	pix.revjet.com	srcdoc 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com cdn.revjet.com
3	ad.doubleclick.net	1 redirects 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com srcdoc
3	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
3	756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com	cadmus.script.ac
3	id5-sync.com	cadmus.script.ac cdn.id5-sync.com
3	c.amazon-adsystem.com	cadmus.script.ac c.amazon-adsystem.com
3	www.googletagmanager.com	www.kidzone.ws www.googletagmanager.com
2	www.googleadservices.com
2	ads.revjet.com	www.kidzone.ws
2	www.googletagservices.com	756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
2	lb.eu-1-id5-sync.com	cadmus.script.ac
2	script.4dex.io	cadmus.script.ac
2	id.hadron.ad.gt	cdn.hadronid.net
2	fundingchoicesmessages.google.com	cadmus.script.ac
2	i.clean.gg	cadmus.script.ac
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cse.google.com	www.kidzone.ws www.google.com
1	ib.adnxs.com	cadmus.script.ac
1	tlx.3lift.com	cadmus.script.ac
1	e.serverbid.com	cadmus.script.ac
1	ads.servenobid.com	cadmus.script.ac
1	mp.4dex.io	cadmus.script.ac
1	hb-api.omnitagjs.com	cadmus.script.ac
1	hbopenbid.pubmatic.com	cadmus.script.ac
1	htlb.casalemedia.com	cadmus.script.ac
1	s.seedtag.com	cadmus.script.ac
1	rtb.openx.net	cadmus.script.ac
1	g2.gumgum.com	cadmus.script.ac
1	prebid.a-mo.net	cadmus.script.ac
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	a.ad.gt	cadmus.script.ac
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.id5-sync.com	cadmus.script.ac
1	aps.zqtk.net	www.kidzone.ws
1	cdn.hadronid.net	cadmus.script.ac
1	tags.crwdcntrl.net	cadmus.script.ac
1	secure.cdn.fastclick.net	cadmus.script.ac
1	config.aps.amazon-adsystem.com	cadmus.script.ac
1	sqs.us-east-1.amazonaws.com	d15kdpgjg3unno.cloudfront.net
1	dyv1bugovvq1g.cloudfront.net	cadmus.script.ac
1	d15kdpgjg3unno.cloudfront.net	qd.admetricspro.com
1	cadmus.script.ac	qd.admetricspro.com
1	clients1.google.com	www.kidzone.ws
1	pioeg.admetricspro.workers.dev	qd.admetricspro.com
1	region1.google-analytics.com	www.googletagmanager.com
195	58

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
pinterest.com
www.youtube.com
www.dltk-kids.com
www.dltk-holidays.com
www.dltk-ninos.com
www.dltk-teach.com
www.brainframe-kids.com
www.coloring.ws
www.first-school.ws
www.makinglearningfun.com
www.pauseitivity.com
www.primeraescuela.com
admetricspro.com

Subject Issuer	Validity	Valid
kidzone.ws Amazon RSA 2048 M02	`2023-05-19` - `2024-06-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-10` - `2024-06-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
admetricspro.workers.dev Cloudflare Inc ECC CA-3	`2024-01-24` - `2024-12-31`	a year	crt.sh
script.ac E1	`2023-12-29` - `2024-03-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2024-01-11` - `2024-04-10`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
queue.amazonaws.com Amazon RSA 2048 M01	`2024-01-18` - `2024-12-28`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.zqtk.net R3	`2024-01-08` - `2024-04-07`	3 months	crt.sh
a.ad.gt E1	`2023-12-12` - `2024-03-11`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.a-mo.net R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-14`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-29` - `2024-04-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
ads.servenobid.com Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
*.consumableaudio.com R3	`2024-01-16` - `2024-04-15`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-11`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.kidzone.ws/magic/coin_trick.htm
Frame ID: 4BBA08710E8ABCE2B4054C03D4D04C59
Requests: 99 HTTP requests in this frame

Frame: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3269F04CDC28436C2E73036A5D278836
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9704F7AD443DB6CEE955120139E44833
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 66EF2BC0A28F2315F9F9A967C50C3EEF
Requests: 2 HTTP requests in this frame

Frame: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CF8B0A52C5BF30067696DEE2D1539D82
Requests: 8 HTTP requests in this frame

Frame: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E416E99F22BAFCD5E6A156E11BF36DF2
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs
Frame ID: CF24C74E7156F34F56BE349080FED9FF
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs
Frame ID: BE999C5ECFBBAD9B54E14ABE046E947C
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3654729946160121676/index.html
Frame ID: 2BDA804A2552B2CB7F1D4F617F3744C6
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 779D2AAEEC7F8412BE86D217AC320DCA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGMfI3t4BMAE&v=APEucNX1T8tXHIoLMV2H6OyZKnlKdFK5VSEFZSGoiWSxASTBM8JpxZn5JlAk76hhjhnfr4ECiec3bpwNDi1FGsNZn0zPVnY3ckaUKq8NsoEaxqp2AW2R30U
Frame ID: 5234DF5EB6D94E58CA83F78A79BAC967
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2000558763A6C5F468087713515E5479
Requests: 3 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
Frame ID: 85C01210F00A203A8BD76B4956F00C8B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Frame ID: 07A1DAA78140804696A9D685083A45CF
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Coin Magic Tricksuchen

Page URL History Show full URLs

http://www.kidzone.ws/magic/coin_trick.htm HTTP 301
https://www.kidzone.ws/magic/coin_trick.htm Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

195
Requests

97 %
HTTPS

46 %
IPv6

39
Domains

58
Subdomains

58
IPs

7
Countries

3580 kB
Transfer

8773 kB
Size

35
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/DLTKsCraftsForKids

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dltkcrafts/

Search URL Search Domain Scan URL

URL: https://twitter.com/DLTKsCrafts

Search URL Search Domain Scan URL

URL: https://pinterest.com/leannedltk/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/DLTKcrafts/featured

Search URL Search Domain Scan URL

URL: https://www.dltk-kids.com/new10.htm
Title: Fav 10

Search URL Search Domain Scan URL

URL: https://www.dltk-kids.com/top10.htm
Title: Top 10

Search URL Search Domain Scan URL

URL: https://www.dltk-kids.com/
Title: DLTK-Kids.com

Search URL Search Domain Scan URL

URL: https://www.dltk-holidays.com/
Title: DLTK-Holidays.com

Search URL Search Domain Scan URL

URL: https://www.dltk-ninos.com/
Title: DLTK-Ninos.com

Search URL Search Domain Scan URL

URL: https://www.dltk-teach.com/
Title: DLTK-Teach.com

Search URL Search Domain Scan URL

URL: https://www.brainframe-kids.com/
Title: BrainFrame-Kids.com

Search URL Search Domain Scan URL

URL: https://www.coloring.ws/
Title: Coloring.ws

Search URL Search Domain Scan URL

URL: https://www.first-school.ws/
Title: First-School.ws

Search URL Search Domain Scan URL

URL: https://www.makinglearningfun.com/
Title: MakingLearningFun.com

Search URL Search Domain Scan URL

URL: https://www.pauseitivity.com/
Title: Pauseitivity.com

Search URL Search Domain Scan URL

URL: https://www.primeraescuela.com/
Title: PrimeraEscuela.com

Search URL Search Domain Scan URL

URL: https://www.dltk-kids.com/feedback.htm
Title: contact us

Search URL Search Domain Scan URL

URL: https://www.dltk-kids.com/prthlp.html
Title: print help

Search URL Search Domain Scan URL

URL: https://www.dltk-kids.com/privacy.htm
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.dltk-kids.com/copyright.htm
Title: Copyright

Search URL Search Domain Scan URL

URL: https://admetricspro.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.kidzone.ws/magic/coin_trick.htm HTTP 301
https://www.kidzone.ws/magic/coin_trick.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 141

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 147

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 154

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 156

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENcwMxFoCiUW7xP7LfHLNoM&google_cver=1&gdpr=0

Request Chain 157

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbCnQS3NnZIQoSzHeGWuMAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENcwMxFoCiUW7xP7LfHLNoM&google_cver=1&gdpr=0

Request Chain 172

https://securepubads.g.doubleclick.net/pagead/adview?ai=CmyHQQKewZZ70Ko2W7_UP9Z-F2AXf5OW9dZDW_-3IEu_5reiVDhABIPmb8YQBYJWikoKgB6AB1tva_ALIAQmpAo1qEFsWKIE-4AIAqAMByANIqgSyAk_QEoPaPkPaiCfBDNVVwVO_gPLusWGH14muhmOeixTYyTcztEQgZQuR1-QOwdM7PV9eS2TKHaqjSeatYb5wErbBh3xN-iXFKdxX_k57YFdUG0H-L8WNFj5FmG6X5AtiSn7Ec4lrN2gxsYuNVzhUk07zwL1U-SsOok0Bh29xwDjT3OtSNPw4GCayCCgrbkOBRlnDEvjWFP9909kwLmEoPizvvV3Kh1mAwhaINZBs3F5Q_rWb-3M5Iwa_8lUMfiQYtagFEp8wW4djTQVO7unkh6FFX9f57H_6eJ4XvAXm5A04noLzo8IxqbmlpVBCU5JPfLCN6s4dZWs54MeAsUknkObk-sEk9eK94dowi9rbUdFsZqH5Lmv6D2v8v8LnRrZJhTl6plKokz8VIDj12-ynBUPVicAEs_qz5t4E4AQBiAX_goLtTZIFBAgEGAGSBQQIBRgEoAYugAfumZDCAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBDl0iTSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WLy_yqCs9YMDmgkdaHR0cHM6Ly9hMDIuNGt6Z2FtZS5jb20vc2hhcmWACgPICwHiDRMI3_TKoKz1gwMVDcu7CB31TwFb2BMN0BUBgBcBshceChwIABIUcHViLTE3NTI2OTAzNTUzNzk4NjAYhNt7&sigh=2XZRAgXPKqE&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_s0yHDudJC0RVFVU4nJc9GheTujkR5i3DTWx2C8dB4RhmGeiuG5y8q5PipZ-yVtytxGAg833kcL8iyVZ-pi16HGmTCKGQgAUOzhgB&template_id=531&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228565068448429563462%22,%22debug_reporting%22:true,%22destination%22:%22https://4kzgame.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22798404054%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212706834307117075745%22}&andc=true

Request Chain 183

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498592;dc_trk_aid=548428617;dc_trk_cid=185782221;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1706075970275 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498592;dc_pre=CLvRuaGs9YMDFeLyEQgdaY8N9w;dc_trk_aid=548428617;dc_trk_cid=185782221;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1706075970275

195 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request coin_trick.htm Show response
www.kidzone.ws/magic/
Redirect Chain

http://www.kidzone.ws/magic/coin_trick.htm
https://www.kidzone.ws/magic/coin_trick.htm

10 KB
3 KB

361ms
116ms

Document
text/html

52.202.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-222-143.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b6b475b855e98e05f4e4edae4e53194d942e7b9c5ba6e9d57d8d6d52da9e62b3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 3159
content-type: text/html
date: Wed, 24 Jan 2024 05:59:25 GMT
etag: "04919ac3450d91:0"
last-modified: Mon, 06 Mar 2023 14:05:14 GMT
server: Microsoft-IIS/8.5
vary: Accept-Encoding
x-powered-by: ASP.NET

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Wed, 24 Jan 2024 05:59:25 GMT
Location: https://www.kidzone.ws:443/magic/coin_trick.htm
Server: awselb/2.0

GET
H2 200 main.css
www.kidzone.ws/kidzonestyles/ 6 KB
2 KB 229ms
229ms Stylesheet
text/css 52.202.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kidzone.ws/kidzonestyles/main.css
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-222-143.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ee8872bee3e4bf937079e4a9da69d9e7ce338fce9a6f1632ef74dbf960bbca82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/magic/coin_trick.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:25 GMT
content-encoding: gzip
last-modified: Sun, 23 Apr 2023 21:05:57 GMT
server: Microsoft-IIS/8.5
etag: "8068ed652776d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1665

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 177 KB
64 KB 184ms
40ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-52971111-3

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e23ed775d17391189fc1f220c81ad348e12aa6519ecc8d64e2a8dfe7463f3cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65405
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jan 2024 05:59:25 GMT

GET
H2 200 sidebar2-layout.js Show response
qd.admetricspro.com/js/dltk/kidzone/ 36 KB
8 KB 228ms
174ms Script
application/javascript 2606:4700:20::681a:7da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/dltk/kidzone/sidebar2-layout.js
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1effcae44ab3db3c4e0f3b4aadd0c5a6f9a86cf56307cc4a678ac27149de0e32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Dec 2023 19:49:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"913f-60d6efb6c3400-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRTE1OwxR4FbSlW3%2F3RwrNwYxR%2FxxSmxh3BQbEirOXYfFrRZR%2B5mTzZEjlvVGM8O%2B8RlGb7fE1eI%2BR%2F7KiKOR2H8qBr3ggPYsFTihlBQl%2FuHSKt1suiJ2UVM67CBzxCrC6dfFCLkSUE6ap%2FFG5dUec0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 84a60ce309f84d44-FRA
expires: Wed, 24 Jan 2024 06:08:11 GMT

GET
H2 200 kidzone-brand-1200.png
www.kidzone.ws/images/ 10 KB
11 KB 116ms
116ms Image
image/png 52.202.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kidzone.ws/images/kidzone-brand-1200.png
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-222-143.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 541e5c9e1567f18530f68547e6ca2fc20ccd40fde8295735412280efdcdfe36c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/magic/coin_trick.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:25 GMT
last-modified: Mon, 01 Mar 2021 02:18:08 GMT
server: Microsoft-IIS/8.5
etag: "70e6291f41ed71:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 10714

GET
H2 200 facebook.png
www.kidzone.ws/images/ 921 B
1 KB 116ms
115ms Image
image/png 52.202.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kidzone.ws/images/facebook.png
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-222-143.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 03945ce270fb1b8d694c3eebfe0f235fb54929973283c38c0e3e6c75127061ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/magic/coin_trick.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:25 GMT
last-modified: Mon, 01 Mar 2021 02:18:48 GMT
server: Microsoft-IIS/8.5
etag: "52dd843641ed71:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 921

GET
H2 200 instagram.png
www.kidzone.ws/images/ 2 KB
2 KB 116ms
115ms Image
image/png 52.202.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kidzone.ws/images/instagram.png
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-222-143.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8f6bca96a5bb70c9c153d9f95f8a09a4a0282d2400b317b76fb87579989a8444

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/magic/coin_trick.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:25 GMT
last-modified: Mon, 01 Mar 2021 02:18:56 GMT
server: Microsoft-IIS/8.5
etag: "95f0c93b41ed71:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 1667

GET
H2 200 twitter.png
www.kidzone.ws/images/ 963 B
1 KB 117ms
116ms Image
image/png 52.202.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kidzone.ws/images/twitter.png
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-222-143.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7480825cf5281968220fea903a1cbb33e86c6199a331db8edbbc631e20e337a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/magic/coin_trick.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:25 GMT
last-modified: Mon, 01 Mar 2021 02:19:06 GMT
server: Microsoft-IIS/8.5
etag: "b81ac24141ed71:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 963

GET
H2 200 pinterest.png
www.kidzone.ws/images/ 1 KB
1 KB 118ms
117ms Image
image/png 52.202.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kidzone.ws/images/pinterest.png
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-222-143.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fc8deae28b64ae4499971481a402af6c85873da8a14f86b1d0eb45d0cc860763

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/magic/coin_trick.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:25 GMT
last-modified: Mon, 01 Mar 2021 02:18:57 GMT
server: Microsoft-IIS/8.5
etag: "ea3afa3b41ed71:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 1302

GET
H2 200 youtube.png
www.kidzone.ws/images/ 1 KB
1 KB 118ms
117ms Image
image/png 52.202.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kidzone.ws/images/youtube.png
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-222-143.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 50200e9b822674ca4901570d058b6f561e11384c6db21caabb08091db0716e30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/magic/coin_trick.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:25 GMT
last-modified: Mon, 01 Mar 2021 02:19:07 GMT
server: Microsoft-IIS/8.5
etag: "172cf44141ed71:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 1173

GET
H2 200 cse.js Show response
cse.google.com/ 6 KB
4 KB 111ms
50ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=006942297880364118670:wzkmhtihnsw

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

94c0a9e43d8e542853f0f03a4ceb5db895da42d3a410c40e1e2fc6edaa4ba1c6

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-0x586r-qhMTe7AKtNNg_Tg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-0x586r-qhMTe7AKtNNg_Tg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Wed, 24 Jan 2024 05:59:25 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2438
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Wed, 24 Jan 2024 05:59:25 GMT

GET
H2 200 coin-trick.jpg
www.kidzone.ws/images-changed/s/ 24 KB
24 KB 230ms
230ms Image
image/jpeg 52.202.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kidzone.ws/images-changed/s/coin-trick.jpg
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-222-143.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c595022f30803570977c41184644cbc4240cc294a0099fff01b1f2b400cbb940

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/magic/coin_trick.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:25 GMT
last-modified: Tue, 21 Jul 2020 03:40:16 GMT
server: Microsoft-IIS/8.5
etag: "3b9b44a6105fd61:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 24476

GET
H2 200 small-device.css
www.kidzone.ws/kidzonestyles/ 1 KB
786 B 117ms
116ms Stylesheet
text/css 52.202.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kidzone.ws/kidzonestyles/small-device.css
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-222-143.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d1cda6efcb70313a952e7b5c8bb38ad3103f2af4b748d772fd95ee890941a40f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/magic/coin_trick.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:25 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 18:23:45 GMT
server: Microsoft-IIS/8.5
etag: "b5684c4c8ed71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 577

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
61 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T9HD5J3

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b65a5b52b5fae8acdc3018a7360041abae052ec4e774c21faf1c951df17e0ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62781
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jan 2024 05:59:25 GMT

GET
H2 200 kidzonebullet1a.gif
www.kidzone.ws/kidzonestyles/images/ 343 B
517 B 118ms
118ms Image
image/gif 52.202.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kidzone.ws/kidzonestyles/images/kidzonebullet1a.gif
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/kidzonestyles/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-222-143.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dbd7a13ddf148ef8b0a48ff9a29c6aabad10d733d983ed62e4cad1f42b8612da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/kidzonestyles/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:25 GMT
last-modified: Mon, 01 Mar 2021 18:23:42 GMT
server: Microsoft-IIS/8.5
etag: "3bad5a2c8ed71:0"
x-powered-by: ASP.NET
content-type: image/gif
accept-ranges: bytes
content-length: 343

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 67ms
19ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52971111-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jan 2024 05:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 676
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 24 Jan 2024 07:48:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
89 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DXL7W5425X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T9HD5J3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

175f275fb5d1206f28bfe458641c6af0342a90768b98d27e57dd78c817fe2d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91606
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jan 2024 05:59:25 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 28ms
26ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=887490835&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&ul=en-us&de=UTF-8&dt=Coin%20Magic%20Trick&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=902841799&gjid=1606084796&cid=1532383923.1706075966&tid=UA-52971111-3&_gid=1714646537.1706075966&_r=1&gtm=457e41m0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&jsscut=1&z=689440911

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kidzone.ws
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/8435450f13508ca1/ 318 KB
106 KB 80ms
33ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8435450f13508ca1/cse_element__de.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=006942297880364118670:wzkmhtihnsw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6f357810e9cd8f0aeca7b0cd526dc72d9230dce6958843f80bf104f940b5626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108420
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 16:43:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 24 Jan 2024 05:59:26 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/8435450f13508ca1/ 41 KB
9 KB 76ms
29ms Stylesheet
text/css 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8435450f13508ca1/default+de.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=006942297880364118670:wzkmhtihnsw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9068
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 16:43:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 24 Jan 2024 05:59:26 GMT

GET
H2 200 minimalist.css
www.google.com/cse/static/style/look/v4/ 5 KB
2 KB 67ms
21ms Stylesheet
text/css 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/minimalist.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=006942297880364118670:wzkmhtihnsw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5867ad740bc719bf1309b5f65537b7ba69f2cba5e9a193679859542d1bc7f95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1452
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 24 Jan 2024 06:05:46 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 88ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DXL7W5425X&gtm=45je41m0v9100327115z89100323408&_p=1706075965864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cid=1532383923.1706075966&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706075966&sct=1&seg=0&dl=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&dt=Coin%20Magic%20Trick&en=page_view&_fv=1&_ss=1&tfd=1386
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DXL7W5425X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kidzone.ws
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
pioeg.admetricspro.workers.dev/ 216 B
690 B 529ms
176ms XHR
application/text 2606:4700:3035::6815:815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pioeg.admetricspro.workers.dev/
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/kidzone/sidebar2-layout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7d64bd996c62d588b3ce780deef93cc5e1f4d04adac53d209d5b963c06d9d41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wm%2B0gxlaPSQGPie%2BtjWfOsOXIH%2F0eqOpgqgHTkUg9RR%2BGcxB3XyDzkAxsITLGUF7%2BN%2BmDxmzuJTxplFMWZG3EOwpi2P%2BnL2Qmyi5QPm1mdtzA4dpcUrnWSPESqXElDX42XU9kjQWsG62qrk%2F6aS0Us8NyFvizV%2BHHMrTWrU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/text;charset=UTF-8
access-control-allow-origin: *
cf-ray: 84a60ce6dc6c6807-SJC
alt-svc: h3=":443"; ma=86400
content-length: 216

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 137 KB
50 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/8435450f13508ca1/cse_element__de.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88c5cf2ee5188fb5284ca2a83dca36eca518f046a1f596df4a34b07ec82dffaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "14554146025892792557"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Wed, 24 Jan 2024 05:59:26 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 20ms
20ms Image
image/png 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/8435450f13508ca1/default+de.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/8435450f13508ca1/default+de.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:26:20 GMT
x-content-type-options: nosniff
age: 23586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 22 Jan 2025 23:26:20 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/de/ 2 KB
2 KB 28ms
20ms Image
image/png 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/de/branding.png

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0b84c9c86ff8c6282031b41e5ca2526e45e5e9c1a3956579f5320c25fb40360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:39:43 GMT
x-content-type-options: nosniff
age: 22783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1838
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 21:00:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 22 Jan 2025 23:39:43 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
117 B 83ms
21ms Image
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 opticommon.js Show response
qd.admetricspro.com/js/optimera/ 8 KB
3 KB 29ms
28ms Script
application/javascript 2606:4700:20::681a:7da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/optimera/opticommon.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/kidzone/sidebar2-layout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ce70ec38840c3c32ddabe877bc9c6f25bcde77bf60e908e9d85452a71e0d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Jul 2023 18:40:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 252
etag: W/"211c-6010398b02838-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOSXVGhw0nGbS0x8G6u978oFW7Im%2BRe3qshQPWgKrDA%2Flbk85L97pTB%2FhIGLxMuEvrETSYdhwgcvM%2FPPU%2FI86wMexSSklrt5vnKlrYe5z5ohFRPSbbPtZGIC%2B7%2F%2FbsmKYFLgYv1ZAeNG4sevBMk6Ejc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 84a60ce77f974d44-FRA
expires: Wed, 24 Jan 2024 06:01:01 GMT

GET
H2 200 script.js Show response
cadmus.script.ac/droiw9gfb309t/ 137 KB
48 KB 86ms
32ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/kidzone/sidebar2-layout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6327d72319b4e014f40c9cc659185d33b33cce96fa3105772d511046a77d9f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:26 GMT
content-encoding: gzip
last-modified: Tue, 23 Jan 2024 22:52:44 GMT
server: cloudflare
age: 0
etag: W/"5865bca355db0ff8dab7f1ed8b902359db5285e7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 84a60ce7dfc59162-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 107ms
60ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/kidzone/sidebar2-layout.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d38d9a765faf30508296067c4adecebc5bb4a27d33fed308c9ae7c5c32db501

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29420
x-xss-protection: 0
server: cafe
etag: 249 / 19746 / m202401180101 / config-hash: 12028933323860707752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 05:59:26 GMT

GET
H2 200 cmp.js Show response
qd.admetricspro.com/js/dltk/kidzonews/ 322 KB
92 KB 189ms
189ms Script
application/javascript 2606:4700:20::681a:7da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/dltk/kidzonews/cmp.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/kidzone/sidebar2-layout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 953950792fdff6cb144dd1220a26088651920a98b80da68d6da586696a919b1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Sep 2022 15:11:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"506e3-5e91d3ff33230-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwsXSo2t4V5wXbGrjmi2bCeDISFoSIPF597pTNFFIWzdFAvtqQIXdtwW845ivpzMANG7KiajuOT%2BSbpgR6FAnFWOw1DY5daEEULzlxuCDB8rgch3FMfoaR65y%2BN4Im10gyysHOKBZTLwblWLqkHjfxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 84a60ce77f984d44-FRA
expires: Wed, 24 Jan 2024 06:06:23 GMT

GET
H2 200 uspcmp.js Show response
qd.admetricspro.com/js/dltk/kidzonews/ 169 KB
80 KB 167ms
167ms Script
application/javascript 2606:4700:20::681a:7da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/dltk/kidzonews/uspcmp.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/kidzone/sidebar2-layout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ef624ec962415bd378947e5207227907e499957a465bcf20238dc938a7dbfb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Sep 2022 14:38:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2a4f5-5e91cc9d2952a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mHqzm1y%2F2JTysU7w9dQ6%2BwrRQrhgtVP05ae8PG0TcA9UxwJGmji3gvqobIXZyR9qR7ELb5gSqn6fSN%2BypHcdlBfU5pC96CR9UIC3%2BAeIOzspuDByvmSQbajZsopO1Xxyy8O7OU%2F87s6U63S%2F9w8XkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 84a60ce77f9a4d44-FRA
expires: Wed, 24 Jan 2024 06:04:12 GMT

GET
H2 200 prebid.js Show response
qd.admetricspro.com/js/dltk/kidzonews/ 577 KB
175 KB 190ms
189ms Script
application/javascript 2606:4700:20::681a:7da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/dltk/kidzonews/prebid.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/kidzone/sidebar2-layout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a90077950eaf8b209bcc2219fa2cd0a1e487cae8d896087e57d367d7f084f66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 22:05:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"904a0-609972b64a234-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRPLGdAHYEISu4VodP1j28r8OG5W7znFNLsw6GIeuf2jJsdKx85%2BOaaY%2FmjfjHLFgOtc3v68DNaMlsUKaWlaLp4YJVPeJ6c7cUwSk1N4%2B36uR%2BWx7aOInYIeJ%2F2bHEpDqullkR%2FquEnDdD2C%2BAsmDSw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 84a60ce77f9c4d44-FRA
expires: Wed, 24 Jan 2024 06:04:12 GMT

GET
H2 200 engine.js Show response
qd.admetricspro.com/js/dltk/kidzonews/ 135 KB
36 KB 190ms
190ms Script
application/javascript 2606:4700:20::681a:7da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/dltk/kidzonews/engine.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/kidzone/sidebar2-layout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f43fa0c6fbe53e743cc30977c6c79562747170917001cb8c229df3101ebaba9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Sep 2023 00:16:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"21da5-6053278b8b876-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GRwqXMRAyz2IlRGqxmlh9dQYx%2BpUd9s9DXqUDOsiAoexnA%2BTou2G7U9x0dyNbdt4Go9jTKCQnn23stfHs%2FNPkfMAOHH3PeKDKr3GjsnoUrnzFb2sM56dbj7ELBnXs%2Boddc63B90%2BCLGNsvFr5XYSPE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 84a60ce77f9d4d44-FRA
expires: Wed, 24 Jan 2024 06:06:23 GMT

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 122 KB
122 KB 86ms
24ms Script
text/javascript 2600:9000:2490:8600:11:b309:9100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=96
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/kidzone/sidebar2-layout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8600:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36df88557f5d9520a8518f1c63c31203a81e8ca3936296cd7fedce2da7fb622c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: vJGOPXg55Eg10ePpe.oKRR8kUd73XmCz
date: Wed, 24 Jan 2024 03:44:11 GMT
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 124670
last-modified: Wed, 03 Jan 2024 22:00:33 GMT
server: AmazonS3
etag: "89881b677e6e0a30830bf701b3bc6cbe"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=84600
accept-ranges: bytes
x-amz-cf-id: LFvlioYAovMSDf0zpClt1dUD0dRmDzHlNxntW9fZ3aZdaGztq_BnUg==

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 109ms
108ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 24 Jan 2024 05:59:26 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 169ms
107ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.kidzone.ws
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 24 Jan 2024 05:59:26 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/ 430 KB
135 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dd0b5724f4bbac4bd58de274236fce36135ce302364b3b8ff5c4c3631e81139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 03:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8943
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138095
x-xss-protection: 0
server: cafe
etag: 16105826302836755247
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 23 Jan 2025 03:30:23 GMT

GET
H2 200 1018018 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 105ms
54ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/1018018?ers=3

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b50308a5957ac4730cff6fe3432e3cc81ec49998f1eefb6350724d93256e47a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Rj42FSSXMSH7xD2qc3_qZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Rj42FSSXMSH7xD2qc3_qZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsKoxSXFEKAhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCV6BuskIHZKn8EaAMSfM2ew_gZiIR6OfecOrWUTODCjdT8zAL_rWAw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vendor-list.json Show response
qd.admetricspro.com/js/cmp2/ 404 KB
55 KB 973ms
930ms XHR
application/json 2606:4700:20::681a:7da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/cmp2/vendor-list.json
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/dltk/kidzonews/cmp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd362f4e6ebce8ac52397d018782ec0dd387292b6edd2d33809f0eec847ad114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Mar 2023 23:01:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65017-5f7fdd667db3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0baRE72RnLnrrcuFUYN7KCrj%2BwfSwRPOpvBqHAB7AJSKCWJVjDsdno4XJJPQxEOaojq%2Bu1HEI1mlvQQMS8rfqi0JZXj6dlvfsU1P9bfTELGmy222y5oBNk%2BUIyoRPtOxfOjNWb2S%2BN8YSUJLK9F5V4E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 84a60ce938b49259-FRA
expires: Wed, 24 Jan 2024 06:02:49 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 283 KB
70 KB 72ms
24ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21e2cc1be6bb33e75287ef99dd7ba094e114326e221a1550b9f9e21de7a1b51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:13:59 GMT
content-encoding: gzip
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront), 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 20:58:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2728
x-amz-server-side-encryption: AES256
etag: W/"bfb1a1567d75287f0c63152bfd796b6d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: m3umKbcxNET2sWUt-bsU_jzc4JCNvcj5dp6Y5xvWHPzMUOSG6bSYfQ==

GET
H2 200 coin_trick.htm.js Show response
dyv1bugovvq1g.cloudfront.net/96/www.kidzone.ws/magic/ 220 B
749 B 499ms
429ms Fetch
application/json 2600:9000:223e:8800:5:82fd:2500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/96/www.kidzone.ws/magic/coin_trick.htm.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:8800:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f861206367a891dfe39e5017d0311033a53e81a54190fa4b814fe4562e23959

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 24 Jan 2024 05:59:28 GMT
content-encoding: gzip
via: 1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 118
x-amz-expiration: expiry-date="Sat, 23 Mar 2024 00:00:00 GMT", rule-id="cleanup"
last-modified: Mon, 22 Jan 2024 16:19:12 GMT
server: AmazonS3
etag: "cc7b3c914bcdc0e48061aa6b0b58af49"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kidzone.ws
cache-control: max-age=300
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: _YRckQp1b3UVRYIHj3oNrKRdSK9NWHLaTRw5IoZH1Px9ZgvhbALhng==

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
682 B 455ms
123ms XHR
text/xml 3.236.169.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D96%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=96
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.236.169.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-236-169-28.compute-1.amazonaws.com
Software: /
Resource Hash: 621d1b171198b30cf23a68bd5922bb3d5c43f13b11516f5999b91c658b5242e6

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date: Wed, 24 Jan 2024 05:59:27 GMT
connection: keep-alive
x-amzn-RequestId: cd620a6c-32d5-5e0e-85ae-54469baa49f7
Content-Length: 378
Content-Type: text/xml

GET
H2 200 cb8cfc89-e83e-44aa-a3a2-ff78eda781ef Show response
config.aps.amazon-adsystem.com/configs/ 564 B
830 B 74ms
21ms Script
application/javascript 99.86.4.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/cb8cfc89-e83e-44aa-a3a2-ff78eda781ef
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-128.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 788e6828b23a08ec04852ef2c16ba4018ac8f69bfc79fca61c3212f691bf3500

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:28:02 GMT
via: 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1885
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: LCYVgOw24KLvj_p_b8Qi_Wpq-25kYW7ur4-1bMZ-KjIeuM1qtERN3g==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 3 KB
3 KB 116ms
116ms XHR
application/json 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.kidzone.ws&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 3ecf69d4bb63f64933b56d4b91d3689328b5af2e1807633838e021eb3640d732

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:26 GMT
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.kidzone.ws
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 3106
x-amz-cf-id: 2bersOCiRdx9ECVD2kA5Fvn16Z6syy1NxYDvq5E_518UWPv536wMIg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 64ms
22ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
date: Tue, 23 Jan 2024 09:57:09 GMT
x-amz-cf-pop: FRA56-P6
age: 72139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: TDzcRNm770bVMmvJNNQfhLwymOwzFez1WyC8uCbFkVmYM_baiWf2cw==

GET
H2 200 AGSKWxVhNXSZTJjLpvpu-Mm9wqPMqyjQVQ8opZvNxV90mNvWL7ngQCEl1e1ovaG2zWM9ZGgMXPKfR57FjUujLznLvacqRi-MoxOyjLdEMdZQBZKK-bvWNscvIuzYiLBTn15x1hMhXX2JJg== Show response
fundingchoicesmessages.google.com/f/ 369 KB
59 KB 120ms
120ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVhNXSZTJjLpvpu-Mm9wqPMqyjQVQ8opZvNxV90mNvWL7ngQCEl1e1ovaG2zWM9ZGgMXPKfR57FjUujLznLvacqRi-MoxOyjLdEMdZQBZKK-bvWNscvIuzYiLBTn15x1hMhXX2JJg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MDc1OTY3LDMwMDAwMDBdLG51bGwsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LmtpZHpvbmUud3MvbWFnaWMvY29pbl90cmljay5odG0iLG51bGwsW1s4LCJZdGt2VXZyMEtoSSJdLFs5LCJkZSJdLFsxOSwiMSJdXV0

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

541a10313a284d9af521bb399638b524e999ce5b526c49c1dcd6c87234e1b815

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-nD2AmxV2sin89MqiZ5fuQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-nD2AmxV2sin89MqiZ5fuQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4K4hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCV6BuskIHZKn8EaAMSfM2ew_gZiIW6O_ecOrWUTWDH_nTEAYKNXzA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 112ms
27ms Script
application/javascript 23.197.10.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.10.19 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-10-19.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:27 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Wed, 24 Jan 2024 06:14:27 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 70ms
21ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 02:12:54 GMT
content-encoding: gzip
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 13594
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: KtvYhwHhsq-qYjm9LZ9ZXnqoXGa97ST0XIB_pxmFrrz9f9Zhq95pCw==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 94ms
41ms Script
application/javascript 2606:4700:10::ac43:246e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&ref=&_it=amazon&partner_id=626
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:27 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01CC8G5F16RM7B26
age: 935
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 84a60ceac9ee9162-FRA
x-amz-id-2: HXRUR8HjAo6USwQLdtHY+PYQf8tGuqDCh/+7XnINsX6lV9HyCEeo0/fdHmm/D8O2xprGCoT8y84=

GET
H/1.1 200
OK 6baa4a57-a7 Show response
aps.zqtk.net/ 7 KB
2 KB 136ms
35ms XHR
application/json 172.234.63.226
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://aps.zqtk.net/6baa4a57-a7?url=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.234.63.226 Paris, France, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-234-63-226.ip.linodeusercontent.com
Software: nginx /
Resource Hash: b177a596c3ba4bf06b89bcc9fd36e95565b021ab5303e7242fe839f385ccea66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:27 GMT
content-encoding: gzip
server: nginx
transfer-encoding: chunked
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.kidzone.ws
x-result-id: FoDR3uYsWYL
cache-control: max-age=521294
access-control-allow-credentials: true
expires: Tue, 30 Jan 2024 06:47:42 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 113 KB
28 KB 79ms
31ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 11:20:59 GMT
server: cloudflare
x-amz-request-id: F40P0G8RVVD17ZVD
age: 1792
etag: W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 84a60ceacda99ba1-FRA
x-amz-id-2: Pc583mZeZ2P+YcLbSVrKPnKX0zmUHuuIKS8J5uQD4NKwLu0HWsV+GCUPvB4iBF8qFsDajy8VTfY=

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 135ms
42ms XHR
application/json 54.220.173.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.173.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-173-30.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 55733d9589a6ea633938da567db8b93765d2b6d3712c0eee49898800adf38b96

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:27 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.kidzone.ws
cache-control: no-cache
x-server: 10.45.26.253
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 95 B
287 B 116ms
116ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=626&sync=0&domain=www.kidzone.ws&url=https://www.kidzone.ws/magic/coin_trick.htm
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&ref=&_it=amazon&partner_id=626
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fc13ea1b9ff9c460e1d7dc20baa5ff8ede845ef71d578d6e9b301461634f62c

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 24 Jan 2024 05:59:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 84a60cec3de2bbad-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 183ms
116ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=626&sync=0&domain=www.kidzone.ws&url=https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.kidzone.ws
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 84a60ceb7d35bbad-FRA
content-length: 0
content-type: application/json
date: Wed, 24 Jan 2024 05:59:27 GMT
debug: OPTIONS block
expires: Thu, 23 Jan 2025 05:59:27 GMT
server: cloudflare

GET
H2 200 626 Show response
a.ad.gt/api/v1/u/matches/ 12 KB
4 KB 95ms
32ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/626?_it=amazon
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04033d90f4bdf82da959eb06bf6b661a6a4d37116c3c00203b7caaa330af5f19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Jan 2024 05:58:47 GMT
server: cloudflare
age: 40
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 84a60ced5a6e9bfa-FRA

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
415 B 61ms
20ms Fetch
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

96fe096e13a57e700af2ea95d16a12cc4b2f3b8323b9bbe4d678bd4226563633

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.kidzone.ws
date: Wed, 24 Jan 2024 05:59:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1 KB 79ms
27ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 05:59:27 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 2168461
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XL67KlKn4WCuZro8pDO15Pckj2ugAQOBlchDydOejrY2v%2BRUIdS7RSsAnmY2q5TfJ%2FVMoaOgzDDxCOBPPnCmVU%2BAwvITdDmcxC%2FkxWTR%2BXWgRoDywg8AlnfDJL6xp2S5fU2M7xefQ%2FcZwRC8"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 84a60cefabcc2c51-FRA

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
503 B 132ms
61ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&pid=HT7LUIQPf4TMJ&cb=0&ws=1600x1200&v=24.117.1925&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1661529962980-0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F22404337467%2C1018018%2Fkidzone-leaderboard-top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1661529985425-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22404337467%2C1018018%2Fkidzone-Sticky%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1661529970086-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22404337467%2C1018018%2Fkidzone-Sidebar1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1661529977804-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22404337467%2C1018018%2Fkidzone-Sidebar2%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gpp_sid=%5B-1%5D&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.47.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-47-29.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:28 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 ab3010c44069f62a66a4882fcd391e60.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-amz-rid: C362D4XE5TMXMN61SVZ4
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.kidzone.ws
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: 1e6nyK0TX_dgYIlrgAXCf0KCmoS65iEdFFhcMOcFyovN4QEPNas9fQ==

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 101ms
26ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.kidzone.ws
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.kidzone.ws
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Wed, 24 Jan 2024 05:59:28 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 101ms
25ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.kidzone.ws
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.kidzone.ws
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Wed, 24 Jan 2024 05:59:28 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
145 B 184ms
116ms Fetch 52.28.111.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.111.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-111-100.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.kidzone.ws
date: Wed, 24 Jan 2024 05:59:28 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
145 B 202ms
134ms Fetch 52.28.111.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.111.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-111-100.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.kidzone.ws
date: Wed, 24 Jan 2024 05:59:28 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
145 B 191ms
124ms Fetch 52.28.111.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.111.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-111-100.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.kidzone.ws
date: Wed, 24 Jan 2024 05:59:28 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
145 B 181ms
114ms Fetch 52.28.111.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.111.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-111-100.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.kidzone.ws
date: Wed, 24 Jan 2024 05:59:28 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
145 B 261ms
195ms Fetch 52.28.111.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.111.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-111-100.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.kidzone.ws
date: Wed, 24 Jan 2024 05:59:28 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
145 B 201ms
135ms Fetch 52.28.111.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.111.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-111-100.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.kidzone.ws
date: Wed, 24 Jan 2024 05:59:28 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
145 B 203ms
137ms Fetch 52.28.111.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.111.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-111-100.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.kidzone.ws
date: Wed, 24 Jan 2024 05:59:28 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
145 B 205ms
139ms Fetch 52.28.111.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.111.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-111-100.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.kidzone.ws
date: Wed, 24 Jan 2024 05:59:28 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
145 B 183ms
118ms Fetch 52.28.111.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.111.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-111-100.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.kidzone.ws
date: Wed, 24 Jan 2024 05:59:28 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
145 B 179ms
114ms Fetch 52.28.111.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.111.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-111-100.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.kidzone.ws
date: Wed, 24 Jan 2024 05:59:28 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
146 B 172ms
108ms Fetch 52.28.111.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.111.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-111-100.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.kidzone.ws
date: Wed, 24 Jan 2024 05:59:28 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
355 B 128ms
53ms Fetch 145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.kidzone.ws
date: Wed, 24 Jan 2024 05:59:27 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 25
server: envoy
vary: origin, Accept-Encoding

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 36 KB
11 KB 212ms
105ms Fetch
application/json 34.254.148.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1706075967955&to=-60&aun=div-gpt-ad-1661529985425-0&pubcid=5e9b573a-6417-4022-9171-ebea5e1d9d16&gpid=%2F22404337467%2C1018018%2Fkidzone-Sticky&t=u2v1nshr&pi=2&gdprApplies=0&uspConsent=1---&schain=1.0%2C1!admetricspro.com%2C599%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.22.0%22%7D&ogu=null&ns=9728
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.148.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-148-127.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 88845a44b108257cbf4912a894c0367c78b5bdc4f73c370eb323cd8b69c29ebc

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:28 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.kidzone.ws
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 59 KB
21 KB 658ms
597ms Fetch
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 70c4c9dd667ea62165fe414e2124a895e603959ec092c8449a905f8868edc2dc

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 24 Jan 2024 05:59:28 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.kidzone.ws
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 unruly_prebid Show response
targeting.unrulymedia.com/ 11 B
203 B 106ms
54ms Fetch
application/json 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://www.kidzone.ws
pragma: no-cache
date: Wed, 24 Jan 2024 05:59:28 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 11
content-type: application/json

POST
H2 200 unruly_prebid Show response
targeting.unrulymedia.com/ 11 B
204 B 81ms
29ms Fetch
application/json 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://www.kidzone.ws
pragma: no-cache
date: Wed, 24 Jan 2024 05:59:28 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 11
content-type: application/json

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 96 B
835 B 445ms
397ms Fetch
application/json 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 2c09d54be1a117169c86e57c08f20669e52b10d29502b697baea2f66b34d0628

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 24 Jan 2024 05:59:28 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kidzone.ws
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 405 B
744 B 258ms
160ms Fetch
application/json 2602:803:c003:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=436138&zone_id=2497072&size_id=15&alt_size_ids=2%2C55%2C57&p_pos=atf&gdpr=0&us_privacy=1---&rp_schain=1.0,1!admetricspro.com,599,1,,,&eid_pubcid.org=5e9b573a-6417-4022-9171-ebea5e1d9d16%5E1&rf=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&kw=kids%2Cchildren%2Cmagic%2Ctricks%2Cmagictrick%2Ccointricks%2Cmagician&tg_i.domain=kidzone.ws&tg_i.page=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&tg_i.pbadslot=%2F22404337467%2C1018018%2Fkidzone-leaderboard-top&tk_flint=pbjs_lite_v8.22.0&l_pb_bid_id=4001c81f2d761c6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1018018%2Fkidzone-leaderboard-top&slots=1&rand=0.08724858488943266
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 03f82124e300402974f488e8e50793fb936ef5af2d4d8c5754bac9c66efcff9c

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.kidzone.ws
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 405
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 12 KB
6 KB 267ms
169ms Fetch
application/json 2602:803:c003:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=436138&zone_id=2497072&size_id=15&alt_size_ids=2%2C55%2C57&p_pos=atf&gdpr=0&us_privacy=1---&rp_schain=1.0,1!admetricspro.com,599,1,,,&eid_pubcid.org=5e9b573a-6417-4022-9171-ebea5e1d9d16%5E1&rf=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&kw=kids%2Cchildren%2Cmagic%2Ctricks%2Cmagictrick%2Ccointricks%2Cmagician&tg_i.domain=kidzone.ws&tg_i.page=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&tg_i.pbadslot=%2F22404337467%2C1018018%2Fkidzone-leaderboard-top&tk_flint=pbjs_lite_v8.22.0&l_pb_bid_id=41266f724d9b0d1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1018018%2Fkidzone-leaderboard-top&slots=1&rand=0.7893619881295377
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bb8650c2e37ad327c7e50448cbbc76e5f7448f3a93cdbfc5a95e1cc11abd5c7c

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:28 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.kidzone.ws
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 405 B
919 B 237ms
139ms Fetch
application/json 2602:803:c003:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=436138&zone_id=2497072&size_id=15&alt_size_ids=2%2C55%2C57&p_pos=atf&gdpr=0&us_privacy=1---&rp_schain=1.0,1!admetricspro.com,599,1,,,&eid_pubcid.org=5e9b573a-6417-4022-9171-ebea5e1d9d16%5E1&rf=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&kw=kids%2Cchildren%2Cmagic%2Ctricks%2Cmagictrick%2Ccointricks%2Cmagician&tg_i.domain=kidzone.ws&tg_i.page=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&tg_i.pbadslot=%2F22404337467%2C1018018%2Fkidzone-leaderboard-top&tk_flint=pbjs_lite_v8.22.0&l_pb_bid_id=42585ab6fffb908&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1018018%2Fkidzone-leaderboard-top&slots=1&rand=0.6613340922832704
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bc9bb74529868b0dc9267a496754e41a5d5fb27a0840d25f58b10ae1f4d8b1af

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.kidzone.ws
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 405
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 15 KB
8 KB 253ms
155ms Fetch
application/json 2602:803:c003:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=436138&zone_id=2497076&size_id=2&p_pos=atf&gdpr=0&us_privacy=1---&rp_schain=1.0,1!admetricspro.com,599,1,,,&eid_pubcid.org=5e9b573a-6417-4022-9171-ebea5e1d9d16%5E1&rf=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&kw=kids%2Cchildren%2Cmagic%2Ctricks%2Cmagictrick%2Ccointricks%2Cmagician&tg_i.domain=kidzone.ws&tg_i.page=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&tg_i.pbadslot=%2F22404337467%2C1018018%2Fkidzone-Sticky&tk_flint=pbjs_lite_v8.22.0&l_pb_bid_id=4378e40c0da3ef6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1018018%2Fkidzone-Sticky&slots=1&rand=0.6780823239977023
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d2434e520a24d2e3f4f5f20bc65dbb8d7b10c04aa9d69178fde1ad75cacdbe6e

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:28 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.kidzone.ws
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 12 KB
6 KB 250ms
152ms Fetch
application/json 2602:803:c003:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=436138&zone_id=2497078&size_id=15&alt_size_ids=9%2C10&p_pos=atf&gdpr=0&us_privacy=1---&rp_schain=1.0,1!admetricspro.com,599,1,,,&eid_pubcid.org=5e9b573a-6417-4022-9171-ebea5e1d9d16%5E1&rf=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&kw=kids%2Cchildren%2Cmagic%2Ctricks%2Cmagictrick%2Ccointricks%2Cmagician&tg_i.domain=kidzone.ws&tg_i.page=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&tg_i.pbadslot=%2F22404337467%2C1018018%2Fkidzone-Sidebar1&tk_flint=pbjs_lite_v8.22.0&l_pb_bid_id=442477380993257&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1018018%2Fkidzone-Sidebar1&slots=1&rand=0.31166580835028146
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fdfd503bab479a9c976ec7ee8e2203fdc889d8f7cf6e6cc0572e309a323a4036

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:28 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.kidzone.ws
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 395 B
734 B 292ms
194ms Fetch
application/json 2602:803:c003:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=436138&zone_id=2497072&size_id=15&alt_size_ids=9%2C10&p_pos=atf&gdpr=0&us_privacy=1---&rp_schain=1.0,1!admetricspro.com,599,1,,,&eid_pubcid.org=5e9b573a-6417-4022-9171-ebea5e1d9d16%5E1&rf=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&kw=kids%2Cchildren%2Cmagic%2Ctricks%2Cmagictrick%2Ccointricks%2Cmagician&tg_i.domain=kidzone.ws&tg_i.page=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&tg_i.pbadslot=%2F22404337467%2C1018018%2Fkidzone-Sidebar1&tk_flint=pbjs_lite_v8.22.0&l_pb_bid_id=45ee99496414a64&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1018018%2Fkidzone-Sidebar1&slots=1&rand=0.6469464636204572
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1e763596a911e486194fd88a083f0d79771db6bb38b074d697014d48ad285fc4

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.kidzone.ws
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 395
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 395 B
734 B 240ms
143ms Fetch
application/json 2602:803:c003:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=436138&zone_id=2497074&size_id=15&alt_size_ids=9%2C10&p_pos=atf&gdpr=0&us_privacy=1---&rp_schain=1.0,1!admetricspro.com,599,1,,,&eid_pubcid.org=5e9b573a-6417-4022-9171-ebea5e1d9d16%5E1&rf=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&kw=kids%2Cchildren%2Cmagic%2Ctricks%2Cmagictrick%2Ccointricks%2Cmagician&tg_i.domain=kidzone.ws&tg_i.page=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&tg_i.pbadslot=%2F22404337467%2C1018018%2Fkidzone-Sidebar2&tk_flint=pbjs_lite_v8.22.0&l_pb_bid_id=46a44b74dd4ac1f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C1018018%2Fkidzone-Sidebar2&slots=1&rand=0.05542646553479935
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 62b6106ba3af5a6c9e03fd5d0c63e4e6d9bf6ec41955bde231d2fc8deffcab83

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.kidzone.ws
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 395
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
542 B 252ms
204ms Fetch
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=851198
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bde2e1b1e18a2740bc0d08c93b751fb88d40ea5f17eed640c32826d52aec86c2

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6B48FkFednRRHX9fnmdt9hmcm9SlyBGUykcy6gy9Q67Ky4dtKkro2UaXpkFQbbQ8IJR3dtWwfi3pU62AJtGbT2YWUz2m5y0ihs0y4K3ke8hcg0Ys2MyDIPxRzGe6xMIwLYQ%2F7UN0"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kidzone.ws
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 84a60cf0283044f2-TXL
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 158ms
90ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.kidzone.ws
date: Wed, 24 Jan 2024 05:59:27 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 714 B
1 KB 247ms
148ms Fetch
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&PageUrl=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&PageReferrer=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

08ba1bc4572896daaed56d83ddd0b594e8df6b3c25cf2ec0c19ce91e74e7a7c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:27 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kidzone.ws
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 112
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 714
expires: 0

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
397 B 99ms
41ms Fetch
application/json 2606:4700:4400::6812:22b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:28 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kidzone.ws
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 84a60cf03f0d3654-FRA
expires: 0

POST
H2 200 adreq Show response
ads.servenobid.com/ 622 B
669 B 161ms
50ms Fetch
application/json 34.248.25.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=4993
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.25.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-25-157.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: fe14d3d4eda7ba4fcce0e08f6d0580807a216f76038e4c231708aad0472748dc

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 24 Jan 2024 05:59:28 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.kidzone.ws
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
390 B 386ms
132ms Fetch
application/json 159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 24 Jan 2024 05:59:27 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.kidzone.ws
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 42

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
649 B 101ms
24ms Fetch
application/json 3.124.236.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.22.0&referrer=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&tmax=1200&gdpr=false&us_privacy=1---

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.124.236.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-236-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:28 GMT
accept-ch: sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr
x-auction-status: 5, 5, 5, 5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kidzone.ws
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
receive-cookie-deprecation: 1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 KB
10 KB 249ms
157ms Fetch
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

d5b4d6470b4e8abcf55fdea3146602ac7e64b62501804279c4a5aa1d275318de

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:28 GMT
content-encoding: gzip
an-x-request-uuid: 71a84d84-8055-4575-a844-b030eb990ad2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kidzone.ws
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.183; 84.19.175.183; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
274 B 67ms
20ms Fetch
application/json 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

d7abfa74a7c6ed1ad0ac9df59a743fa1e0db37e256889432ced1f4bdd65cbabd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.kidzone.ws
date: Wed, 24 Jan 2024 05:59:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 111ms
72ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 05:59:28 GMT
Content-Encoding: br
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Server: cloudflare
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QebXhmR7vCqTuTgCMRE%2Bvo7zsJG2Ac5TDGrh3zuuBuz6qg9Dm%2BR0l2WNZkd7AlSzCyb1HQv4sjUTgje6GC7iL2X2%2B8JI9aCSEzs5kThC8eOOTHp1eW93kNxMgckdFSQn%2BqitpKpUJpdaW72s"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 84a60cf0285a9966-FRA

POST
H2 200 724.json Show response
id5-sync.com/g/v2/ 251 B
531 B 68ms
22ms Fetch
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/724.json

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

8255e80b696005d079a94698e1574531069e9400ff3be2bb490fbdeb93f9e13e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.kidzone.ws
date: Wed, 24 Jan 2024 05:59:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 404 kidzonews.PNG
qd.admetricspro.com/js/dltk/kidzonews/ 0
0 163ms
163ms Image
text/html 2606:4700:20::681a:7da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qd.admetricspro.com/js/dltk/kidzonews/kidzonews.PNG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
273 B 20ms
20ms Fetch
application/json 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

220d8a363c39549f7f1cc14951656f10e7f5b39248329b8e10380d39336e81c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: https://www.kidzone.ws
date: Wed, 24 Jan 2024 05:59:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 v3 Show response
id5-sync.com/gm/ 319 B
598 B 25ms
21ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

557483f98776152fe2d727277678f4866f4443275934e1e5a823f9e76d34568e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.kidzone.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.kidzone.ws
date: Wed, 24 Jan 2024 05:59:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 265 KB
68 KB 771ms
771ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4273350112462734&correlator=4269712765523113&eid=31079956%2C31079239%2C31080117%2C21065724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&tfua=0&tfcd=0&gpp_sid=-1&iu_parts=22404337467%3A1018018%2Ckidzone-leaderboard-top%2Ckidzone-Sticky%2Ckidzone-Sidebar1%2Ckidzone-Sidebar2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%7C970x90%7C970x250%7C300x250%2C728x90%2C300x250%7C160x600%7C300x600%2C300x250%7C160x600%7C300x600&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706075968645&lmt=1678111514&adxs=8%2C437%2C1275%2C1275&adys=8%2C1107%2C448%2C1322&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.kidzone.ws%2Fmagic%2Fcoin_trick.htm&vis=1&psz=1584x250%7C1602x-1%7C316x1474%7C316x1474&msz=1584x250%7C728x-1%7C316x600%7C316x600&fws=0%2C512%2C4%2C4&ohw=0%2C0%2C316%2C316&ga_vid=1532383923.1706075966&ga_sid=1706075969&ga_hid=887490835&ga_fc=true&dlt=1706075965631&idt=1208&prev_scp=amznbid%3D2%26amznp%3D2%26optimera%3DZ%2CE1%2CD%2C0.26%26hb_adid_appnexus%3D933c92ca0b82bf6%26hb_bidder_appnexus%3Dappnexus%26hb_adid_openx%3D97b62ed58311a03%26hb_bidder_openx%3Dopenx%26hb_adid_rubicon%3D956daf45a8aa674%26hb_bidder_rubicon%3Drubicon%26dyn_bids%3D0.28%26hb_adid%3D956daf45a8aa674%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26optimera%3DZ%2CD4%2CD%2C0.30%26hb_adid_openx%3D10022d281167d37f%26hb_bidder_openx%3Dopenx%26hb_adid_rubicon%3D92d50bad9c91c0a%26hb_bidder_rubicon%3Drubicon%26hb_adid_gumgum%3D90f71b64ee0e677%26hb_bidder_gumgum%3Dgumgum%26dyn_bids%3D0.33%26hb_adid%3D90f71b64ee0e677%26hb_bidder%3Dgumgum%7Camznbid%3D2%26amznp%3D2%26optimera%3DZ%2CB3%2CD%2C0.26%26hb_adid_rubicon%3D91ec5824bb4949%26hb_bidder_rubicon%3Drubicon%26dyn_bids%3D0.15%26hb_adid%3D91ec5824bb4949%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26optimera%3DZ%2CB3%2CD%2C0.28&cust_params=rf%3D0&adks=2443693662%2C3901134432%2C1510812380%2C4030439917&frm=20

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c97071829a6cd3bd0e53ec91fbaaa47e0fccfc9a51c42f1fadf4fffba44bbae

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3654729946160121676/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3654729946160121676/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ6UzKCs9YMDFQ3Luwgd9U8BWw&gqi=&layout=/sadbundle/%24csp%253Der3%24/3654729946160121676/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3654729946160121676/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3654729946160121676/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ6UzKCs9YMDFQ3Luwgd9U8BWw&gqi=&layout=/sadbundle/%24csp%253Der3%24/3654729946160121676/index.html
date: Wed, 24 Jan 2024 05:59:29 GMT
x-content-type-options: nosniff
content-encoding: br
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69182
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kidzone.ws
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 117ms
68ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e2d0757d68784a1c239d207c30e32e3a957e03a496fccbe88524bf819f4af16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12311
x-xss-protection: 0

GET
H2 200 container.html Show response
756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3269 6 KB
3 KB 113ms
52ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kidzone.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 05:59:28 GMT
expires: Thu, 23 Jan 2025 05:59:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 104ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Jan 2024 05:59:28 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9704 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kidzone.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 36485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 19:51:23 GMT
expires: Wed, 22 Jan 2025 19:51:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 66EF 829 B
558 B 31ms
31ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f54c4e86fcfaf678b20c188f4588f4b33ed64aa53ee46a811ffdce2b03838be7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pf7KpSanSOslGG4-0ieYpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kidzone.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-pf7KpSanSOslGG4-0ieYpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 05:59:28 GMT
expires: Wed, 24 Jan 2024 05:59:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9704 39 KB
15 KB 65ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 15:26:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 15:26:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 66EF 0
0 88ms
52ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401180101&jk=4273350112462734&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9704 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JQw2_w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CF8B 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kidzone.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 05:59:28 GMT
expires: Thu, 23 Jan 2025 05:59:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E416 6 KB
3 KB 23ms
23ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kidzone.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 05:59:28 GMT
expires: Thu, 23 Jan 2025 05:59:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012401091919000/ Frame CF24 196 KB
56 KB 70ms
19ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e874111442f36d488f5e4a7f742391a8c02b70c60b333454fe4f85a3b26e3d5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 Jan 2024 23:31:12 GMT
age: 23297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56104
x-xss-protection: 0
server: sffe
etag: "cf7caf439f3410f8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Jan 2025 23:31:12 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012401091919000/v0/ Frame CF24 15 KB
5 KB 122ms
72ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401091919000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d79a688e4e23466eeee3ab0d7d3a99a0588b1aa1c7ae0f4fedfbd498c9022eb4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 Jan 2024 23:40:15 GMT
age: 22754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5212
x-xss-protection: 0
server: sffe
etag: "d5f0e0ea1e5219b8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Jan 2025 23:40:15 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012401091919000/v0/ Frame CF24 95 KB
29 KB 124ms
74ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401091919000/v0/amp-analytics-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36726fd194e9e08908bb49a382c3fe0b70ee41d480b09869b5aa70c81fcabe7f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 Jan 2024 23:27:15 GMT
age: 23534
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29119
x-xss-protection: 0
server: sffe
etag: "7ed328db9ca95286"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Jan 2025 23:27:15 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012401091919000/v0/ Frame CF24 5 KB
2 KB 133ms
83ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401091919000/v0/amp-fit-text-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

643fe707091c6e32630daf29adabf146aea6096d30af0367bcddbe54c19bcad0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 Jan 2024 23:43:28 GMT
age: 22561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1910
x-xss-protection: 0
server: sffe
etag: "b1b3f9c71858a21a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Jan 2025 23:43:28 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012401091919000/v0/ Frame CF24 40 KB
13 KB 131ms
81ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401091919000/v0/amp-form-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

062e7c29b1c3e36f8684e7e298346efe23cd760daf282103361b0645d843c686

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 Jan 2024 23:31:29 GMT
age: 23280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12971
x-xss-protection: 0
server: sffe
etag: "0e9793e292f94cd9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Jan 2025 23:31:29 GMT

GET
DATA 200
OK truncated
/ Frame CF24 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36701f8f81a61c5a1d7594b914a50445c428bf698d6939bb6dd4258a10da8340

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012401091919000/ Frame BE99 196 KB
55 KB 90ms
57ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401091919000/amp4ads-v0.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e874111442f36d488f5e4a7f742391a8c02b70c60b333454fe4f85a3b26e3d5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 Jan 2024 23:31:12 GMT
age: 23297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56104
x-xss-protection: 0
server: sffe
etag: "cf7caf439f3410f8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Jan 2025 23:31:12 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012401091919000/v0/ Frame BE99 15 KB
5 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401091919000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d79a688e4e23466eeee3ab0d7d3a99a0588b1aa1c7ae0f4fedfbd498c9022eb4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 Jan 2024 23:40:15 GMT
age: 22754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5212
x-xss-protection: 0
server: sffe
etag: "d5f0e0ea1e5219b8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Jan 2025 23:40:15 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012401091919000/v0/ Frame BE99 95 KB
29 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401091919000/v0/amp-analytics-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36726fd194e9e08908bb49a382c3fe0b70ee41d480b09869b5aa70c81fcabe7f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 Jan 2024 23:27:15 GMT
age: 23534
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29119
x-xss-protection: 0
server: sffe
etag: "7ed328db9ca95286"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Jan 2025 23:27:15 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012401091919000/v0/ Frame BE99 5 KB
2 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401091919000/v0/amp-fit-text-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

643fe707091c6e32630daf29adabf146aea6096d30af0367bcddbe54c19bcad0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 Jan 2024 23:43:28 GMT
age: 22561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1910
x-xss-protection: 0
server: sffe
etag: "b1b3f9c71858a21a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Jan 2025 23:43:28 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012401091919000/v0/ Frame BE99 40 KB
13 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401091919000/v0/amp-form-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/droiw9gfb309t/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

062e7c29b1c3e36f8684e7e298346efe23cd760daf282103361b0645d843c686

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 23 Jan 2024 23:31:29 GMT
age: 23280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12971
x-xss-protection: 0
server: sffe
etag: "0e9793e292f94cd9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 22 Jan 2025 23:31:29 GMT

GET
DATA 200
OK truncated
/ Frame BE99 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b90b1fee0a4b924722edb679b2595dcc2c04aee52716a6634b69110a885a2e9b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 7070373746249275536
tpc.googlesyndication.com/daca_images/simgad/ Frame CF24 120 KB
120 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7070373746249275536

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97bed60026a9378846d17e24e634dfcdf45675df29f636c46ab62ca9ee222583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:49:27 GMT
date: Tue, 23 Jan 2024 23:49:27 GMT
x-content-type-options: nosniff
age: 22202
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122814
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 13:41:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CF24 2 KB
2 KB 42ms
41ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 11:48:31 GMT
x-content-type-options: nosniff
server: cafe
age: 65458
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 24 Jan 2024 11:48:31 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CF24 295 B
319 B 33ms
32ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:29:52 GMT
x-content-type-options: nosniff
server: cafe
age: 41377
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 24 Jan 2024 18:29:52 GMT

GET
H3 200 7070373746249275536
tpc.googlesyndication.com/daca_images/simgad/ Frame BE99 120 KB
120 KB 34ms
33ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7070373746249275536

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97bed60026a9378846d17e24e634dfcdf45675df29f636c46ab62ca9ee222583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:49:27 GMT
date: Tue, 23 Jan 2024 23:49:27 GMT
x-content-type-options: nosniff
age: 22202
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122814
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 13:41:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BE99 2 KB
2 KB 43ms
42ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 11:48:31 GMT
x-content-type-options: nosniff
server: cafe
age: 65458
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 24 Jan 2024 11:48:31 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BE99 295 B
319 B 41ms
40ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:29:52 GMT
x-content-type-options: nosniff
server: cafe
age: 41377
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 24 Jan 2024 18:29:52 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3654729946160121676/ Frame 2BDA 96 KB
22 KB 23ms
23ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3654729946160121676/index.html

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d134116b740e3fdd14660aa2e61177111764a323bb95743f771d1f5f0d323712

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 32980
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22310
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 20:49:49 GMT
expires: Wed, 22 Jan 2025 20:49:49 GMT
last-modified: Wed, 27 Dec 2023 07:45:32 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame CF8B 23 KB
9 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:36:36 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 779D 143 B
383 B 67ms
18ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 05:38:20 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame CF8B 3 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:35:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame CF8B 20 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:41:57 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5234 499 B
633 B 90ms
58ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGMfI3t4BMAE&v=APEucNX1T8tXHIoLMV2H6OyZKnlKdFK5VSEFZSGoiWSxASTBM8JpxZn5JlAk76hhjhnfr4ECiec3bpwNDi1FGsNZn0zPVnY3ckaUKq8NsoEaxqp2AW2R30U

Requested by

Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 183
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 05:59:29 GMT
expires: Wed, 24 Jan 2024 05:59:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E416 89 KB
31 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 05:59:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E416 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Di2XuE3mxTkjWWrWzW5E4AyPLi0NAFyeGH366fvt2FLeweE1x1wy2GJMowlwVJr00Jrp1DbrS39OeeWFCrgqeoXKZbRsJzADYp1kcLrdl2N8jsO5Q

Requested by

Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame E416 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:35:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame E416 20 KB
8 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:41:57 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E416 205 KB
65 KB 83ms
35ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jan 2024 05:59:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401180101&jk=4273350112462734&bg=!x8SlxIvNAAa8BdJLnAU7ADQBe5WfOE0NBms7-HBUZjjygE0vT_LWJTZMPz-4Mu053Ywe7bvT_aP8lo6iIMJue6yNH0H3AgAAAFFSAAAAAWgBBwoApqXgeP36RX7m5TrO_CwV4yH6Hkfg70lAZsFr0w9jUQCUW2zmgWzo2QxZaGWA0lJ7Y5s2sRwWo3yjgdE-7zn1_LJ_Wrv8at2gTy6xwtRESHcxyX7Frt83bRd_iVpqn8qvLcCFrLh3crA71hoJ8TCpHAN2751_zgeXrSJODXT0bzRi5ROQ0ZZX8Bpv4jGUfqVMSUxxNYf-8mNHst37z1mWZYemL5t_obyZAq-XrhvXjQdk1jI1iRAcgG6S1AQAYlQrfnAaRBuy1JfiZ476MCm7USmKiXIPE9urRb8DNU8_LNZeYNHIfQ-k_GWB48oAMQ2oa_fN6-QvS18kMYpy5E_NsjVZh2QqwRNt0XtChajDy93E__sT2h3MP2EXWeWkKBqtbCl9PuTRCDybh-gyWmogwmJcNikEIR7sA9t0FHURPblGn5LImiExCZvpfO0gW1R4vObdh6sJ7ejqx97HUioCMZgOuSla8a5TPxuNMQf3h7qPACUNEVATaMzLcsZJ0d5m1XoRUzqRwdSudz0ORKXOX0SGzH8MKbd_InsYf4wen0mVRjro8dO7V4WA0VT2YhlnHTWckvMXmSO_d6DoID7BEnHdznCZkRULt1EVM7Ce8I0_7o3jgUE_5BTYJs9Bdg7MzsoPNgBAlRLUo454B7b4wssvYuJX5QuXLm3exhxRm-esk5eQnU5IESRFwt47fc0WI1_UYCtUwsSXEPI5xgOzYoEb20Y5zmDEfAd5JwJFpvyHgHZfsZrDSJPqHUZ_aptlRo_S3WHFcw_wQbsV7NlCxCmsDsR_30ij7qbIHTYmFbSYcCOtLA5To6xyb_IlFPPfdG63BfxorJTdtc2_0lROy9nf9yAzLGqjGV4DXFAhc0Ybl7jDqZBzDvyArnzQV4yt_K9AlNtWFUiLOsQZ4E_tn2xwFfR3VkvXI-jR2DURYV7pCw-o95ldQAuJoENtqODPOSq4-emb5ZzIp87WFZXDQYtv0CgLU73ljEBj9Um2gxrai4QOISQKyAIHDj9-yRO2BUOaJZUBN8JdJd_ZROgJUQSAcHQHofTnL21mcZuIAPWK7vem7ABmf91wQt24B0OlSdbMLT4jHzsFQPGEtNNMhQ9dizGjB2WojT8v_lzr2yPq79ID2rZmpPQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2BDA 16 KB
6 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3654729946160121676/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:31:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 24 Jan 2024 23:31:15 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2BDA 34 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3654729946160121676/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42705
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:07:44 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame CF24
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

35ms
35ms

Image
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H2
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Wed, 24 Jan 2024 05:59:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF8B 205 KB
65 KB 74ms
69ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jan 2024 05:59:29 GMT

GET
H3 200 7070373746249275536
tpc.googlesyndication.com/daca_images/simgad/ Frame CF24 120 KB
120 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7070373746249275536

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97bed60026a9378846d17e24e634dfcdf45675df29f636c46ab62ca9ee222583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:49:27 GMT
date: Tue, 23 Jan 2024 23:49:27 GMT
x-content-type-options: nosniff
age: 22202
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122814
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 13:41:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CF24 2 KB
2 KB 24ms
24ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 11:48:31 GMT
x-content-type-options: nosniff
server: cafe
age: 65458
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 24 Jan 2024 11:48:31 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CF24 295 B
319 B 25ms
24ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:29:52 GMT
x-content-type-options: nosniff
server: cafe
age: 41377
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 24 Jan 2024 18:29:52 GMT

GET
DATA 200
OK truncated
/ Frame CF8B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0c01ca16864ef0d2ab6d6848f2204df3fcf3f6d0a3220a235b649973b1e18eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame BE99
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

35ms
35ms

Image
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H2
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Wed, 24 Jan 2024 05:59:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 7070373746249275536
tpc.googlesyndication.com/daca_images/simgad/ Frame BE99 120 KB
120 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7070373746249275536

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97bed60026a9378846d17e24e634dfcdf45675df29f636c46ab62ca9ee222583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:49:27 GMT
date: Tue, 23 Jan 2024 23:49:27 GMT
x-content-type-options: nosniff
age: 22202
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122814
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 13:41:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BE99 2 KB
2 KB 23ms
22ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 11:48:31 GMT
x-content-type-options: nosniff
server: cafe
age: 65458
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 24 Jan 2024 11:48:31 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BE99 295 B
319 B 23ms
23ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 18:29:52 GMT
x-content-type-options: nosniff
server: cafe
age: 41377
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 24 Jan 2024 18:29:52 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E416 0
20 B 53ms
52ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7327258968088&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E416 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7327258968088&version=m202309260101&ct=77&x=1&cor=9022968998341913000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E416 34 KB
20 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhlEbCKX1-XbSkO-NCWQFh4UuPDBFHSNqYb-o4ziZKngGK1bbh4xY8DkGW4o-li5M5dgBYtaplJYiNaUaM1rQFz9_YU2fBJo_qzLz2I9jhh9iBsjd9OXdFMswAEzBF0zSEEJ2tivv2jCDNQrvArsVZiOZZ-RV3cy2Ec8evmtj0KegUL1E&cry=1&dbm_d=AKAmf-CIYk5jfogCJKRZp9xo2iGp8edLn5yWH09Q3YdOH2_sKNSXgV6xuMz5BqQFlwN1x0PC5oBp56Vr_Jj8VFUvenvFK4rEK2nuD0iLvxB-ERd5TxD_E-2Tym4k8AN_Ik03GvC1NRulg02PFTIEtsQf3-eUwG4zgzu4isnNlcaBI74J9Sk7AyWDH9Zc5BzmKsK5TdLI7hthskrqNga8DDBBornaExxbcSC3p0ai-1X245UWY4vY7Kc5UIvdsAcf6gx1MypZDi-lRr4N0rPKrDiyxCVXaZvO0gh5wNYcj7ddVDMOoStyPf_ve2kxfRK61dZP8SJyrxd61AYBvoYocAbeQKOxQnyM-n-MiI4cfB9C1kzZP_EymwvOZIy6nOHAsyO7Gb35BFcCufLjfag0IzMGqippXZ7cfhrO6Bxfeam_xmHvPH6ER1XvtNqbjdADdTCmxn6ZlcX2-EfWc7jDRaUuHqsIaL2KC8UrQJU6buALDY4b3OB1ulP8yEW2wrqCzvSaPmsHntaPVMQBzdhFWoduAeJTGUucLAeyKoZHW9-eqotxEDKofW4G_esUQqvuQvfUan-EwR1IAnqaZdDIDidzU21gQGhWDisRN5kMFcEFJ83nwA8lcusBlf0Lpm-1hPC8_j5JSF4O4q6yil_o1gTmGrEKWyxsysVHDHuiQgb4CmsPkU2dJQV-n7rQoCmj7UK7lB9T5tLz9DbzOa_E2eP9liJuhluCImjg8u1qMNU8BWZIs_EWT80u7YeLfkep4dofhXsWddu44JCat2L_B94GLMbs8T0-bkWGQILkJeyW7pw2RnDdE_KPs8nTu1ye4K24A87rjBMnc3I-GwS97WruZBbswoem8CSaAMYZg3kIrDcnkfKvA_lnjI6uB2Hmaq9gDiafMpWvghnAyQBynNuGRCwnd-dOYQchBQ5iDU4ZHsaIibEzPQTc0UAwIiv0vMK6_7-IWV-_4ChAC22T8IO0xx3T5C3mEdyc7AJcuub-fBblGf-W4kslbSD9EykJf2ZH5L-egIb9vtngHdmW5FV0B0vxapF4IJgyVWRXuU4N2_jy2iykKZ9jNJycikdePvErfPM-gYt_iPldhgBvbilyLFXSvfd9m_qmp73uu15X1Mt8a5SoZTF6Yq1IbYCszWzx3I56yaPXaTSeiUrQ-qrDTJQWUqJ_tIPqj1Z26xsj4MOb-oDF5ut4gHZsMapiS9XztsS2fh6PEgR2FY_1TpyayQvnquCB7cRUehqB3mFZ6_hemHJMKylqUS9IA8Fydn1gEAWde5pdlo6uARlTxhRw7soEgQZUDZqAcVb2ZaYAyZepDFR58Lu1LL-bnxlNWs97iVVCfeOt2l6021hE7D9ft3q5Tly4cD3MoGu1WknqOQOYEiWgIh0j7fq2dITpCY5kCo6xZSMRFPRExBJC_HHbKyQkA8xAoNXKqcHuXK7wSgx8SomYMNDy7zQvoDUg5KAfWiiJ6tfbjrmWk-8dx_3Y9RnBnrIRSMTJ7Hi7AGaTCUsjMHfVUhl-J8IqQoYXSysn4eXoJ9ZzsOv6CvG9WJIWEG0ubJdRTXLZFfH7R096W9q0SDNUfnA9CCkXMqmpUChx3MnjAR9vwFn2knf0KsMYPzB5M1TVamq7oHi1zT6O0a85bbcSZ7P605z6HqbIxZDyK_jpGfzFmO1PJNQ_NjdmdR0rVIKsy2ff7e78d7V8q9NlxWPBkleO9rgnVRxtEIJBZJMWuxhbKgS3URgQpJ2COj-uYM_S02woYENfymLSgGai24tw25ncOGUil_rm4zLoXJxBjvDBnJabv_met5MBhps8FbSqiJunnfyiuk-LC1KiIxPOFRnMNmUVNH7C3OHk3DsP4nblfmHYWyppJShDBWIEHbr6vr4a_E1-ASYwZRdCi-XduEgRrJ0Yy38gdtnQrbzhdO3UL5S8u44wZofBmaLI74kqfNpUXLfX2x9XjJbzwLp4c4m6FpEyCKtN1pZWrvwgzUjlNuLaj6PudtexrhIocXMS2OcNBe3zxKXuyrfgXkR3XjTygO1b0yL5VzfgjFHU3-HapKlCqxJZODqts_iIk_zhXbhBZz4NPOiRX46WwC8MvkbuHHZnwDfxWLY29wxmvaw5oC5KijDzmVhfR0uHNVqMj3GpjONAYYRiQtbi8v3KSQM_d_Eu47oN8qmOWGZn9YFPFTbhAC84y6krgMtVU8VfsJCY8PZyjp-3kzfKqo6pUcV-HRor8SWfjo8V_KV_7J8E0H1srYscq8gvaODHwb-bAxQ_fvnuIhJgp6-2XxOsHZBWo_y9IiokfPc9XAORcXlKf8cpSA_KD1zYaOKcr8V4PA7xCWoeKOnii0rPpnwxqeBV0lzlRkqvhQs7ganzn5Q0WgwD3XtbqrwDnVhbCi6jG6RqSTKfGpxGtbqu_E8DhOqzgE6Ku47LBDS65NrDxd7QIqp_wkbt61QvaKIvR8yZu4L468yoTQ_0PFmKwk8bsHZujm0TyT11h0_qeLQ7-33r9VT7SEUFIOH_Iz1tg6LTQVHys9PVIHd7rLX8h7UFjMonOhQpi3fOAm6Q7SzW0glrctSKMdY5ffqzDqzmmpK2ptBt474oIacE0kb_YR_0cJfKL8vYcv0slbUhcKPo1oAMrDVnkpw5Hg_DQdzIqz2Y6DLodN3SSfDsmhR2FSjXrxcwU7T-4qrQkCRoxzql8eXwJl4vTT1vOZy0og_ISSgAntWhWY242dEXEbC5HymtvMUBZdFvR8aKonkRMC0K13TsTSz4JRJa-PVnE--U6YKu7XyNEHP8BRKysXaG-UYPerwfb0AnBczDClJHvf9bNa_aFImNLD178MkCJBY3-GFRxFWx-MRPEbE8sXwmmhjcgPYiDSi5tgtEoiAX_JB9_Fl6bLknWVWYsj1i9TW40vM1J0y2RVxu2ADJlT-vfwOVSRIpc04pNCY68LQwpAzea2bBqCOVwF4kK_osMHeiZ5PsYCk73BWWtR-6fkAsSXtCNrxt-IKWTT5jlmkd4trwG3BHntEGNEwv4N9Rjq3jB9HrObmZ1gYc970v6EAs5yFCxndkiXRqCaiDJwYD2NuQbw9xDbonntn_jfFto-DyBcKTKjjKC_MEmDRdYkn0TfsSTDnq4Mt9GGThIfxMj19WIMXm-5Y1JfQNNYSddvUaiVzeRl999lD_KI7uibLLEG03CK-PiGl4PtTQw86edkq2CwtUfQBHdP_x-h5PGvuWtCcU93D0XlQ4YAt--GSLNfH1EAJfZzKIMl85QB26zMM5haxhGAJ1C4-aTEC1nYWpmq1kTFd2IW23bAcXytWIidYFUeKLYLqpJkaaluENGXGB48S17tFotpc6Tdtn58RvE_kYfEuybJFqGoc6l7hxPaQeKSHab2ygC3LwFkHKzOrPxsetz1IK8uM_Dmt2aMX1TYCgvGSF_aMPVGso8IZkRuhFU-3UjGfZhjJ1Z0yRuU-m7TrP_NQx-yQyz2JIpxiH70SOHq2bj8_Exn8d3SMF4Ma2UIOgSO3iw-UdbsDM3RoVIN57EalZp94EbHoc3OUxV7_Ti31MysPml3sxh-RHSUTiZd21DkYfxcHI893Qdw6XuWhMx_xk6fp1tk86-KmwgiYcztF_x6EKaOiaSLbo7OQQskvrDZnP3IP1DlwBBBrBK-xHmwPQS6gA1kg7L1Wnf7uIxbcVcDVDFrsIMbMpunb93sHgy1hnt8eXpcnm_saxk7GX0tUEW-rbJWnSxFP-MLFwFLd8FNEwepZzYwpP0npbvsni77128Ya6ZQvq8yVF1ufdyhorBS8J3zT8KitriiE1hdA5E6tfwNY5VnWYIxwfgl7xFR23Y2YhTLAJfNDmJBwYNJoWUTZZDVKHzlrbliZOEA&cid=CAQSTgAvHhf_s0yHDudJC0RVFVU4nJc9GheTujkR5i3DTWx2C8dB4RhmGeiuG5y8q5PipZ-yVtytxGAg833kcL8iyVZ-pi16HGmTCKGQgAUOzhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.kidzone.ws%2F&ds=l&xdt=1&iif=1&cor=9022968998341913000&adk=2086295848&idt=75&cac=0&dtd=9

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d17060a53811fb98019da6d5f421f31d886761fd5dec919860c021fc524a91d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19589
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 779D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

31ms
31ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 05:59:29 GMT
expires: Wed, 24 Jan 2024 05:59:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 05:59:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 5234 170 B
243 B 77ms
30ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGMfI3t4BMAE&v=APEucNX1T8tXHIoLMV2H6OyZKnlKdFK5VSEFZSGoiWSxASTBM8JpxZn5JlAk76hhjhnfr4ECiec3bpwNDi1FGsNZn0zPVnY3ckaUKq8NsoEaxqp2AW2R30U

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 5234
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENcwMxFoCiUW7xP7LfHLNoM&google_cver=1&gdpr=0

43 B
340 B

52ms
52ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENcwMxFoCiUW7xP7LfHLNoM&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGMfI3t4BMAE&v=APEucNX1T8tXHIoLMV2H6OyZKnlKdFK5VSEFZSGoiWSxASTBM8JpxZn5JlAk76hhjhnfr4ECiec3bpwNDi1FGsNZn0zPVnY3ckaUKq8NsoEaxqp2AW2R30U
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMcv3ZJw4plDtjanuEDZQoz2kPxv1lRMzC5GA4zEcqCyRHHlwnxy097ACUYfp1W%2B3AANdZYytw4JK30QRH5LY6yIxvHSQuE6yXTri%2FW1%2BhS9GrxSAYRddRybbPWFTnW0meuMSn%2BzjFHZFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84a60cfbde1c44f2-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENcwMxFoCiUW7xP7LfHLNoM&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5234
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbCnQS3NnZIQoSzHeGWuMAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENcwMxFoCiUW7xP7LfHLNoM&google_cver=1&gdpr=0

43 B
775 B

48ms
48ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENcwMxFoCiUW7xP7LfHLNoM&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGMfI3t4BMAE&v=APEucNX1T8tXHIoLMV2H6OyZKnlKdFK5VSEFZSGoiWSxASTBM8JpxZn5JlAk76hhjhnfr4ECiec3bpwNDi1FGsNZn0zPVnY3ckaUKq8NsoEaxqp2AW2R30U
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FCU%2BKK%2BEaC1ZDqQ22zjQCqd76TsMHlSLJCEcehEpsvWidIFLhYYlRhJHQxQyWvIiXa4x9KxCLjjcEN23AO6riBAiI5FDsU4UQXNtjYkMr8Zrr%2FXkXVJ%2BxR9PHsqwx2Fb%2FZyfqPl6Y9EAw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84a60cfc6ef544f2-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENcwMxFoCiUW7xP7LfHLNoM&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CF24 0
0 62ms
62ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C5JmSQKewZaD0Ko2W7_UP9Z-F2AWu7uW3dc3RlIuOEoT66saWDhABIPmb8YQBYJWikoKgB6ABnr6hmALIAQKpAo-bOLNfN7I-4AIAqAMByAMIqgSuAk_Q4gZiBxIjQye-FX9f1AWZWqWpT1CnfHRd-5CBDFyFOoYUuKi5a-iKCDJLwUGHHzGyFBm9ZtKi4PPaus-NM5TxVKFjCLv73CANrJD8cdnx260c7ChdxNoJIbBnOZlIoon4MyuJoiBlSgyUQEjzYcjdG9ObxeSgQKYEMJJiNV1XibK4-L756SZ7493AWLM8XuAH6mApagnsjnUdSwXMsmUaegmofWrrif9YFtdT2Evnvy6WAT9-S2PFLe4aMKloqsStGYo1Ginbgis2uFnb7-6YLZdKyMsTKJtqvEWFDa8CdDS78qxKJATPFSqROMwlJ5BWHpTq6Vqi6yogYeSuQ0Ne5ubYtxrfPVrHaJiGQqfui9Wg_T1GFK5HAQWm7EX4vxgf4nLMWZvSCLTpTzzAwASx28ymqwPgBAGIBbXB7dQqkgUECAQYAZIFBAgFGASgBgKAB8rB3ucBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ7rMk0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOli8v8qgrPWDA5oJI2h0dHBzOi8vYXBwc2lsbGEuY2x1Yi9hcHBzL2ZvcnRuaXRlgAoDyAsB4g0TCOH0yqCs9YMDFQ3Luwgd9U8BW9gTDNAVAYAXAbIXHgocCAASFHB1Yi0xNzUyNjkwMzU1Mzc5ODYwGITbew&sigh=5OjqL3OSQas&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgAvHhf_s0yHDudJC0RVFVU4nJc9GheTujkR5i3DTWx2C8dB4RhmGeiuG5y8q5PipZ-yVtytxGAg833kcL8iyVZ-pi16HGmTCKGQgAUOzhgB&cbvp=2
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2BDA 50 KB
19 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 23:24:40 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BE99 0
0 61ms
61ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBVzrQKewZaH0Ko2W7_UP9Z-F2AWu7uW3dc3RlIuOEoT66saWDhABIPmb8YQBYJWikoKgB6ABnr6hmALIAQKpAo-bOLNfN7I-4AIAqAMByAMIqgSuAk_QvKwqscVgC5d9WpxKahFtXX7yxiiFd5NcCTacnkR1vhUh1j2mj92ERsod_2KGXBreTAaeHJd-73KFTqkzJbOrfogZeuEPcdrOZCJA_snDaPcJVoo00HK5AuLf5yeHtj4IvbJ-aCoHHmpp7FK73O0SQSTscWx1w8_LzRQidQQT-H28daSHZPOsxPaYlvlzAeVsKbRD5f-JU3eWOH7K4RaN9_nZx9MDPhvtiRzjwvaYQT_rXTgf0ESTWmR900FAmfTynI2eaOCzcqq9jDQMHadpYtlpgRr6W65HDvgQcEgJ1007h0-SUs-FJjRG5QEfT9Y62WizI99QZXIDyKZFHfwH4FwDi2NTilaPGfII4fR8HIA7g3iqfRWD6K4qQs45Agb34BIJ6UxST-kBL_nkwASx28ymqwPgBAGIBbXB7dQqkgUECAQYAZIFBAgFGASgBgKAB8rB3ucBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQkfcK0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOli8v8qgrPWDA5oJI2h0dHBzOi8vYXBwc2lsbGEuY2x1Yi9hcHBzL2ZvcnRuaXRlgAoDyAsB4g0TCOL0yqCs9YMDFQ3Luwgd9U8BW9gTDNAVAYAXAbIXHgocCAASFHB1Yi0xNzUyNjkwMzU1Mzc5ODYwGITbew&sigh=V3I2B0yp2h0&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgAvHhf_s0yHDudJC0RVFVU4nJc9GheTujkR5i3DTWx2C8dB4RhmGeiuG5y8q5PipZ-yVtytxGAg833kcL8iyVZ-pi16HGmTCKGQgAUOzhgB&cbvp=2
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 4kz.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3654729946160121676/ Frame 2BDA 4 KB
4 KB 24ms
24ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3654729946160121676/4kz.png

Requested by

Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cbbe332bfbcaa28152a8fc1dcd07def4cfd24546e0b4a945a8c271cd12ee7af

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:48:42 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 23 Jan 2024 23:48:42 GMT
x-content-type-options: nosniff
age: 22247
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4257
x-xss-protection: 0
last-modified: Wed, 27 Dec 2023 07:45:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 15682022283308093539
tpc.googlesyndication.com/gpa_images/simgad/ Frame 2BDA 22 KB
22 KB 30ms
30ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/15682022283308093539

Requested by

Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f54e3295a1aff669a8dc08d278d188ced5e2af185b8e8b29640f2e39735c07d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:30:54 GMT
date: Tue, 23 Jan 2024 23:30:54 GMT
x-content-type-options: nosniff
age: 23315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22606
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 04:56:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 15310709512878087241
tpc.googlesyndication.com/gpa_images/simgad/ Frame 2BDA 40 KB
40 KB 28ms
28ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/15310709512878087241

Requested by

Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e68f72c3839197d98c467d00b210f829ea647e3bcbe89cd845b6ce188d6c98a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:38:49 GMT
date: Tue, 23 Jan 2024 23:38:49 GMT
x-content-type-options: nosniff
age: 22840
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40569
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 04:41:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 20036200323319753
tpc.googlesyndication.com/gpa_images/simgad/ Frame 2BDA 42 KB
42 KB 27ms
26ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/20036200323319753

Requested by

Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5463cf0ce885fcb37fe5eeb8c681e98cbc32037ae6ca8ac77981cb6fba936c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 21:18:54 GMT
date: Tue, 23 Jan 2024 21:18:54 GMT
x-content-type-options: nosniff
age: 31235
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42557
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 04:41:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 2784247342319699451
tpc.googlesyndication.com/gpa_images/simgad/ Frame 2BDA 27 KB
28 KB 25ms
25ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/2784247342319699451

Requested by

Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5937f198f3aec205d2638dddefb394b0b1616ae6b5a5a2f58e15a54cb831789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:38:26 GMT
date: Tue, 23 Jan 2024 23:38:26 GMT
x-content-type-options: nosniff
age: 22863
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28134
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 04:41:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame E416 31 KB
12 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:30:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11931
x-xss-protection: 0
server: cafe
etag: 11828260617052087593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 23:30:22 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E416 41 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:39:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:39:57 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjA3NTk2OTgxNDIyMQogIHNlcnZlcl9pcDogMTQ2NTI1OTY0CiAgcHJvY2Vzc19pZDogMzAyMDkwNTkxOQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3...
ad.doubleclick.net/ddm/activity/ Frame E416 0
836 B 134ms
78ms Image
image/png 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjA3NTk2OTgxNDIyMQogIHNlcnZlcl9pcDogMTQ2NTI1OTY0CiAgcHJvY2Vzc19pZDogMzAyMDkwNTkxOQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDIKZXZlbnRfaW1wcmVzc2lvbl9pZDogNzQ3NTk2OTc5NzUwMDc5MTQxNwpkZWJ1Z19rZXk6IDE0MTQ2MjE2NjUwMjE1MTgzNDI0CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0yNCIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMyNzY4MTcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzNTc2OTYwMDkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExMTE3OTk3NDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjAzMTMxODU5NTQKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0NjcxMTcxMjcKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vemFsYW5kby5kZSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3phbGFuZG8uZnIiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly96YWxhbmRvLnBsIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xb3d889eda4f799e40000000000000000","13":"0x253283963a2bf9530000000000000000","14":"0x31cbdf6fcfaf7c720000000000000000","15":"0x7a80c86356b767d10000000000000000"},"debug_key":"14146216650215183424","debug_reporting":true,"destination":"https://zalando.de","expiry":"172800","filter_data":{"14":[],"21":[],"8":["3276817"]},"priority":"0","source_event_id":"7475969797500791417"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame E416 43 KB
18 KB 213ms
96ms Script
application/javascript 65.21.73.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.21.73.144 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.144.73.21.65.clients.your-server.de
Software: nginx /
Resource Hash: 1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Wed, 24 Jan 2024 05:59:30 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Wed, 24 Jan 2024 08:59:30 GMT

GET
DATA 200
OK truncated
/ Frame E416 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3786be01da3840f7e0c0cbfd86422a39b412e3a0d64dfead1d552d6fd735a2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 102ms
56ms Preflight
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CmyHQQKewZZ70Ko2W7_UP9Z-F2AXf5OW9dZDW_-3IEu_5reiVDhABIPmb8YQBYJWikoKgB6AB1tva_ALIAQmpAo1qEFsWKIE-4AIAqAMByANIqgSyAk_QEoPaPkPaiCfBDNVVwVO_gPLusWGH14muhmOeixTYyTcztEQgZQuR1-QOwdM7PV9eS2TKHaqjSeatYb5wErbBh3xN-iXFKdxX_k57YFdUG0H-L8WNFj5FmG6X5AtiSn7Ec4lrN2gxsYuNVzhUk07zwL1U-SsOok0Bh29xwDjT3OtSNPw4GCayCCgrbkOBRlnDEvjWFP9909kwLmEoPizvvV3Kh1mAwhaINZBs3F5Q_rWb-3M5Iwa_8lUMfiQYtagFEp8wW4djTQVO7unkh6FFX9f57H_6eJ4XvAXm5A04noLzo8IxqbmlpVBCU5JPfLCN6s4dZWs54MeAsUknkObk-sEk9eK94dowi9rbUdFsZqH5Lmv6D2v8v8LnRrZJhTl6plKokz8VIDj12-ynBUPVicAEs_qz5t4E4AQBiAX_goLtTZIFBAgEGAGSBQQIBRgEoAYugAfumZDCAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBDl0iTSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WLy_yqCs9YMDmgkdaHR0cHM6Ly9hMDIuNGt6Z2FtZS5jb20vc2hhcmWACgPICwHiDRMI3_TKoKz1gwMVDcu7CB31TwFb2BMN0BUBgBcBshceChwIABIUcHViLTE3NTI2OTAzNTUzNzk4NjAYhNt7&sigh=2XZRAgXPKqE&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_s0yHDudJC0RVFVU4nJc9GheTujkR5i3DTWx2C8dB4RhmGeiuG5y8q5PipZ-yVtytxGAg833kcL8iyVZ-pi16HGmTCKGQgAUOzhgB&template_id=531&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 24 Jan 2024 05:59:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame CF8B
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CmyHQQKewZZ70Ko2W7_UP9Z-F2AXf5OW9dZDW_-3IEu_5reiVDhABIPmb8YQBYJWikoKgB6AB1tva_ALIAQmpAo1qEFsWKIE-4AIAqAMByANIqgSyAk_QEoPaPkPaiCfBDNVVwVO_gPLu...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228565068448429563462%22,%22debug_reporting%22:true,%22destination%22:%22https://4kzgame.com%22,%22event_report_window%22:%2...

0
0

96ms
53ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228565068448429563462%22,%22debug_reporting%22:true,%22destination%22:%22https://4kzgame.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22798404054%22],%2222%22:[%22true%22],%224%22:[%2201-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212706834307117075745%22}&andc=true

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"8565068448429563462","debug_reporting":true,"destination":"https://4kzgame.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["798404054"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"12706834307117075745"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 24 Jan 2024 05:59:30 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 Jan 2024 05:59:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8565068448429563462","debug_reporting":true,"destination":"https://4kzgame.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["798404054"],"22":["true"],"4":["01-24"],"6":["true"]},"priority":"500","source_event_id":"12706834307117075745"}&andc=true
access-control-allow-origin: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2000 38 KB
13 KB 24ms
23ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 29417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 21:49:12 GMT
expires: Wed, 22 Jan 2025 21:49:12 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2000 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 15:26:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 15:26:35 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2000 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BkeO4QaewZY3ZMYye7_UPv7u9oAsAAAAAOAHgBAI&bg=!3N-l35DNAAa8BdJLnAU7ADQBe5WfOI8Gp1P-oh6FYmuwOc5DYh1w51VeJT0QaFElDwKm52cbGZCgqHkBAPlgnNczN4MaAgAAAEBSAAAAAWgBB5kDBxtTPxwbT9ioraiDxhdwh5YtrUp1zj3kL_khxPOP5ys5OnNVoaGL4sv1jbW3bVLP5m3bVITdZVJZBhgWUxCf8ECTZI7-esZuCCp7QqZlKZj7negW4f6W8X3SNBO6QJb_yqKiMhYADAOxzhFrBs756_tIrwXI3SY6DtqZQVO4-z8jGTO65_EAErEiH8PBu_1xhXhOjiDTu3K8OawxrCqUbyQZA4TWWdq6WncXoZpAT9DiSHVBY-66FSkfm7JnKgVQF37EMJvIzphEabRvdZwL98_a2hxqEhp2PBoEMVAnVTNHnirVXj3BkD1ZeNnHXwM-5JPJQxSYDrHbfbKSo52dI1Am3jWCyJZxwjlAJZ2iwy8oA1JeyTmO8yjxb6ZdwUWm-DfUcfgb8PoC9_C1iY4ZCauzp8H6UEFOehlhyJHpzm3H3pgREb6CHWFVBVcfguy0BZeGMei5diIOPqYmtfO7JMqR5MnVyst_oSmFl-10eriWrWCPN1h-nYIfwi1vaYtESt-SC6AEfIW2ahUj0dfVXvGKWj_9pmJXi_WLABgPiGm7bO_dbyBCOz3gV1pEhyGlPelhbo_B7-XQNYT4kGO_47bfF83ZPXVU6upYJX-q_3dd61qXr7HSGkGQFTgCRZG3WEkgStooc4YnD10TAM7N8osQLJZVaJ82N38XPdQLcrFsb2AzfIxipH3gguGuKnmqEho6ltiLQ_FAAJLw0AABVg5Ub-xV8minqk7hmzQMPYCDa06qq0Bjkn609s1ZMd9pwoZdWtUGjFH1IhIpk1P0vXIUOh4TR5mhL4MbKz9B8jpOh1nM0VRsqh3SDDoxeZIaB1ImB2Kde5Y_NfExiVbt6kReqf2xB7sLVsB-bWLcAbFSQJdMHOo52xWh3p6rQZMV3X6hHWDGXjHPFn0VbBOfr4Qz9r5dkdwibK7FUbXQlMzMaezaEJ3rkZZ7UIe0K7Ard7MTum3HyCg-eKCbpnlzoDdfWbAgPoV5vanSAvhxfAIO-RCJFVT93Ko7k3iRwkSxJwAh2DDKYnU

Requested by

Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 107ms
52ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 24 Jan 2024 05:59:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.2/modules/ Frame E416 20 KB
7 KB 100ms
20ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.2/modules/rectangle.js
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 5a1ddbeff783a01f29d36d8bb187a62d9cc8fffe95616aba3cd5fc080b9e16d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:30 GMT
content-encoding: gzip
last-modified: Tue, 23 Jan 2024 22:00:05 GMT
server: ECS (frb/6727)
age: 329
etag: "65b036e5-4e4e+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7257
expires: Wed, 24 Jan 2024 06:09:30 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame 85C0 2 KB
1 KB 99ms
21ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668D) /
Resource Hash: 71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7

Request headers

Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 386
cache-control: max-age=600
content-encoding: gzip
content-length: 942
content-type: text/html
date: Wed, 24 Jan 2024 05:59:30 GMT
etag: "64e382fe-744+gzip"
expires: Wed, 24 Jan 2024 06:09:30 GMT
last-modified: Mon, 21 Aug 2023 15:30:06 GMT
server: ECS (frb/668D)
vary: Accept-Encoding
x-cache: HIT

GET
H2 200 tag236628 Show response
ads.revjet.com/ Frame E416 245 KB
40 KB 67ms
67ms Script
text/javascript 65.21.73.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236628?_plc_id=111757034&_key=1d8&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCL7ORQKewZZ_0Ko2W7_UP9Z-F2AXi_e28dOqSisfUEeTAyYKWQhABIPmb8YQBYJWikoKgB6ABuayQiynIAQmpAo-bOLNfN7I-qAMByAObBKoEjgJP0NUKXlWtfTR1WOxr-j4F0IOe4pOGBPe7IogOCqIhFA_z3VPy-IKrsTEF-TORxHcP31SUABaYuHa7Hf2td7a73g_I7YzxcFcwts02TtPK5ILE7bvybUaH_tzVkM3hEJOJJw-pAJ7NhuaUx2-gmKzfaParEmagKW-J1hYyM3kFxd2B3Qg7EGsLjSjnp6hJEK2Dmk9Gb48wSSsLr0LWkOxUE007R61E9wyX42sWYx723emv3WlVjo-W0btZpSXJ2r2mUkX8wnF5qQy4o5_TFElNZ3JkR_AD-gRZvF9D2-aBWdGhd8EjwzM3E3fADYoonE9QJNn9pNwnvYHiHbAsJm0ecYh4CJxyT0e6TbrMcEvABLWindawBOAEA4gFor2K1kuQBgGgBk2AB7nk4OoDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYvL_KoKz1gwOACgOYCwHICwGADAGqDQJEReINEwjg9MqgrPWDAxUNy7sIHfVPAVuwE7C-lxbYEw2IFAbYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_s0yHDudJC0RVFVU4nJc9GheTujkR5i3DTWx2C8dB4RhmGeiuG5y8q5PipZ-yVtytxGAg833kcL8iyVZ-pi16HGmTCKGQgAUOzhgB%26sig%3DAOD64_1umeOWdQgyU7tRiqJAkvEtuVzHOw%26client%3Dca-pub-4113681882311455%26dbm_c%3DAKAmf-AUSO2C_7LcYJl0b-4v8AyQcSQUJGYZIQ2hKeqnCMsZLT-e83VTsfZLr4hTe0lq2xC-D6m8EUmBUw-8JwHwhJK77QJG-x2vxT2zsLfcp6c8jM8XRZrbauLXj_yNc2_xalfMUrK7xKDsMS4tUaVuQ0_6MXUm5wLIq568Zza4N-DGJCW1x8k%26cry%3D1%26dbm_d%3DAKAmf-A1-BXjWfte8QllfwcVuCyrWYw1oEXs1UasFV0YacFotFrtOYwb-q-V7PZLsNPNlD358H4qnAmC2oQ2aj7TxKxoL2CT2TwYzbJ66mCyEuqA4LjsqDvi1jV8ZwJNTw3p0QbuTTjUypYKqTpfFzvDLX4OrpchbWaV5AJU9Se_Q1f-JdkVFGmyWQIXtsGforO6dCsEX3ceAoMGVC2oyDndULHqFkdJl6NlvHfLJ3KfHZRpoGLRWnyQlGGILmTw4E3zlvzrqXeiN8MQQQ_NWeJapVSoK3YeYjh__p5kVghdtgHA9ynBP0KtOenA7xa7bs2Y8DKNMn2CcvyW3i6GtfH1WeQvJKPeBWeSDgmFb9GUF9nmZqg3mgqKUuXDogtzLU7ij6sSAycki4Ee4rHRuSRlNHl4yND4kf1so95W6WsqbMCf1QAe65bjN_clk3xgbGDAxUrT4pCDrARbUcjgiA8nMNPqe4oa9InJoPWR5n2lwtJrSI7MvNH2RkJ2e0ZVd5SHadlPyFK4ST9BiC-ZGh-okEQCu7m3y4YVLiqyogEPRm5Y57nVg9uWfIOOYpSMP7fFSVJF8du4tMG5SSWzEtDWMhVxMophiA%26adurl%3D&dv360_cmp_id=20313185954&dv360_li_id=1013245242&dv360_crv_id=467117127&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2F756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&_js_site_ref=https%3A%2F%2Fwww.kidzone.ws%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=9362ee741c9f6af66764_1706075970229&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fwww.kidzone.ws&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.2&_js_tstamp=1706075970230
Requested by: Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 65.21.73.144 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.144.73.21.65.clients.your-server.de
Software: nginx /
Resource Hash: 169529907d652354d453a5776f9ff2d5dc2e215c2e62d10574a2a6cd8e5bbcc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:30 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip56848
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 elements-2.12.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 07A1 170 KB
50 KB 97ms
39ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: d882dff85edd5e0121959274acf5b8c5ffb6f5526b0bf2842982e2e17fbd3198

Request headers

Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
Origin: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:30 GMT
content-encoding: gzip
last-modified: Fri, 19 Jan 2024 21:55:26 GMT
server: ECS (frb/6727)
age: 155
etag: "65aaefce-2a80a+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 51367
expires: Wed, 24 Jan 2024 06:09:30 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 07A1 56 KB
15 KB 20ms
20ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:30 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 19:13:24 GMT
server: ECS (frb/668C)
age: 599
etag: "62717ed4-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Wed, 24 Jan 2024 06:09:30 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame 07A1 43 B
170 B 153ms
44ms Image
image/gif 65.21.74.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=b6114212b6fee7e24022ef719865a31c&__adt=8240602408688471617&__ade=1&vid=5111726337002658517
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.74.17 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.17.74.21.65.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 24 Jan 2024 05:59:30 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2

200

B29255022.357498592;dc_pre=CLvRuaGs9YMDFeLyEQgdaY8N9w;dc_trk_aid=548428617;dc_trk_cid=185782221;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1706075970275
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame 07A1
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498592;dc_trk_aid=548428617;dc_trk_cid=185782221;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17060759...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498592;dc_pre=CLvRuaGs9YMDFeLyEQgdaY8N9w;dc_trk_aid=548428617;dc_trk_cid=185782221;dc_lat=;dc_rdid=;tag_for_chil...

43 B
119 B

38ms
38ms

Image
image/gif

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498592;dc_pre=CLvRuaGs9YMDFeLyEQgdaY8N9w;dc_trk_aid=548428617;dc_trk_cid=185782221;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1706075970275

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498592;dc_pre=CLvRuaGs9YMDFeLyEQgdaY8N9w;dc_trk_aid=548428617;dc_trk_cid=185782221;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1706075970275
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 07A1 49 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 162455845.woff
cdn.revjet.com/s3/fonts/162455845/ Frame 07A1 470 KB
470 KB 93ms
39ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162455845/162455845.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35

Request headers

Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
Origin: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:30 GMT
x-amz-version-id: kVq59ccinPiVDgarv_TkFQgofQrkf2s4
age: 28111
x-amz-request-id: 3T5SNQXT6YVDSGXT
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 480984
x-amz-id-2: zKsi+ubfzKifo9EO1ncIiTlciHpek23Xx7gd/C88ayPqYu3/TT+nh6/RWw0P0TFDWqV/SB9P/bQ=
last-modified: Thu, 16 Nov 2023 19:47:31 GMT
server: ECS (frb/6727)
etag: "a7d9ee6baf67661e8e26d1e5c04f7fd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 25 Jan 2024 05:59:30 GMT

GET
H2 200 GeorgiaW01Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/ Frame 07A1 33 KB
33 KB 44ms
19ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/GeorgiaW01Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5

Request headers

Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
Origin: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:30 GMT
last-modified: Fri, 04 Mar 2022 15:24:09 GMT
server: ECS (frb/6772)
age: 344
etag: "62222f19-842c"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 33836
expires: Wed, 24 Jan 2024 06:09:30 GMT

GET
H2 200 162453298.woff
cdn.revjet.com/s3/fonts/162453298/ Frame 07A1 13 KB
13 KB 44ms
21ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162453298/162453298.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036

Request headers

Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
Origin: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:30 GMT
x-amz-version-id: .Is8JR1jYDeMhMM7ZjPhsnsyUTdaBiJa
age: 43668
x-amz-request-id: N1Q90EVP3HMCEFR6
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 12940
x-amz-id-2: +0f2jH2ZiwFIpsgV2ySvy7G/rKrqaX8Dwc2Ls5rup0V02I3+ZXuQ/jGX96O2ry5Ci3wk14KQw2Q=
last-modified: Thu, 16 Nov 2023 19:31:22 GMT
server: ECS (frb/6795)
etag: "31b663ffd91c821398bdd07236df4b22"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 25 Jan 2024 05:59:30 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame 07A1 286 B
564 B 19ms
19ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:30 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 30444
x-amz-request-id: J8G7KVGH8EEKF1ZK
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: +rtO8D/vJr1Rw8Uf939+jZyZWVGsG0kMRIernYCuMtAJcOnlRwhuwZFlAe76T6e/RSrsL2RQ3OM=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (frb/674C)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Thu, 25 Jan 2024 05:59:30 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame 07A1 43 B
169 B 44ms
44ms Image
image/gif 65.21.74.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=b6114212b6fee7e24022ef719865a31c&__adt=8240602408688471617&__ade=1&vid=5111726337002658517&__clstampdif=282&__stamp=1706075970639
Requested by: Host: 756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
URL: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.74.17 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.17.74.21.65.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 24 Jan 2024 05:59:30 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 465506268_uc
cdn.revjet.com/s3/csp/1702543675769/ Frame 07A1 38 KB
38 KB 19ms
19ms Image
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1702543675769/465506268_uc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: 95429c456234b1c74b76fc75564477230ce71dab972b2afdc8ae44d9e47dd58f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:30 GMT
x-amz-version-id: GhzA2A3L5ahJjKG40v40nMGhKjF5QxFC
age: 24213
x-amz-request-id: S449597NAMAK1HHN
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 38754
x-amz-id-2: k7flAS2hzo6OyoF0S/G+fxdVasxgs4SKWtuNdRXaCVJzHizgG1u2JuKRDbL9EQRSkkpNWszWoR0=
last-modified: Thu, 14 Dec 2023 08:47:57 GMT
server: ECS (frb/67D4)
etag: "89ee0fe01ae9a0475aadfac9833e6139"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 25 Jan 2024 05:59:30 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame 07A1 3 KB
2 KB 21ms
20ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:30 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 25469
x-amz-request-id: G17BBAEN3QVNWJ42
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: R7DhVS7Nja8SLU268zRV67lzJIX2hWxFD1jE/AUYX3bQnyP5EtJA8XrGgfOcMBqFZFyQRm3YhRc=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/673A)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Thu, 25 Jan 2024 05:59:30 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame 07A1 632 B
627 B 22ms
22ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:30 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 30445
x-amz-request-id: X26NSYAWVAKNWVWH
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: wYDbtpuM8BTbJHoCBKaEwF6LSt8VKMmLwkQe3aWkuwxXR49+eERI2Dk5JivSWw28Ap0+s1Y4Jk4=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/674B)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Thu, 25 Jan 2024 05:59:30 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame 07A1 7 KB
4 KB 22ms
21ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 05:59:30 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 28110
x-amz-request-id: MEVJW9SZZS8KV9GZ
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: Dypr5NP6LqCgBOrr8FA4Cv9AgCH9/gYaT4OKSGomS/MmI4Qrtoaa6VA5/k9B/E4s8PQ6nfI9hds=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (frb/67A8)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Thu, 25 Jan 2024 05:59:30 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CF24 42 B
64 B 57ms
57ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoFaxGOEe7TFx75F-SSZ7iS9DJ5x2TrdcKtVxuPAti78MLKC0RDav_8rb6pwCxXKyJT9qcGnlAUZGlJM0nwYwljXMC5JL2k6WRVOUbL20v71SW8nYoqTlQep2-7l8zetDZe8GREGFWCQRi3ef-L0XzEr6K&sai=AMfl-YTFTfaVPZ7dUxt2uaBT84YlPdanKUyk5laiAKCEoBkuPdIoU_9ynbqugASecKiFpDva4yOn3ND7mD50xu1nxGwDTb5ZsY7s17nzysLN1WRSB4lpUBWklWZvYKXe55ODYcBrAxwG8URa1LamXoKR&sig=Cg0ArKJSzGA0PrVb6AecEAE&cid=CAQSTgAvHhf_s0yHDudJC0RVFVU4nJc9GheTujkR5i3DTWx2C8dB4RhmGeiuG5y8q5PipZ-yVtytxGAg833kcL8iyVZ-pi16HGmTCKGQgAUOzhgB&id=ampim&o=1275,448&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=229&tls=1230&g=99.93228912353516&h=99.93228912353516&tt=1230&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kidzone.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CF8B 42 B
174 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxfy2Gw59Y2jBtTbEyZdhqjiil6mwtDndEekFzCEeeCvi552Lb3m4lNWNzYwHiy-7OPzRgmVBD2AvdBZIgJnOjRPxEZFwhkfrK5rPXLGW-H51dF36Ig9z_xr1xEzB81rNiD4Y0xAuOU8SoB9ZP4o6WTFIt&sai=AMfl-YR6W-AZSefSXdzWMbewmDPRWEcm-_VI02Bhvr96AcwgIyrdvigReaj0pfOCLlmDv8GYRkvEYLp5V0XlXP_HrWphUVh5yH8ibwnLiVqKftOUeuVf2sj0avjJTW_grVHbWW5sYgLUZFTU8qU8yj8z&sig=Cg0ArKJSzL7sd1XK2HDLEAE&cid=CAQSTgAvHhf_s0yHDudJC0RVFVU4nJc9GheTujkR5i3DTWx2C8dB4RhmGeiuG5y8q5PipZ-yVtytxGAg833kcL8iyVZ-pi16HGmTCKGQgAUOzhgB&id=lidar2&mcvt=1000&p=8,315,258,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240122&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2443693662&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706075969523&rpt=316&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E416 42 B
64 B 54ms
53ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvf0QV0CgH431fz4OXIj2Pt7qH_pNV1cWj11nzFc-i-X1pwlAThBT9hWP-8uxVlY4y4akF_N27_PE_GepRD4rRTV1cVQi3-S6JSd9BaTRASWieh0-rlgIv8rBiSsZIGE0d_uMrYPd8ID6PpCHatwOE7NXsu&sai=AMfl-YTk_L9C4sI45U2pJMEBnstcq3XaiW_5XU8Hcm3e9bzl5cF4r0u3yy-uL0_8wamZL_oa8W2TbdP8N_AMZhyiU3X2UCtY3pP41w4kh_itTwAg48v08ZyprUl9KXKB8EuJHYuYPgmdTKY8CvG0o9Il&sig=Cg0ArKJSzPpYlX52IwBvEAE&cid=CAQSTgAvHhf_s0yHDudJC0RVFVU4nJc9GheTujkR5i3DTWx2C8dB4RhmGeiuG5y8q5PipZ-yVtytxGAg833kcL8iyVZ-pi16HGmTCKGQgAUOzhgB&id=lidar2&mcvt=1000&p=1107,437,1197,1165&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240122&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3901134432&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706075969554&rpt=358&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.kidzone.ws
URL: https://www.kidzone.ws/magic/coin_trick.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E416 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7327258968088&version=m202309260101&ct=77&x=1&cor=9022968998341913000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 05:59:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 900
pix.revjet.com/interaction/ Frame 07A1 43 B
169 B 43ms
43ms Ping
image/gif 65.21.74.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.revjet.com/interaction/900?__ads=b6114212b6fee7e24022ef719865a31c&vid=5111726337002658517&__adt=8240602408688471617&__ade=1&latent=0&vis_type=8&__stamp=1706075971656
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.74.17 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.17.74.21.65.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 24 Jan 2024 05:59:31 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

Verdicts & Comments Add Verdict or Comment

390 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.kidzone.ws/magic	1970-01-20 18:04:40	Name: amp_pieog Value: =0nIulGbyVmQvUGcvJXdFJiOioHdiwiIkVmbpZWZk5WdiojI5RXajJCLiQWZulmZlRmb1JiOi42bpdWZyJCLiUERiojI5JHduV3bjJCLiAzM5kjMuETNiojI0FGbiwiIwATM5QjL5IiOicmbvxmIsIiM4cTZ6EWYiJmO2EzY5oTMxATM6IjOwEDMxoDM2IWM6EDMwIjI6ICcpJCLxojI2Jye
.kidzone.ws/	1970-01-20 17:56:02	Name: _gid Value: GA1.2.1714646537.1706075966
.kidzone.ws/	1970-01-20 17:54:36	Name: _gat_gtag_UA_52971111_3 Value: 1
.kidzone.ws/	1970-01-21 03:30:35	Name: _ga_DXL7W5425X Value: GS1.1.1706075966.1.0.1706075966.0.0.0
.kidzone.ws/	1970-01-21 03:30:35	Name: _ga Value: GA1.1.1532383923.1706075966
www.kidzone.ws/	1970-01-21 02:40:11	Name: usprivacy Value: 1---
.kidzone.ws/	1970-01-20 17:54:35	Name: lotame_domain_check Value: kidzone.ws
.kidzone.ws/	1970-01-20 18:37:47	Name: _sharedID Value: 5e9b573a-6417-4022-9171-ebea5e1d9d16
.kidzone.ws/	1970-01-20 18:37:47	Name: _sharedID_cst Value: TyylLI8srA%3D%3D
prebid.a-mo.net/	1970-01-20 17:54:36	Name: _Amc_b Value: 0
.prebid.a-mo.net/	1970-01-21 02:40:11	Name: __amc Value: 1_1706075968_1706075968
.gumgum.com/	1970-01-21 02:40:11	Name: cs Value: true
.adnxs.com/	1970-01-20 20:04:11	Name: XANDR_PANID Value: ikr-YS8DCz5Wwmx6CDfN6uRFRE1ZsC9my-ihsbuG9f-obLfxp94Y4Cubv3FGjdrmBQWuDf5LC0lyhxl1vyboy1374bvXbn9aC-jBrprDjYg.
.adnxs.com/	1970-01-20 20:04:11	Name: icu Value: ChkIpauEARAKGAEgASgBMMDOwq0GOAFAAUgBEMDOwq0GGAA.
.adnxs.com/	1970-01-21 03:30:35	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:04:11	Name: uuid2 Value: 6862147233850337713
.rubiconproject.com/	1970-01-21 02:40:11	Name: khaos Value: LRRDKY1B-9-JBMN
.rubiconproject.com/	1970-01-21 02:40:11	Name: audit Value: 1\|naVuGyos1qrX6pGiYOES7ObASkO6QPb7E03ikE5KqM24Dm4XiSt9t1oJ7qkquayprqvTVNge/+DlWKBuS6gcmsxuhZpbWKLts7CBygRhFkG+xUA9sgf/4eNEKcfJxgEB
.serverbid.com/	1970-01-20 18:16:11	Name: CONSUMABLEID Value: e03f4c57795e445fbf4c57795ec45fce
.seedtag.com/	1970-01-21 02:40:11	Name: st_uid Value: 2b2f8389-432f-4ed8-971f-a087b477863e
.seedtag.com/	1970-01-20 18:37:47	Name: st_ssp Value: Y291bnRyeV9uYW1lPUdlcm1hbnkmY291bnRyeV9pc28yPURFJmNvdW50cnlfaXNvMz1ERVUmcmVnaW9uX25hbWU9Ti9BJnJlZ2lvbl9pc28yPU4vQSZjaXR5X25hbWU9Ti9BJmxvbmdpdHVkZT05LjQ5MSZsYXRpdHVkZT01MS4yOTkzJnppcD1OL0E=
.openx.net/	1970-01-21 02:40:11	Name: receive-cookie-deprecation Value: 1
.kidzone.ws/	1970-01-21 03:16:11	Name: __gads Value: ID=3fe168ec2ee21116:T=1706075968:RT=1706075968:S=ALNI_MY95kcFeAddKIY9ovyH2MIul5W6SQ
.kidzone.ws/	1970-01-21 03:16:11	Name: __gpi Value: UID=00000d4811c2ef48:T=1706075968:RT=1706075968:S=ALNI_MZGqWObppYdiMAaGRKRXIZLQK29SA
.doubleclick.net/	1970-01-21 03:16:11	Name: IDE Value: AHWqTUmKfA-4C_J5hYwaAEa6F5pZI4edKW0UnQTHaAS7bXxB4fhpQZhvhZbd-B5S
.doubleclick.net/	1970-01-20 17:54:39	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 22:13:47	Name: APC Value: AfxxVi6PJYqxfeSgYpYldxFTizsfjSysoatNn8ATte5fAf1WQB4w2w
.doubleclick.net/	1970-01-20 22:13:47	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 02:40:11	Name: CMID Value: ZbCnQS3NnZIQoSzHeGWuMAAA
.casalemedia.com/	1970-01-20 20:04:11	Name: CMPS Value: 1178
.casalemedia.com/	1970-01-20 20:04:11	Name: CMPRO Value: 1178
.doubleclick.net/	1970-01-20 18:37:47	Name: ar_debug Value: 1
.googleadservices.com/	1970-01-20 20:04:11	Name: ar_debug Value: 1
.revjet.com/	1970-01-21 03:30:35	Name: trx Value: 5111726337002658517
.revjet.com/	1970-01-20 17:56:02	Name: ads Value: b6114212b6fee7e24022ef719865a31c

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://qd.admetricspro.com/js/dltk/kidzonews/kidzonews.PNG Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://cadmus.script.ac/droiw9gfb309t/script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cadmus.script.ac/droiw9gfb309t/script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

756f9db09c03481511c3bfb95532d413.safeframe.googlesyndication.com
a.ad.gt
aax.amazon-adsystem.com
ad.doubleclick.net
ads.revjet.com
ads.servenobid.com
aps.zqtk.net
bcp.crwdcntrl.net
btlr.sharethrough.com
c.amazon-adsystem.com
cadmus.script.ac
cdn.ampproject.org
cdn.hadronid.net
cdn.id5-sync.com
cdn.revjet.com
clients1.google.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
cse.google.com
d15kdpgjg3unno.cloudfront.net
dsum-sec.casalemedia.com
dyv1bugovvq1g.cloudfront.net
e.serverbid.com
fastlane.rubiconproject.com
fundingchoicesmessages.google.com
g2.gumgum.com
googleads.g.doubleclick.net
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
lb.eu-1-id5-sync.com
mp.4dex.io
pagead2.googlesyndication.com
pioeg.admetricspro.workers.dev
pix.revjet.com
prebid.a-mo.net
qd.admetricspro.com
region1.google-analytics.com
rtb.openx.net
s.seedtag.com
script.4dex.io
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sqs.us-east-1.amazonaws.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.kidzone.ws
108.138.6.136
141.95.33.120
142.250.184.198
142.250.185.98
145.40.97.67
159.89.246.130
162.19.138.117
172.217.18.2
172.234.63.226
172.64.151.101
18.245.47.29
185.255.84.150
185.64.189.112
185.89.210.141
192.229.233.6
2001:4860:4802:34::36
23.197.10.19
2600:9000:223e:8800:5:82fd:2500:21
2600:9000:2490:8600:11:b309:9100:21
2602:803:c003:200::43
2606:4700:10::6816:3456
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:246e
2606:4700:20::681a:7da
2606:4700:20::ac43:4bf1
2606:4700:3035::6815:815
2606:4700:4400::6812:22b2
2606:4700::6812:1791
2a00:1450:4001:802::2001
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::200e
3.124.236.160
3.236.169.28
34.149.50.64
34.248.25.157
34.254.148.127
34.95.69.49
35.186.253.211
46.228.174.115
52.202.222.143
52.28.111.100
54.220.173.30
65.21.73.144
65.21.74.17
65.9.66.122
99.86.4.128
03945ce270fb1b8d694c3eebfe0f235fb54929973283c38c0e3e6c75127061ea
03f82124e300402974f488e8e50793fb936ef5af2d4d8c5754bac9c66efcff9c
04033d90f4bdf82da959eb06bf6b661a6a4d37116c3c00203b7caaa330af5f19
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
062e7c29b1c3e36f8684e7e298346efe23cd760daf282103361b0645d843c686
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08ba1bc4572896daaed56d83ddd0b594e8df6b3c25cf2ec0c19ce91e74e7a7c7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d17060a53811fb98019da6d5f421f31d886761fd5dec919860c021fc524a91d
0e23ed775d17391189fc1f220c81ad348e12aa6519ecc8d64e2a8dfe7463f3cb
169529907d652354d453a5776f9ff2d5dc2e215c2e62d10574a2a6cd8e5bbcc5
175f275fb5d1206f28bfe458641c6af0342a90768b98d27e57dd78c817fe2d8d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea
1b65a5b52b5fae8acdc3018a7360041abae052ec4e774c21faf1c951df17e0ba
1e763596a911e486194fd88a083f0d79771db6bb38b074d697014d48ad285fc4
1effcae44ab3db3c4e0f3b4aadd0c5a6f9a86cf56307cc4a678ac27149de0e32
1f861206367a891dfe39e5017d0311033a53e81a54190fa4b814fe4562e23959
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
21e2cc1be6bb33e75287ef99dd7ba094e114326e221a1550b9f9e21de7a1b51c
220d8a363c39549f7f1cc14951656f10e7f5b39248329b8e10380d39336e81c4
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
2c09d54be1a117169c86e57c08f20669e52b10d29502b697baea2f66b34d0628
2c97071829a6cd3bd0e53ec91fbaaa47e0fccfc9a51c42f1fadf4fffba44bbae
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36701f8f81a61c5a1d7594b914a50445c428bf698d6939bb6dd4258a10da8340
36726fd194e9e08908bb49a382c3fe0b70ee41d480b09869b5aa70c81fcabe7f
36df88557f5d9520a8518f1c63c31203a81e8ca3936296cd7fedce2da7fb622c
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3ecf69d4bb63f64933b56d4b91d3689328b5af2e1807633838e021eb3640d732
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47ce70ec38840c3c32ddabe877bc9c6f25bcde77bf60e908e9d85452a71e0d59
489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
4cbbe332bfbcaa28152a8fc1dcd07def4cfd24546e0b4a945a8c271cd12ee7af
4d38d9a765faf30508296067c4adecebc5bb4a27d33fed308c9ae7c5c32db501
4fc13ea1b9ff9c460e1d7dc20baa5ff8ede845ef71d578d6e9b301461634f62c
50200e9b822674ca4901570d058b6f561e11384c6db21caabb08091db0716e30
541a10313a284d9af521bb399638b524e999ce5b526c49c1dcd6c87234e1b815
541e5c9e1567f18530f68547e6ca2fc20ccd40fde8295735412280efdcdfe36c
5463cf0ce885fcb37fe5eeb8c681e98cbc32037ae6ca8ac77981cb6fba936c6d
55733d9589a6ea633938da567db8b93765d2b6d3712c0eee49898800adf38b96
557483f98776152fe2d727277678f4866f4443275934e1e5a823f9e76d34568e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907
5a1ddbeff783a01f29d36d8bb187a62d9cc8fffe95616aba3cd5fc080b9e16d2
5dd0b5724f4bbac4bd58de274236fce36135ce302364b3b8ff5c4c3631e81139
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
5ef624ec962415bd378947e5207227907e499957a465bcf20238dc938a7dbfb0
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621d1b171198b30cf23a68bd5922bb3d5c43f13b11516f5999b91c658b5242e6
62b6106ba3af5a6c9e03fd5d0c63e4e6d9bf6ec41955bde231d2fc8deffcab83
63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c
643fe707091c6e32630daf29adabf146aea6096d30af0367bcddbe54c19bcad0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35
6e874111442f36d488f5e4a7f742391a8c02b70c60b333454fe4f85a3b26e3d5
70c4c9dd667ea62165fe414e2124a895e603959ec092c8449a905f8868edc2dc
71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7
7480825cf5281968220fea903a1cbb33e86c6199a331db8edbbc631e20e337a2
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
788e6828b23a08ec04852ef2c16ba4018ac8f69bfc79fca61c3212f691bf3500
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8255e80b696005d079a94698e1574531069e9400ff3be2bb490fbdeb93f9e13e
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
88845a44b108257cbf4912a894c0367c78b5bdc4f73c370eb323cd8b69c29ebc
88c5cf2ee5188fb5284ca2a83dca36eca518f046a1f596df4a34b07ec82dffaf
8a90077950eaf8b209bcc2219fa2cd0a1e487cae8d896087e57d367d7f084f66
8b50308a5957ac4730cff6fe3432e3cc81ec49998f1eefb6350724d93256e47a
8e2d0757d68784a1c239d207c30e32e3a957e03a496fccbe88524bf819f4af16
8e68f72c3839197d98c467d00b210f829ea647e3bcbe89cd845b6ce188d6c98a
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f6bca96a5bb70c9c153d9f95f8a09a4a0282d2400b317b76fb87579989a8444
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
94c0a9e43d8e542853f0f03a4ceb5db895da42d3a410c40e1e2fc6edaa4ba1c6
953950792fdff6cb144dd1220a26088651920a98b80da68d6da586696a919b1a
95429c456234b1c74b76fc75564477230ce71dab972b2afdc8ae44d9e47dd58f
96fe096e13a57e700af2ea95d16a12cc4b2f3b8323b9bbe4d678bd4226563633
97bed60026a9378846d17e24e634dfcdf45675df29f636c46ab62ca9ee222583
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
a3786be01da3840f7e0c0cbfd86422a39b412e3a0d64dfead1d552d6fd735a2e
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b177a596c3ba4bf06b89bcc9fd36e95565b021ab5303e7242fe839f385ccea66
b6327d72319b4e014f40c9cc659185d33b33cce96fa3105772d511046a77d9f0
b6b475b855e98e05f4e4edae4e53194d942e7b9c5ba6e9d57d8d6d52da9e62b3
b6f357810e9cd8f0aeca7b0cd526dc72d9230dce6958843f80bf104f940b5626
b90b1fee0a4b924722edb679b2595dcc2c04aee52716a6634b69110a885a2e9b
bb8650c2e37ad327c7e50448cbbc76e5f7448f3a93cdbfc5a95e1cc11abd5c7c
bc9bb74529868b0dc9267a496754e41a5d5fb27a0840d25f58b10ae1f4d8b1af
bd362f4e6ebce8ac52397d018782ec0dd387292b6edd2d33809f0eec847ad114
bde2e1b1e18a2740bc0d08c93b751fb88d40ea5f17eed640c32826d52aec86c2
c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966
c595022f30803570977c41184644cbc4240cc294a0099fff01b1f2b400cbb940
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c01ca16864ef0d2ab6d6848f2204df3fcf3f6d0a3220a235b649973b1e18eb
d134116b740e3fdd14660aa2e61177111764a323bb95743f771d1f5f0d323712
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d1cda6efcb70313a952e7b5c8bb38ad3103f2af4b748d772fd95ee890941a40f
d2434e520a24d2e3f4f5f20bc65dbb8d7b10c04aa9d69178fde1ad75cacdbe6e
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5b4d6470b4e8abcf55fdea3146602ac7e64b62501804279c4a5aa1d275318de
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
d79a688e4e23466eeee3ab0d7d3a99a0588b1aa1c7ae0f4fedfbd498c9022eb4
d7abfa74a7c6ed1ad0ac9df59a743fa1e0db37e256889432ced1f4bdd65cbabd
d882dff85edd5e0121959274acf5b8c5ffb6f5526b0bf2842982e2e17fbd3198
dbd7a13ddf148ef8b0a48ff9a29c6aabad10d733d983ed62e4cad1f42b8612da
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0b84c9c86ff8c6282031b41e5ca2526e45e5e9c1a3956579f5320c25fb40360
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5867ad740bc719bf1309b5f65537b7ba69f2cba5e9a193679859542d1bc7f95
e7d64bd996c62d588b3ce780deef93cc5e1f4d04adac53d209d5b963c06d9d41
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5
ee8872bee3e4bf937079e4a9da69d9e7ce338fce9a6f1632ef74dbf960bbca82
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f43fa0c6fbe53e743cc30977c6c79562747170917001cb8c229df3101ebaba9b
f54c4e86fcfaf678b20c188f4588f4b33ed64aa53ee46a811ffdce2b03838be7
f54e3295a1aff669a8dc08d278d188ced5e2af185b8e8b29640f2e39735c07d2
f5937f198f3aec205d2638dddefb394b0b1616ae6b5a5a2f58e15a54cb831789
fc8deae28b64ae4499971481a402af6c85873da8a14f86b1d0eb45d0cc860763
fdfd503bab479a9c976ec7ee8e2203fdc889d8f7cf6e6cc0572e309a323a4036
fe14d3d4eda7ba4fcce0e08f6d0580807a216f76038e4c231708aad0472748dc
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

www.kidzone.ws Open in urlscan Pro 52.202.222.143 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

195 Requests

97 %HTTPS

46 %IPv6

39 Domains

58 Subdomains

58 IPs

7 Countries

3580 kBTransfer

8773 kBSize

35 Cookies

22 Outgoing links

Page URL History

Redirected requests

195 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kidzone.ws Open in urlscan Pro
52.202.222.143 Public Scan

Screenshot
Live screenshot

Full Image

195
Requests

97 %
HTTPS

46 %
IPv6

39
Domains

58
Subdomains

58
IPs

7
Countries

3580 kB
Transfer

8773 kB
Size

35
Cookies

195 HTTP transactions
5 data transactions